Skip to content
/ ping_smuggler Public

Concept script to demonstrate how to exfiltrate data inside of ping packets

86 stars 31 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

plaintextpackets/ping_smuggler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
message.txt
message.txt
 
 
ping_generator.py
ping_generator.py
 
 
ping_parser.py
ping_parser.py
 
 
temp.pcapng
temp.pcapng
 
 

Repository files navigation

Ping Smuggler

Overview

Disclaimer: this tool is for educational purposes only

This tool is a set of scripts which will send data from a text via via ICMP payload. This project consists of two Python scripts:

  1. Ping Generator (ping_generator.py): This script generates ICMP ping messages, embedding the contents of a text file into the ICMP payload and sends them to a specified destination.
  2. Ping Parser (ping_parser.py): This script reads a PCAP file containing ICMP messages generated by the Ping Generator and extracts the text payload from these messages, converting it into plain text.

Requirements

  1. Python: Python 3.x is required to run these scripts.
  2. Operating System: The Ping Generator script is designed for Linux systems due to its dependency on scapy, which works best on Linux.
  3. Scapy: The Ping Generator script uses the scapy library for packet creation and manipulation. Installation: Install scapy using pip:
pip install scapy

Note: scapy requires administrative (sudo) privileges to send packets.

  1. tshark: The ICMP Payload Parser script uses tshark (via pyshark) for parsing PCAP files. Installation:
  • Linux: Install using your package manager, e.g., sudo apt-get install tshark.
  • Windows: Download and install Wireshark, which includes tshark, from Wireshark's official website. Ensure tshark is in your system's PATH.
  1. Pyshark:

The ICMP Payload Parser script requires pyshark, a Python wrapper for tshark. Installation: Install pyshark using pip:

bash

pip install pyshark

Usage

Ping Generator (ping_generator.py):

Usage: sudo python3 ping_generator.py [destination IP] [file path]

Sends ICMP packets containing text from the specified file to the given destination IP. Requires administrative privileges to execute.

ICMP Payload Parser (icmp_parser.py):

Usage: python3 ping_parser.py path_to_your_pcap_file.pcap

Parses the specified PCAP file and extracts ASCII text from ICMP payloads. Ensure the PCAP file contains ICMP packets generated by the Ping Generator script.

Notes

  • These scripts are for educational and testing purposes only. Ensure you have permission to send and capture ICMP packets in your network.
  • The Ping Generator script's functionality is network-dependent and may not work as expected in all environments, especially those with ICMP restrictions.

About

Concept script to demonstrate how to exfiltrate data inside of ping packets

Resources

Readme
Activity

Stars

86 stars

Watchers

5 watching

Forks

31 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages