|
1 | | -icmpsh - simple reverse ICMP shell |
2 | | -
|
3 | | -icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl. |
4 | | -
|
5 | | -
|
6 | | ---- Running the Master --- |
7 | | -
|
8 | | -The master is straight forward to use. There are no extra libraries required for the C version. |
9 | | -The Perl master however has the following dependencies: |
10 | | -
|
11 | | - * IO::Socket |
12 | | - * NetPacket::IP |
13 | | - * NetPacket::ICMP |
14 | | -
|
15 | | -
|
16 | | -When running the master, don't forget to disable ICMP replies by the OS. For example: |
17 | | -
|
18 | | - sysctl -w net.ipv4.icmp_echo_ignore_all=1 |
19 | | -
|
20 | | -If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive |
21 | | -commands send from the master. |
22 | | -
|
23 | | -
|
24 | | ---- Running the Slave --- |
25 | | -
|
26 | | -The slave comes with a few command line options as outlined below: |
27 | | -
|
28 | | -
|
29 | | --t host host ip address to send ping requests to. This option is mandatory! |
30 | | -
|
31 | | --r send a single test icmp request containing the string "Test1234" and then quit. |
32 | | - This is for testing the connection. |
33 | | -
|
34 | | --d milliseconds delay between requests in milliseconds |
35 | | -
|
36 | | --o milliseconds timeout of responses in milliseconds. If a response has not received in time, |
37 | | - the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit. |
38 | | - The counter is set back to 0 if a response was received. |
39 | | -
|
40 | | --b num limit of blanks (unanswered icmp requests before quitting |
41 | | -
|
42 | | --s bytes maximal data buffer size in bytes |
43 | | -
|
44 | | -
|
45 | | -In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer. |
| 1 | +icmpsh - simple reverse ICMP shell |
| 2 | + |
| 3 | +icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl. |
| 4 | + |
| 5 | + |
| 6 | +--- Running the Master --- |
| 7 | + |
| 8 | +The master is straight forward to use. There are no extra libraries required for the C version. |
| 9 | +The Perl master however has the following dependencies: |
| 10 | + |
| 11 | + * IO::Socket |
| 12 | + * NetPacket::IP |
| 13 | + * NetPacket::ICMP |
| 14 | + |
| 15 | + |
| 16 | +When running the master, don't forget to disable ICMP replies by the OS. For example: |
| 17 | + |
| 18 | + sysctl -w net.ipv4.icmp_echo_ignore_all=1 |
| 19 | + |
| 20 | +If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive |
| 21 | +commands send from the master. |
| 22 | + |
| 23 | + |
| 24 | +--- Running the Slave --- |
| 25 | + |
| 26 | +The slave comes with a few command line options as outlined below: |
| 27 | + |
| 28 | + |
| 29 | +-t host host ip address to send ping requests to. This option is mandatory! |
| 30 | + |
| 31 | +-r send a single test icmp request containing the string "Test1234" and then quit. |
| 32 | + This is for testing the connection. |
| 33 | + |
| 34 | +-d milliseconds delay between requests in milliseconds |
| 35 | + |
| 36 | +-o milliseconds timeout of responses in milliseconds. If a response has not received in time, |
| 37 | + the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit. |
| 38 | + The counter is set back to 0 if a response was received. |
| 39 | + |
| 40 | +-b num limit of blanks (unanswered icmp requests before quitting |
| 41 | + |
| 42 | +-s bytes maximal data buffer size in bytes |
| 43 | + |
| 44 | + |
| 45 | +In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer. |
0 commit comments