Host1: "tar -cf - /file1 /file2 | nc -l -p 54321"
Host2: "nc host1 54321 | tar -xf -"
One thing that annoys me is how people will crack a quad core 1.6Ghz smartphone with 64Gb of storage and then install busybox to save those 50Mb over a regular shell environment that won't embarrass itself on every shell script or configure script.
Neat challenge left as an exercise to the reader: whois can be used to transfer files too. :)
Ah, the old DNS-tunnelling trick. A fun way to flip cheap hotels the bird.
# type ftpput
-sh: type: ftpput: not found
# busybox ftpput
busybox: applet not found
Busybox can be built with as many or as few applets as you want. If the busybox you have access to doesn't have what you need, you could always try putting another busybox in /tmp - https://busybox.net/downloads/binaries/ should have a static binary that works on whatever device you have.
Your example along with OP's showcase why it's a good idea to audit the utilities you include at build time!
If you really need to get some data off, look at how much memory you have and just window the copied data in to files you can DL.
Many of the less expensive and crappier ones ship with very little memory, very little flash, and a VERY restrictive busybox build.
Still, somewhere between that and the kernel are going to be the tools you need to get chunks of data out.
"Exfiltrating" implies a covert action... Using ftp is kinda obvious!