sqlmap/extra/icmpsh/README.txt at cf2d76a8634553f5a6f1383288277d3414f16205 · sqlmapproject/sqlmap · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
icmpsh - simple reverse ICMP shell

icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl.


--- Running the Master ---

The master is straight forward to use. There are no extra libraries required for the C version.
The Perl master however has the following dependencies:

    * IO::Socket
    * NetPacket::IP
    * NetPacket::ICMP


When running the master, don't forget to disable ICMP replies by the OS. For example:

    sysctl -w net.ipv4.icmp_echo_ignore_all=1

If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive
commands send from the master.


--- Running the Slave ---

The slave comes with a few command line options as outlined below:


-t host            host ip address to send ping requests to. This option is mandatory!

-r                 send a single test icmp request containing the string "Test1234" and then quit.
                   This is for testing the connection.

-d milliseconds    delay between requests in milliseconds

-o milliseconds    timeout of responses in milliseconds. If a response has not received in time,
                   the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
                   The counter is set back to 0 if a response was received.

-b num             limit of blanks (unanswered icmp requests before quitting

-s bytes           maximal data buffer size in bytes


In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.