A Golang shellcode loader that receives payloads via ICMP packets to bypass firewalls. The shellcode loader is currently developed for Windows and the C2 software for Linux systems.

• Windows OS (as your target machine and for compiling the shellcode loader)
• Linux OS (as your local attacking machine and for compiling the C2 program or download the pre-compiled icmp-c2-server)
• GoLand IDE (or any other IDE or code editor with go extension you like)
• Metasploit (to generate shellcodes)
• VPS (only for C&C over internet)

• insert the IP of your VPS in the icmp-sc-loader
• build icmp-sc-loader on/for Windows
• build icmp-c2-server static on/for Linux (build with CGO_ENABLED=0 and -ldflags '-extldflags "-static"') or download the pre-compiled icmp-c2-server

static compile

• generate custom shellcode with msfvenom (it is important that the exit function is set to thread) e.g. msfvenom -p windows/x64/exec CMD=calc EXITFUNC=thread -f hex

• start the C2 software as root on your Linux system or your Linux VPS e.g. with ./icmp-c2-server -a 64 -os win -sc <your shellcode>

• start the shellcode loader on your Windows system and enjoy

example