Tranfer files to the target machine is particularly useful when we have already had a reverse shell on Windows. Windows does not have convenient commands to download files such as wget in Linux.
If PHP RFI is available
This module triggers a heap overflow when processing a specially crafted FTP request containing Telnet IAC (0xff) bytes. When constructing the response, the Microsoft IIS FTP Service overflows the heap buffer with 0xff bytes. This issue can be triggered pre-auth and may in fact be exploitable for remote code execution. 220 Microsoft Ftp Service X0d X0a Exploit Microsoft IIS FTPd NLST Remote Buffer Overflow Vulnerability Microsoft IIS is prone to a remote stack-based buffer-overflow vulnerability affecting the application's FTP server. An attacker can exploit this issue to execute arbitrary code within the.
We first encode the file using this online tool https://www.base64encode.org/, and then use PHP base64_decode to decode and write the content into the wanted location:
To Linux machine
Use wget
SSH
To put files to the attacking machine
To get files from the attacking machine
To Windows machine
HTTP Server
FTP Server
To start Python FTP server:
To put/get files:
TFTP Server
To start Kali TFTP server:
To get files (put does not work):
Microsoft Ftp Service Exploit Tool
If tftp is not available:
Microsoft Ftp Service Exploit Tool
SMB Server
To start SMB server:
To put/get files:
References