PingRAT: secretly passes C2 traffic through firewalls using ICMP payloads

PingRAT

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

Features:

• Uses ICMP for Command and Control
• Undetectable by most AV/EDR solutions
• Written in Go

Use

Server

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”.%2Fserver%20-h%0AUsage%20of%20.%2Fserver%3A%0A%20%20-d%20string%0A%20%20%20%20%09Destination%20IP%20address%0A%20%20-i%20string%0A%20%20%20%20%09Listener%20(virtual)%20Network%20Interface%20(e.g.%20eth0)%0A”/]

Client

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”.%2Fclient%20-h%0AUsage%20of%20.%2Fclient%3A%0A%20%20-d%20string%0A%20%20%20%20%09Destination%20IP%20address%0A%20%20-i%20string%0A%20%20%20%20%09(Virtual)%20Network%20Interface%20(e.g.%2C%20eth0)”/]

Download

Copyright (C) 2023

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy