Welcome back my trainee command-line ninjas!
In this guide we will be covering some basic concepts and tricks to sending files to computers in the Linux shell. This can be extremely useful when you’re trying to share a backdoored executable to a machine on the same network, but don’t want to have the hassle of uploading to Dropbox, or Google Drive, or any other file sharing site when all you have is a shell. This puzzled me for a long time until I found a few simple ways of sharing files.
Key:
In these examples I will use some things as placeholders, these things will change depending on your use case
- file.tar.gz - this is the file I will be sharing, this can be anything.
- 192.168.1.2 - This is the server (sending machine IP)
- 2020 - this is the port I am sharing the data over.
Method 1 - Using netcat
This method uses data redirection and pipes to transfer data. Both devices must be on the same LAN, technically this can work across the internet, but really isn’t worth it in this instance (unless its a VPS).
On the sending machine (or the server) you just need to locate the file and be in the same working directory, and then execute:
cat file.tar.gz | nc -l -p 2020
You can use any file within reason, and any port number above 1024 (without root privledges), you must also make sure that the port is open on the server machine, by default without a firewall it should be open, although if you have a UFW firewall you can run ufw allow 2020, and if you’re using an IPTables firewall, you can run iptables -A INPUT -p tcp --dport 2020 -j ACCEPT.
Now on the receiving machine, you just need to run
nc 192.168.1.2 2020 > file.tar.gz
You can find the IP address of your sending (server) machine by running ifconfig on the sending (server) machine.
This is all fine and dandy, and will work, but how the hell do I know the progress? You can easily impliment a pv into this pipe, and use it to report the progress. You will usually need to install pv. (Infomation on installing packages can be found here)
Simply run:
pv file.tar.gz | nc -l -p 2020
This will present you with a progress bar and ETA as well as the rate of transfer.
Method 2 - Using Python
So now you’re thinking ‘Well that’s pretty awesome! But what if the client machine isn’t a Linux box with a shell?’
Do not fear, for Python is here
This example is just as cool, although does require you have python installed on the sending machine/server. Firstly, you need to determine what version of Python you have installed with:
python --version
Now this will either reply:
Python 2.x.x
or
Python 3.x.x
This is very important because if you don’t run the right command, it won’t work at all. Now, navigate to the directory where you file is and…
Python2
python -m SimpleHTTPServer
Python3
python -m http.server
This will reply with Serving HTTP on 0.0.0.0 port 8000 ...
Now on your client (recieving) machine, you just need to navigate in a browser to 192.168.1.2:8000/file.tar.gz, and it will begin downloading. Another way you can do this is by using wget, you can run
wget "http://192.168.1.2:8000/file.tar.gz"
So I hope you enjoyed this article! Stay tuned for the next installment of Trix’ with Linux!
pry0cc
