I’m sharing this script because I found it incredibly useful, and I hope many of you will too. Feel free to share any improvements or suggestions. Happy Hacking!
When I was perfoming a penetration test, I needed to host HTML files because the default Python server was downloading the files instead of rendering them. Additionally, the URLs couldn't contain dots. To solve this, I created a simple script to redirect users to specific HTML pages.
As shown in the image below, you can define routes. For example, if the user navigates to localhost/about
, they will be redirected to localhost/about.html
. This allows you to use clean URLs while still pointing to the desired HTML files.
![Defined-routes-example](https://private-user-images.githubusercontent.com/15943431/352104527-afab892a-b772-4f14-a81c-c8b41ef24876.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3Mzg3OTUyNDcsIm5iZiI6MTczODc5NDk0NywicGF0aCI6Ii8xNTk0MzQzMS8zNTIxMDQ1MjctYWZhYjg5MmEtYjc3Mi00ZjE0LWE4MWMtYzhiNDFlZjI0ODc2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTAyMDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwMjA1VDIyMzU0N1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPThjNDIzZjkwOTUyYjI5MjdkMTc2YzE1MDZlNDgzZjgxYzRmMzkzYWFiM2I2YmU4YzE1Y2Q3NWZkMWFmODZjYWMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.vIwn0Z-VzpFoR3nXhZmL06SnjacXVT1Posya8S30z7U)
In the image below, you'll notice that the user received a 200
status code despite visiting /about
instead of /about.html
. This is because the user got redirected.
![Defined-routes-example2](https://private-user-images.githubusercontent.com/15943431/354340240-82d52bd5-6b41-4248-af95-df65aa73f4db.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3Mzg3OTUyNDcsIm5iZiI6MTczODc5NDk0NywicGF0aCI6Ii8xNTk0MzQzMS8zNTQzNDAyNDAtODJkNTJiZDUtNmI0MS00MjQ4LWFmOTUtZGY2NWFhNzNmNGRiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTAyMDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwMjA1VDIyMzU0N1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTMxMTExNDRkZWFkZTg5ZDMxNTM5MzliYzMyNmEyMjc2NjE0ZDI1N2YzM2VhMWVjYWQyMDgyNGY5MDE5MzM5ZTAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.o0LorTmBAgCPAll-jjSCH1TQmkrbY0TRUMijG7rmAxQ)
You can run the server with HTTPS, by using a self-signed certificate:
![78e0f69ba4ab9414512e6c6909c92865.png](https://private-user-images.githubusercontent.com/15943431/354340457-d61939aa-a1dc-4bcf-bc1c-60952c026b27.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3Mzg3OTUyNDcsIm5iZiI6MTczODc5NDk0NywicGF0aCI6Ii8xNTk0MzQzMS8zNTQzNDA0NTctZDYxOTM5YWEtYTFkYy00YmNmLWJjMWMtNjA5NTJjMDI2YjI3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTAyMDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwMjA1VDIyMzU0N1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTIzZGNiODRmZjE3NDEzNTQxOGY0NDgyY2YwOTQ0NzBiZmMxZGY0MTQ4MmU5NDU1MjI3NTQzN2E4OTk3MzgzZWImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.PssilDRq3RZFNiyaZKY_neILM-a9L05CMyun9jfVVqw)
Note: In the images above, I'm running a bash file named httpserver
that runs httpserver_plus.py
. This is the bash file contents:
python3 /path/to/python/script/httpserver_plus.py $@
usage: httpserver-plus.py [-h] [-p PORT] [-d DIRECTORY] [-sc [SSL_CERTIFICATE]] [-sk [SSL_KEY]]
An improved version of Pythons http.server, created for redirection purposes.
Rerout Example: localhost/about -> localhost/about.html
options:
-h, --help show this help message and exit
-p PORT, --port PORT Specify Port to use.
-d DIRECTORY, --directory DIRECTORY
Specify directory where .html pages are stored.
-sc [SSL_CERTIFICATE], --ssl-certificate [SSL_CERTIFICATE]
Specify the path to SSL's .cert file, to use HTTPS.
-sk [SSL_KEY], --ssl-key [SSL_KEY]
Specify the path to SSL's .key file, to use HTTPS.
[HTTP Usage Example]
sudo python3 httpserver_plus.py -p <PORT> -d <path-to-directory-with-html-files>
[HTTPS Usage Example]
1. Generate a self-signed SSL Certificate.
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out public.crt -keyout private.key
2. Run the script with -sc and -sk flags.
sudo python3 httpserver_plus.py -p <PORT> -d "<path-to-directory-with-html-files>" -sc "<path-to-server.crt-file>" -sk "<path-to-server.key-file>"