search

Protected Files Transfer

circle-info

Unless specifically requested by a client, we do not recommend exfiltrating data such as Personally Identifiable Information (PII), financial data (i.e., credit card numbers), trade secrets, etc., from a client environment. Instead, if attempting to test Data Loss Prevention (DLP) controls/egress filtering protections, create a file with dummy data that mimics the data that the client is trying to protect.

Data leakage during a penetration test could have severe consequences for the penetration tester, their company, and the client. As information security professionals, we must act professionally and responsibly and take all measures to protect any data we encounter during an assessment.

hashtag
File Encryption on Windows

Many different methods can be used to encrypt files and information on Windows systems. One of the simplest methods is the Invoke-AESEncryption.ps1arrow-up-right PowerShell script. This script is small and provides encryption of files and strings.

Import-Module .\Invoke-AESEncryption.ps1

hashtag
File Encryption example

Invoke-AESEncryption -Mode Encrypt -Key "p4ssw0rd" -Path .\scan-results.txt
circle-exclamation

Using very strong and unique passwords for encryption for every company where a penetration test is performed is essential. This is to prevent sensitive files and information from being decrypted using one single password that may have been leaked and cracked by a third party.

hashtag
File Encryption on Linux

OpenSSLarrow-up-right is frequently included in Linux distributions, with sysadmins using it to generate security certificates, among other tasks. OpenSSL can be used to send files "nc style" to encrypt files.

hashtag
Encrypting /etc/passwd with openssl

openssl enc -aes256 -iter 100000 -pbkdf2 -in /etc/passwd -out passwd.enc

hashtag
Decrypt passwd.enc with openssl

openssl enc -d -aes256 -iter 100000 -pbkdf2 -in passwd.enc -out passwd
PreviousMiscellaneous File Transfer MethodsNextCatching Files over HTTP/S (Nginx)

Last updated