Echo Up
URL: https://pentest.ws/tools/echo-up
The Echo Up tool is useful for creating files on remote servers when you only have access to a terminal interface, either through a bash reverse shell or powershell remoting.
On the left side of the screen you can manually enter file contents or use the Load File button to read in a local file. As you type, the right side of the screen will create a list of shell commands to build the file on the remote server by using a number of techniques.
Base 64 Techniques
B64 bash
Linux - echos the payload to base64 and uses bash output redirection
echo -n 'SGVsbG8gV29ybGQ=' | base64 -d > helloWorld.txtB64 cmd
Windows - uses certutil and cmd variables to generate a file
del /Q helloWorld.txt
del /Q froqwcxj
echo|set /p="SGVsbG8gV29ybGQ=" >> froqwcxj
certutil -decode froqwcxj helloWorld.txt
del /Q froqwcxjB64 Powershell
Windows - powershell script using local variables and System.Convert
del helloWorld.txt
$boizakxl = @()
$boizakxl += [System.Convert]::FromBase64String("SGVsbG8gV29ybGQ=")
[Environment]::CurrentDirectory = (Get-Location -PSProvider FileSystem).ProviderPath
[System.IO.File]::WriteAllBytes("helloWorld.txt", $boizakxl)
Remove-Variable boizakxlQuote Conversion Techniques
These examples parse the file contents converting single quotes to double quotes where needed. The file contents of the following examples is:
This is a "test" of the application's Echo Up feature.
Single Quoted
Wrap the file contents in single quotes and convert inner single quotes to a series of single quote, double quote, single quote, double quote, single quote.
echo 'This is a "test" of the application'"'"'s Echo Up feature.' > helloWorld.txtDouble Quoted
Wrap the file contents in double quotes and convert inner double quotes
echo "This is a "'"'"test"'"'" of the application's Echo Up feature." > helloWorld.txtNo Quotes
Do not convert the file contents.
echo This is a "test" of the application's Echo Up feature. > helloWorld.txtTier Availability
Echo Up is available on all tiers.
Last updated