Daten exfiltration ICMP
from scapy.all import *
import base64
capture = rdpcap('analysis.pcap')
ping_data = ""
for packet in capture:
if packet[ICMP].type == 8: # Echo request
ping_data += packet.load
print base64.b64decode(ping_data)
Repulsive Ray