Catch ICMP (Ping) Requests

    I managed to find a small hole in a web application that appeared as if it wold allow me to execute commands on the local machine.  I tried a simple reverse shell but no joy.  Taking it down to a very basic level, I tried to ping but I needed to capture my ping requests on the other end.  

    I executed the following:

    tcpdump ip proto \\icmp -i eth0

    to which it responds with:

    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

    [side note]

    Which interface are you using?

    The following command will identify your interface:

    ifconfig -a

    Replace eth0 with your interface.

    [/side note]

    Now that you've got tcpdump setup, you can initiate your ping command injection and if it succeeds, you should see the following on the machine catching the request:

    18:44:50.816725 IP victim.sevenlaeyrs.com > 10.16.10.111: ICMP echo request, id 24908, seq 1, length 64
    18:44:50.816775 IP 10.16.10.111 > victim.sevenlaeyrs.com: ICMP echo reply, id 24908, seq 1, length 64
    18:44:51.817506 IP victim.sevenlaeyrs.com > 10.16.10.111: ICMP echo request, id 24908, seq 2, length 64
    18:44:51.817544 IP 10.16.10.111 > victim.sevenlaeyrs.com: ICMP echo reply, id 24908, seq 2, length 64

     


    © 2020 sevenlayers.com