Several methods is described here, on how to transfer files between Windows system as victim and attack box.

Start HTTP Server on Attack box

Start HTTP Server vi Py module

Start FTP Server on Attack box
Start FTP via PyFTP Lib

Start SMB Server on Attack box
Start SMB Service via Impacket From Impacket modules:

https://github.com/CoreSecurity/impacket

To launch a simple SMB server on port 445, just specify a share name and the path you want to share:

The python script takes care of all the configurations for you, binds to 445, and accepts any authentication. It will even print out the hashed challenge responses for any system that connects to it.

certutil

expand

Start SMB share on Kali via Impacket python :

From victim run :

Note. low priv user typically has write access to C:\Windows\Tasks or Temp.

extrac32

Powershell

Powershell Download and Execute

Base64

Examples.

md5 check file integrity after transfer.

md5sum /bin/nc

7a32c9739cc63ed983ae01af2577c01c /bin/nc

chmod +x nc

7a32c9739cc63ed983ae01af2577c01c nc

 

Check https://lolbas-project.github.io/for legitimate native windows binaries that be exploited by attacker to bypass local security restrictions.

 

Transfer files – Windows