ICMPsh
https://github.com/inquisb/icmpsh에서 백도어를 다운로드하세요.
클라이언트 측
스크립트를 실행하세요: run.sh
오류가 발생하면 다음 줄을 변경해보세요:
ICMP Shell (icmpsh)
Description
ICMP Shell (icmpsh) is a simple reverse ICMP shell that uses ICMP echo requests to establish a command shell on a target machine. It is a part of the icmpsh project.
Features
Stealthy communication: ICMP echo requests are commonly allowed through firewalls and are less likely to be detected.
Reverse shell: Allows an attacker to execute commands on the target machine.
Encrypted communication: ICMP payload is encrypted using AES-128-CBC.
Cross-platform: Works on Windows, Linux, and macOS.
Usage
Start the listener on the attacker machine:
Execute the client on the target machine:
Once the connection is established, the attacker can execute commands on the target machine.
Limitations
Requires administrative privileges on the target machine.
ICMP echo requests may be blocked by some firewalls or network configurations.
The communication is not encrypted by default, but can be enabled using the
-e
option.
Detection
Monitor network traffic for ICMP echo requests to identify potential ICMP shell activity.
Use intrusion detection systems (IDS) or network monitoring tools to detect suspicious ICMP traffic.
Regularly update firewall rules to block ICMP echo requests if not required.
References
피해자 측
피해자에게 icmpsh.exe를 업로드하고 실행하세요:
Last updated