I have worked in environments where they have allowed the use of clipboard but not transport files over RDP. This might seem smart, BUT it is false security. As long as you are allowed any communication you can send data through.

The more extreme versions are:

  • Displaying data on the screen and using OCR to get data back from a server
  • Creating a fake keyboard (HID) to send the file as keyboard strokes.

But often we are allowed to use the clipboard. If we are allowed to use the clipboard we can easily transport files as a Base64 string.

So if I were to migrate a binary file from C:\temp\psexec64.exe to a remote server I could run:

$data = [system.io.file]::ReadAllBytes('C:\temp\psexec64.exe')

On the receiving system I would just run:

$EncodedText = Get-Clipboard
$outdata = [System.Convert]::FromBase64String($EncodedText)
[system.io.file]::WriteAllBytes("C:\temp\psexec64.exe", $outdata)

Of course I could just make oneliners of it too. But for ease of reading I wrote them on multiple lines.