# T1570: Lateral Tool Transfer Adversaries may transfer tools or other files between systems in a compromised environment. Files may be copied from one system to another stage adversary tools or other files over the course of an operation. Adversaries may copy files laterally between internal victim systems to support lateral movement using inherent file sharing protocols such as file sharing over SMB to connected network shares or with authenticated connections with SMB/Windows Admin Shares or Remote Desktop Protocol. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp. **Example** On this Demo will demonstrate how we can use tools to Lateral Move around the Network. **CMD** CMD can be used to copy tools to/from a remote share, this is true and very easy assuming we have the correct permissions to copy stuff onto the share. ![](/files/-MRl08mkM-Sx6fYTb8ga) Above we see a small demo on how we can move our tools laterally using SMB Shares with the correct credentials and permissions, this can be used to replace files and wait for our victim to execute them and gain a shell on the Workstation. Once the payload is executed we can capture the Shell and gain access to another workstation. ![](/files/-MRl09og5vdX3_yYflMF) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://dmcxblue.gitbook.io/red-team-notes-2-0/red-team-techniques/lateral-movement/t1570-lateral-tool-transfer.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.