Trix' with Linux 0x02 - Sharing files like a Boss!

networking
linux
cli
netcat

(Command-Line Ninja) #1

Welcome back my trainee command-line ninjas!

In this guide we will be covering some basic concepts and tricks to sending files to computers in the Linux shell. This can be extremely useful when you’re trying to share a backdoored executable to a machine on the same network, but don’t want to have the hassle of uploading to Dropbox, or Google Drive, or any other file sharing site when all you have is a shell. This puzzled me for a long time until I found a few simple ways of sharing files.

Key:

In these examples I will use some things as placeholders, these things will change depending on your use case

  • file.tar.gz - this is the file I will be sharing, this can be anything.
  • 192.168.1.2 - This is the server (sending machine IP)
  • 2020 - this is the port I am sharing the data over.

Method 1 - Using netcat

This method uses data redirection and pipes to transfer data. Both devices must be on the same LAN, technically this can work across the internet, but really isn’t worth it in this instance (unless its a VPS).

On the sending machine (or the server) you just need to locate the file and be in the same working directory, and then execute:

cat file.tar.gz | nc -l -p 2020

You can use any file within reason, and any port number above 1024 (without root privledges), you must also make sure that the port is open on the server machine, by default without a firewall it should be open, although if you have a UFW firewall you can run ufw allow 2020, and if you’re using an IPTables firewall, you can run iptables -A INPUT -p tcp --dport 2020 -j ACCEPT.

Now on the receiving machine, you just need to run

nc 192.168.1.2 2020 > file.tar.gz

You can find the IP address of your sending (server) machine by running ifconfig on the sending (server) machine.

This is all fine and dandy, and will work, but how the hell do I know the progress? You can easily impliment a pv into this pipe, and use it to report the progress. You will usually need to install pv. (Infomation on installing packages can be found here)

Simply run:

pv file.tar.gz | nc -l -p 2020 

This will present you with a progress bar and ETA as well as the rate of transfer.

Method 2 - Using Python

So now you’re thinking ‘Well that’s pretty awesome! But what if the client machine isn’t a Linux box with a shell?’

Do not fear, for Python is here

This example is just as cool, although does require you have python installed on the sending machine/server. Firstly, you need to determine what version of Python you have installed with:

python --version

Now this will either reply:
Python 2.x.x

or

Python 3.x.x

This is very important because if you don’t run the right command, it won’t work at all. Now, navigate to the directory where you file is and…

Python2

python -m SimpleHTTPServer

Python3

python -m http.server

This will reply with Serving HTTP on 0.0.0.0 port 8000 ...

Now on your client (recieving) machine, you just need to navigate in a browser to 192.168.1.2:8000/file.tar.gz, and it will begin downloading. Another way you can do this is by using wget, you can run

wget "http://192.168.1.2:8000/file.tar.gz"

So I hope you enjoyed this article! Stay tuned for the next installment of Trix’ with Linux!

pry0cc


(pico) #2

Using nc and bash

cat file | nc -l 8000
exec 5<> /dev/tcp/localhost/8000; cat 0<&5 > file.txt

Also try woof

But I always use the python way :smile:

Great and useful share BTW!


#3

I personally use Syncthing and Nginx for this purpose :slight_smile:


Create your own Python server (for beginners)
(Command-Line Ninja) #4

Nice! That’s an idea! I did something similar with nginx, scp and a bash script.


(Command-Line Ninja) #5

I’ve actually figured out a new way. Which is insanely cool.

cat file.scaryextension | gzip | base64 | nc termbin.com 9999
curl http://termbin.com/url | base64 -d | gzip -d > file.scaryextension

Actually using this method means, any place that will store text, will store full on files indirectly through base64, This means even your bio on your 0x00sec profile can potentially store files xD


#6

Not sure, but can I do this with non-text files as well? Executables?


(Command-Line Ninja) #7

Yep! As long as you can decode it as well, you’re sorted. Any binary encoded with Base64 can be uploaded to pastebins.


(oaktree) #8

I’m a wget person. Is that bad?


(Command-Line Ninja) #9

Not at all. I generally use curl because it automatically prints the output to stdout. With wget you need a few flags. Plus curl is normally installed by default on most machines


(oaktree) #10

I’ll start using curl, then!


#11

With curl you need a few flags.

With wget, right?


(oaktree) #12

I think that is what @pry0cc meant, yes.


(Command-Line Ninja) #13

Whoops. Thanks xD I was in a rush when I made that comment.


(Command-Line Ninja) #14

This topic was automatically closed after 30 days. New replies are no longer allowed.