1
00:00:00,090 --> 00:00:05,280
So let's briefly go over file transfers and what we've seen in the course and just talk about a couple

2
00:00:05,280 --> 00:00:09,810
of things that we might not have done but we should still be familiar with.

3
00:00:09,990 --> 00:00:19,320
So we as an attacker we usually will host a file in the typical way that we like to host files is with

4
00:00:19,320 --> 00:00:20,280
Python.

5
00:00:20,310 --> 00:00:28,150
So here in the GDP we've got Python dash and the simple HP server on port 80 and we can get that via

6
00:00:28,200 --> 00:00:30,330
Windows in quite a few different ways.

7
00:00:30,330 --> 00:00:30,660
Right.

8
00:00:30,660 --> 00:00:36,690
We can say search you till your cash and then the file and grab the file and this is actually a space

9
00:00:36,690 --> 00:00:42,870
here in between and we could say we have already P access to the machine and we just want to grab the

10
00:00:42,870 --> 00:00:48,300
file easily we could just navigate to the address where the file is being hosted and grab it off the

11
00:00:48,300 --> 00:00:55,410
Web site as well and say for some reason that we can't use certain until maybe search you tell is blocked

12
00:00:55,440 --> 00:01:00,090
maybe you're you're getting blocked by Windows Defender or something and it's suspicious.

13
00:01:00,090 --> 00:01:01,890
Well guess what.

14
00:01:01,890 --> 00:01:06,180
Both Linux and Windows have FTB features right.

15
00:01:06,180 --> 00:01:14,550
So we can use Windows FTB and host up FTB on our attacker machine so we can say python module of Pi

16
00:01:14,570 --> 00:01:22,260
f TPD live on port twenty one and then from the windows machine we'll just say f G P to the attacker

17
00:01:22,290 --> 00:01:26,090
IP address and we can grab files that way as well.

18
00:01:26,310 --> 00:01:31,680
We can grab files on Linux with W get as you should be familiar with by now.

19
00:01:31,800 --> 00:01:38,610
And last mention honorable mention that's not even on this list is Metis blight Meadows boy has the

20
00:01:38,640 --> 00:01:44,190
upload download feature so if you have a mature operator shell it's very easy to upload or download

21
00:01:44,220 --> 00:01:45,300
a file.

22
00:01:45,300 --> 00:01:49,740
So this should just be reviewed to you by all the methods that we've gone through especially with the

23
00:01:49,740 --> 00:01:54,770
midcourse Capstone you should've got a feel for all the different ways that you can transfer a file.

24
00:01:54,840 --> 00:01:59,220
So just think of this in post exploitation if there's something that you need to do.

25
00:01:59,340 --> 00:02:05,850
The typical way we're doing it is we're hosting up a file with Python and either on HDP server or the

26
00:02:05,910 --> 00:02:10,710
PI FTB server and then we're going and we're just grabbing it with something like certain till or we're

27
00:02:10,710 --> 00:02:18,810
grabbing it with something like FTB in a brown Linux it's super easy we just use w get OK so keep that

28
00:02:18,810 --> 00:02:19,320
in mind.

29
00:02:19,320 --> 00:02:24,400
And again if you have the Metis boy or mature British shell then you can use the upload download feature.

30
00:02:24,660 --> 00:02:26,100
So that's it for this lesson.

31
00:02:26,100 --> 00:02:31,260
We're gonna go ahead and move on to talk about maintaining access and just talk through some basic strategies

32
00:02:31,260 --> 00:02:31,620
there.