# Powershell Session File Transfer ### ⚑ PowerShell Remoting File Transfers – When HTTP/SMB Aren’t Available Need to move files but **HTTP, HTTPS, or SMB are blocked**? 😱\ No worries β€” **PowerShell Remoting (WinRM)** has your back! πŸ›‘οΈ With **PowerShell sessions**, you can **send and receive files** from remote systems using built-in cmdlets like `Copy-Item`. πŸ§³πŸ“ *** #### 🧠 What is PowerShell Remoting? PowerShell Remoting allows you to: * Run commands/scripts **on remote systems** * Transfer files between **your machine and the remote** * Use **sessions** for persistent connections It works over: * πŸ“‘ HTTP (port 5985) * πŸ” HTTPS (port 5986) By default, enabling PowerShell Remoting creates listeners on both! *** ### Step 1: Confirm Who You Are & Where You Are ```powershell PS C:\htb> whoami htb\administrator PS C:\htb> hostname DC01 ``` You're logged in as `Administrator` on **DC01** βœ… *** ### Step 2: Confirm Remote Host is Reachable (WinRM Port 5985) ```powershell Test-NetConnection -ComputerName DATABASE01 -Port 5985 ``` πŸ“Œ Output: ``` ComputerName : DATABASE01 RemoteAddress : 192.168.1.101 RemotePort : 5985 TcpTestSucceeded : True ``` βœ… We can connect β€” WinRM is open and listening! *** ### Step 3: Create a Remote PowerShell Session ```powershell $Session = New-PSSession -ComputerName DATABASE01 ``` πŸ“Œ If you're already `Administrator` on the remote machine, no credentials needed! *** ### Step 4: Transfer File FROM Local ➑️ Remote {% code overflow="wrap" %} ```powershell Copy-Item -Path C:\samplefile.txt -ToSession $Session -Destination C:\Users\Administrator\Desktop\ ``` {% endcode %} πŸ“ This copies `samplefile.txt` from **DC01** to **DATABASE01**. *** ### Step 5: Transfer File FROM Remote ➑️ Local {% code overflow="wrap" %} ```powershell Copy-Item -Path "C:\Users\Administrator\Desktop\DATABASE.txt" -Destination C:\ -FromSession $Session ``` {% endcode %} πŸ“ This pulls `DATABASE.txt` from **DATABASE01** and saves it to `C:\` on **DC01**. *** ### Optional Cleanup: Close the Session ```powershell Remove-PSSession $Session ``` πŸ’‘ Always good practice to close what you open. πŸ” ***