FILE TRANSFERS POST-EXPLOITATION WITH TFTP
- Layout for this exercise:
1 - Introduction
- One of the most usual problems with post exploitation is the need of uploading files and tools to the target machine.
- For this purpose it is important to use non interactive methods as far as possible, because interactive programs standard outputs are not usually correctly redirected to the shell.
- Trivial File Transfer Protocol (TFTP) is a simple non interactive protocol which allows a client to get a file from or put a file onto a remote host.
- TFTP is a based on UDP and works at the port 69.
https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
2 - Setting up TFTP at Windows
- TFTP is installed by default in Windows XP, but needs to be manually enabled on newer versions of Windows.
- For instance, in the case of Windows 10: Start -> Control Panel -> Programs -> Programs and Features -> Turn Windows features on or off -> TFTP Client:
- Also, the TFTP service can be installed in Windows from the command line, just typing:
3 - Setting TFTP at Kali Linux
- To enable TFTP with Kali Linux it is very convenient to use the Metasploit TFTP auxiliary server.
- Starting Metasploit:
- Using the corresponding module:
c
- Setting /root/tftp folder for holding upload/downloading contents:
- Running the module:
- Let's check that the tftp service is running at port UDP 69:
4 - Transferring files from Windows to Kali Linux
- There is a textfile.txt at Windows that we want to upload to the Kali Linux system:
- put command transfers textfile.txt from Windows to Linux:
- The transfer is successful:
5 - Transferring files from Kali Linux to Windows
- Let's suppose that there is a nc.exe command that we want to transfer to Windows:
- get command transfers nc.exe from Linux to Windows:
- The transfer is successful:
