👉HOW TO SEND CUSTOM TEXT MESSAGES USING PING COMMAND !!!
Hello guys 👋 ,
In this article we are going to see internals of ping command and how ping command can be used to send custom messages…
🔰 WHAT IS ICMP ???
ICMP (INTERNET CONTROL MESSAGE PROTOCOL ) is used to enhance the reliability which provides information about errors, loss of packets, unavailable destinations, etc. It is documented as RFC 792. It is mandatory that every device that implements IP(Internet Protocol), must also implement ICMP.
In ICMP any destination or router that detects any problem in handling a received IP packet, generated ICMP message addressed to the originating station of IP packet. ICMP message can be analyzed by network management systems to generate network reports for the network administrators .
ICMP messages are send as IP packets. The protocol field of IP header is set to 0x01 to indicate that this packet contains ICMP message.
🔰 ICMP MESSAGE
Basic ICMP message consists of three fields — type, code and checksum(used for error detection) . Extension field is used with some of the messages.
A) TYPE FIELD : Specifies the message type (Ex: Destination unreachable)
B) CODE FIELD : Describes the type (Ex: reason why the destination was unreachable)
When an IP packet containing ICMP echo request. (Type 8) is sent to a host , the host returns IP packet with ICMP echo reply(TYPE 0).
The payload of the packet is generally filled with ASCII characters, as the output of the tcpdump command shows in the last 32 bytes of the following example (after the eight-byte ICMP header starting with 0x0800).
🔰 PING (PACKET INTERNET GROPER)
It is an application of ICMP echo. It is used for estimation of round trip delay, packet loss, and other parameters, Delay is measured by starting a timer at the time of sending the echo request and nothing the time when echo is received. Several PINGs are sent one after the other and round trip time is expressed as minimum, maximum and average values .
Packet loss is estimated based on number of echo replies not on received .If out of 1000 echo requests , only 900 are replied to, the packet loss is 1%.
🔰 WHAT IS DATA ExFILTERATION
Data exfilteration also known as “Data extrusion” it the process of transferring data into other computer without authorization of that system.
It can be done by various methods like manually transferring with physical access or by using some kind of automation technique which uses malware over a network.
🔰 ICMP EXFILTERATION
So now we came to know that icmp is pretty simple and does not contain lot of information . However it has data field which is used for error message.
By exfiltering data means we will inject data into icmp ECHO packets as firewall allows icmp traffic so it will be bypassed. I have used python script written by martinoj2009 on icmp ping exfilteration.
Ping.py : script need to be run on client machine who want to ping the serverServer.py : this script need to run on Server machine.
