原文地址:[url]http://pen-testing.sans.org/blog/pen-testing/2014/12/10/awkward-binary-file-transfers-with-cut-and-paste[/url]
[b]Step 1 压缩源文件[/b]
[quote]
[color=blue]root@kali:~# gzip /bin/nc.traditional[/color]
[color=blue]root@kali:~# ls -l /bin/nc.traditional.gz[/color]
-rwxr-xr-x 1 root root 11197 Jun 12 2012 /bin/nc.traditional.gz
[/quote]
[b]Step 2 安装Sharutils和Xsel[/b]
[quote]
[color=blue]root@kali:~# apt-get install sharutils xsel[/color]
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
sharutils xsel
...
Setting up sharutils (1:4.11.1-1) ...
Setting up xsel (1.2.0-1) ...
[/quote]
[b]Step 3 Alias Pbcopy[/b]
在Linux下使用xsel/xclip将程序的STDOUT输出放到剪切板中。
[quote]
[color=blue]root@kali:~# echo "alias pbcopy='xsel --clipboard --input'">>~/.bash_profile
root@kali:~# source ~/.bash_profile
root@kali:~# alias pbcopy
[/color]alias pbcopy='xsel --clipboard --input'
[/quote]
[b]Step 4 传输文件[/b]
首先使用uuencode将二进制文件转换成7-bits ASCII码形式。下面例子中,我们声明了两次文件名,第一次是真实的文件名,第二次是文件内容指向的文件名。
[color=blue][quote]root@kali:~# uuencode /bin/nc.traditional.gz /bin/nc | pbcopy[/quote][/color]
接下来切换到目标机器,使用cat创建文件,把剪切板内容copy到文件中,"CTRL+C"结束文件。
[quote]
[color=blue]josh@centos:~ $ cat >nc.gz.uu
begin 755 /bin/nc.traditional.gz
M'XL("$YEUT\``VYC+G1R861I=&EO;F%L`-U\?WR4U97W,Y,)#B%D8H46*VT?
M==!@DT@0+3\U0$"T42,BV@+"D,PP(\G,=.:9`+Y40B<!QB$VW5I?=VLKE&[7
...
M/OH.]5W3B_+P.&ZOY='CMZ^.WG$^/:;7\_"XYAP'WID+X!W,IW<`]!I4S%3(
E7\KLGWA\K:SR3LPG6PY/-W.+EO4C7OZW(*TF_Q=K0^LO?%8`````
`
end
^C
josh@centos:~ $[/color]
[/quote]
然后解码文件
[b]Step 1 压缩源文件[/b]
[quote]
[color=blue]root@kali:~# gzip /bin/nc.traditional[/color]
[color=blue]root@kali:~# ls -l /bin/nc.traditional.gz[/color]
-rwxr-xr-x 1 root root 11197 Jun 12 2012 /bin/nc.traditional.gz
[/quote]
[b]Step 2 安装Sharutils和Xsel[/b]
[quote]
[color=blue]root@kali:~# apt-get install sharutils xsel[/color]
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
sharutils xsel
...
Setting up sharutils (1:4.11.1-1) ...
Setting up xsel (1.2.0-1) ...
[/quote]
[b]Step 3 Alias Pbcopy[/b]
在Linux下使用xsel/xclip将程序的STDOUT输出放到剪切板中。
[quote]
[color=blue]root@kali:~# echo "alias pbcopy='xsel --clipboard --input'">>~/.bash_profile
root@kali:~# source ~/.bash_profile
root@kali:~# alias pbcopy
[/color]alias pbcopy='xsel --clipboard --input'
[/quote]
[b]Step 4 传输文件[/b]
首先使用uuencode将二进制文件转换成7-bits ASCII码形式。下面例子中,我们声明了两次文件名,第一次是真实的文件名,第二次是文件内容指向的文件名。
[color=blue][quote]root@kali:~# uuencode /bin/nc.traditional.gz /bin/nc | pbcopy[/quote][/color]
接下来切换到目标机器,使用cat创建文件,把剪切板内容copy到文件中,"CTRL+C"结束文件。
[quote]
[color=blue]josh@centos:~ $ cat >nc.gz.uu
begin 755 /bin/nc.traditional.gz
M'XL("$YEUT\``VYC+G1R861I=&EO;F%L`-U\?WR4U97W,Y,)#B%D8H46*VT?
M==!@DT@0+3\U0$"T42,BV@+"D,PP(\G,=.:9`+Y40B<!QB$VW5I?=VLKE&[7
...
M/OH.]5W3B_+P.&ZOY='CMZ^.WG$^/:;7\_"XYAP'WID+X!W,IW<`]!I4S%3(
E7\KLGWA\K:SR3LPG6PY/-W.+EO4C7OZW(*TF_Q=K0^LO?%8`````
`
end
^C
josh@centos:~ $[/color]
[/quote]
然后解码文件
[color=blue]josh@centos:~$ python -c 'from uu import decode; decode("nc.gz.uu", "nc.gz")'
josh@centos:~$ gzip -d nc.gz
mock@centos:~$ chmod 755 nc
josh@centos:~$ ./nc -h
[v1.10-40]
connect to somewhere: nc [-options] hostname port[s] [ports] ...
listen for inbound: nc -l -p port [-options] [hostname] [port]
options:
-c shell commands as `-e'; use /bin/sh to exec [dangerous!!]
...[/color]