How to setup a PHP file dropper without tools
After we have compromised a machine inside a network, we need to download tools for lateral movement, local exploits to escalate privileges, etc. Knowing how to setup a file dropper is crucial.
When I was doing the OSCP 24-hour exam but also when doing the training in the labs, that was very useful as I could easily download any payload, trojan or implant from my kali machine to the target machine:
For a more “heavy” tool but much more powerful have a look to this one: https://github.com/kgretzky/pwndrop
For more hints about post exploitation, check post exploitation intro here: https://pentestwiki.org/post-exploitation/