Transferring Files with Code
Last updated
Last updated
It's common to find different programming languages installed on the machines we are targeting. Programming languages such as Python, PHP, Perl, and Ruby are commonly available in Linux distributions but can also be installed on Windows, although this is far less common.
We can use some Windows default applications, such as cscript and mshta, to execute JavaScript or VBScript code. JavaScript can also run on Linux hosts.
According to Wikipedia, there are around , and we can create code in any programing language, to download, upload or execute instructions to the OS. This section will provide a few examples using common programming languages.
Python can run one-liners from an operating system command line using the option -c. Let's see some examples:
If we want to upload a file, we need to understand the functions in a particular programming language to perform the upload operation. The Python3 allows you to send HTTP requests (GET, POST, PUT, etc.) using Python. We can use the following code if we want to upload a file to our Python3 .
Let's divide this one-liner into multiple lines to understand each piece better.
We can do the same with any other programming language. A good practice is picking one and trying to build an upload program.
We can also send the downloaded content to a pipe instead, similar to the fileless example we executed in the previous section using cURL and wget.
The URL can be used as a filename with the @file function if the fopen wrappers have been enabled.
Ruby and Perl are other popular languages that can also be used to transfer files. These two programming languages also support running one-liners from an operating system command line using the option -e.
We can use the following command from a Windows command prompt or PowerShell terminal to execute our JavaScript code and download a file.
We can use the following command from a Windows command prompt or PowerShell terminal to execute our VBScript code and download a file.
In the following example, we will use the PHP to download content from a website combined with the to save the file into a directory. PHP can be used to run one-liners from an operating system command line using the option -r.
An alternative to file_get_contents() and file_put_contents() is the . We can use this module to open a URL, read it's content and save it into a file.
The following JavaScript code is based on post, and we can download a file using it. We'll create a file called wget.js and save the following content:
("Microsoft Visual Basic Scripting Edition") is an Active Scripting language developed by Microsoft that is modeled on Visual Basic. VBScript has been installed by default in every desktop release of Microsoft Windows since Windows 98.
The following VBScript example can be used based on . We'll create a file called wget.vbs and save the following content: