51 Security

Learning, Sharing, Creating

Docker

[5 Mins Docker] Transfer Any Files Out from Command Line – Create Your Own Safe and Fast Temporary Transfer Site

ByJonny

Dec 6, 2023

Have you met this issue? You are in a production environment with Internet connection, but you are not able to pull the logs or captured packets out from a hardened server for troubleshooting purpose. 

Here is a website which can help you in this situation. You do not have to open firewall to allow sftp connection to grab the files, or turn on a web service to give yourself a link to download them. As long as your servers can reach out to internet, you will be able safely to transfer your files out.

Transfer.sh is this kind of website which can give you a simple, easy and fast service for file sharing from the command-line. It is free and allows you to upload up to 10GB of data and files are stored for 14 days.

Features

  • Made for use with shell
  • Share files with a URL
  • Upload up to 10 GB
  • Files stored for 14 days
  • For free
  • Encrypt your files
  • Maximize amount of downloads
  • Self hosting using docker
  • Support popular cloud storages such as AWS S3, Google Drive, etc
  • More on Github site

Steps to Use Transfer.sh

There are quite a lot of use cases, which are listing at transfer.sh websites. You can upload multiple files and encrypt it, you can use wget to upload, and you also can use it from Windows PowerShell. 
In this section, I am gonna listing the steps for a simple use case, which is to just upload one file from your linux server with default settings. 

1 Log into Linux system

2 Upload a file

Upload a single file with default settings

curl -v --upload-file ./hello.txt https://transfer.sh/hello.txt

[node1] (local) [email protected] ~
$ curl -v –upload-file /docker.log https://transfer.sh/hello.txt
*   Trying 144.76.136.153:443…
* Connected to transfer.sh (144.76.136.153) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=transfer.sh
*  start date: Aug 14 19:42:51 2023 GMT
*  expire date: Nov 12 19:42:50 2023 GMT
*  subjectAltName: host “transfer.sh” matched cert’s “transfer.sh”
*  issuer: C=US; O=Let’s Encrypt; CN=R3
*  SSL certificate verify ok.
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* using HTTP/2
* h2 [:method: PUT]
* h2 [:scheme: https]
* h2 [:authority: transfer.sh]
* h2 [:path: /hello.txt]
* h2 [user-agent: curl/8.1.2]
* h2 [accept: */*]
* h2 [content-length: 34559]
* Using Stream ID: 1 (easy handle 0x7fd872c60080)
> PUT /hello.txt HTTP/2
> Host: transfer.sh
> User-Agent: curl/8.1.2
> Accept: */*
> Content-Length: 34559

* We are completely uploaded and fine
< HTTP/2 200 
< content-type: text/plain
< server: Transfer.sh HTTP Server
< x-made-with: <3 by DutchCoders
< x-served-by: Proudly served by DutchCoders
< x-url-delete: https://transfer.sh/xVaLXBfwcD/hello.txt/wx9PGrancWLzyeSV55EU
< content-length: 40
< date: Sun, 08 Oct 2023 15:55:01 GMT

* Connection #0 to host transfer.sh left intact
https://transfer.sh/xVaLXBfwcD/hello.txt[node1] (local) [email protected] ~

3 Open the URL from any browser to fetch the file

Steps to Use Self Hosted Docker

For easy deployment, transfer.sh author has created an official Docker container. Here are steps we can follow to get docker running in 1 minute. 

1 Spin Up the docker

There are two variants, differing only by which user runs the process.

The default one will run as root:

docker run --publish 8080:8080 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/

The one tagged with the suffix -noroot will use 5000 as both UID and GID:

docker run --publish 8080:8080 dutchcoders/transfer.sh:latest-noroot --provider local -

[node1] (local) [email protected] ~
$ pwd
/root
[node1] (local) [email protected] ~
$ docker run –publish 8080:8080 dutchcoders/transfer.sh:latest –provider local –basedir /tmp/
Unable to find image ‘dutchcoders/transfer.sh:latest’ locally
latest: Pulling from dutchcoders/transfer.sh
965ff63f17ca: Pull complete 
2003c3ea71dd: Pull complete 
3e870397f07a: Pull complete 
03e0e103d570: Pull complete 
83932710a96e: Pull complete 
Digest: sha256:912bae1a777722eaae79c305cabcc471b5bfce1f6cba323d086fb9b333170d99
Status: Downloaded newer image for dutchcoders/transfer.sh:latest
[transfer.sh]2023/10/08 15:19:45 Transfer.sh server started.
using temp folder: /tmp/
using storage provider: local
[transfer.sh]2023/10/08 15:19:45 starting to listen on: :8080
[transfer.sh]2023/10/08 15:19:45 —————————
[transfer.sh]2023/10/08 15:19:48 172.18.0.1:61623 – – [2023-10-08T15:19:48Z] “GET / HTTP/1.1” 200  “” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36”


2 Transfer files

curl -v --upload-file ./hello.txt https://transfer.sh/hello.txt
[node1] (local) [email protected] ~
curl -v –upload-file /docker.log https://transfer.sh/hello.txt
*   Trying 144.76.136.153:443…
* Connected to transfer.sh (144.76.136.153) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=transfer.sh
*  start date: Aug 14 19:42:51 2023 GMT
*  expire date: Nov 12 19:42:50 2023 GMT
*  subjectAltName: host “transfer.sh” matched cert’s “transfer.sh”
*  issuer: C=US; O=Let’s Encrypt; CN=R3
*  SSL certificate verify ok.
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* using HTTP/2
* h2 [:method: PUT]
* h2 [:scheme: https]
* h2 [:authority: transfer.sh]
* h2 [:path: /hello.txt]
* h2 [user-agent: curl/8.1.2]
* h2 [accept: */*]
* h2 [content-length: 34559]
* Using Stream ID: 1 (easy handle 0x7fd872c60080)
> PUT /hello.txt HTTP/2
> Host: transfer.sh
> User-Agent: curl/8.1.2
> Accept: */*
> Content-Length: 34559

* We are completely uploaded and fine
< HTTP/2 200 
< content-type: text/plain
< server: Transfer.sh HTTP Server
< x-made-with: <3 by DutchCoders
< x-served-by: Proudly served by DutchCoders
< x-url-delete: https://transfer.sh/xVaLXBfwcD/hello.txt/wx9PGrancWLzyeSV55EU
< content-length: 40
< date: Sun, 08 Oct 2023 15:55:01 GMT

* Connection #0 to host transfer.sh left intact
https://transfer.sh/xVaLXBfwcD/hello.txt[node1] (local) [email protected] ~


3 Fetch the file from any browser by access the url generated from step 2

Troublehooting

Error message: Wrong Version Number

It is caused by TLSv1.3 certificate . Transfer.sh service will require TLSv1.3, but the Play-with-docker provides only OpenSSL/3.1.1. To resolve this issue, we can remove https from the url.
[node2] (local) [email protected] /
$ curl -v --upload-file docker.log https://ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com/docker.log
*   Trying 40.76.55.146:443...
* Connected to ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com (40.76.55.146) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* OpenSSL/3.1.1: error:0A00010B:SSL routines::wrong version number
* Closing connection 0
curl: (35) OpenSSL/3.1.1: error:0A00010B:SSL routines::wrong version number
[node2] (local) [email protected] /

After removed https, we have http connection from command line to our Docker. All packets will be transfered in clear text format.

[node2] (local) [email protected] /
$ curl -v –upload-file docker.log ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com/docker.log
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 –:–:– –:–:– –:–:–     0*   Trying 40.76.55.146:80…
* Connected to ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com (40.76.55.146) port 80 (#0)
> PUT /docker.log HTTP/1.1
> Host: ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com
> User-Agent: curl/8.1.2
> Accept: */*
> Content-Length: 34560

} [34560 bytes data]
* We are completely uploaded and fine
< HTTP/1.1 200 OK
< Content-Type: text/plain
< Server: Transfer.sh HTTP Server
< X-Made-With: <3 by DutchCoders
< X-Served-By: Proudly served by DutchCoders
< X-Url-Delete: http://ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com/QwR2c1UDRs/docker.log/Q8DwSFS1yrr7GVoVQOOV
< Date: Sun, 08 Oct 2023 16:39:48 GMT
< Content-Length: 101

{ [101 bytes data]
100 34661  100   101  100 34560   2543   849k –:–:– –:–:– –:–:–  890k
* Connection #0 to host ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com left intact
http://ip172-18-0-88-ckhdj44snmng00biqpe0-8080.direct.labs.play-with-docker.com/QwR2c1UDRs/docker.log[node2] (local) [email protected] /



Videos

 

By Jonny

Related Post

Azure Docker

[5 Mins Docker] Deploy Azure Naming Tool into Koyeb for Free

Feb 28, 2024 netsec
Docker

[5 Mins Docker] Create Your Own 80s-90s DOS Gaming Website (1898 Games)

Feb 28, 2024 netsec
Docker

[5 Mins Docker] Create Your Own Image Hosting Site Using GitHub Project Picsur

Dec 6, 2023 Jonny

Leave a Reply