Locked Sandman: NTP based backdoor for red team engagements

By itsMe
August 30, 2022 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted August 30, 2022

- Share

Posted August 30, 2022

This is the hidden content, please

Sandman is a backdoor that is meant to work on hardened networks during red team engagements.

Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre defined server.

Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility.

Capabilities

Getting and executing an arbitrary payload from an attacker’s controlled server.

Can work on hardened networks since NTP is usually allowed in FW.

Impersonating a legitimate NTP server via IP spoofing.

Setup
SandmanServer (Setup)

Python 3.9
Requirements are specified in the requirements file.

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- Offence RAT v2.5
  
  By 2s4cx43k, April 2
  - remotely
  - hacker
  - (and 8 more)
    
    Tagged with:
    
    remotely
    
    hacker
    
    backdoor
    
    malware
    
    trojan
    
    tool
    
    administration
    
    remote
    
    rat
    
    control
  - 0 replies
  - 158 views
- SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)
  
  By itsMe, December 5, 2021
  - for
  - support
  - (and 5 more)
    
    Tagged with:
    
    for
    
    support
    
    plugin.
    
    (a_antidebug
    
    x64
    
    sharpod
    
    x64dbg)
  - 0 replies
  - 1,661 views
- How to sniff API of android aps For making configs
  
  By itsMe, May 20, 2021
  - making
  - for
  - (and 6 more)
    
    Tagged with:
    
    making
    
    for
    
    aps
    
    android
    
    api
    
    sniff
    
    how
    
    configs
  - 0 replies
  - 255 views
- How To Make Simple APP Config(API) In OPENBULLET Using Fiddler
  
  By itsMe, March 24, 2023
  - easiest
  - configs
  - (and 8 more)
    
    Tagged with:
    
    easiest
    
    configs
    
    openbullet
    
    api
    
    android
    
    making
    
    for
    
    setup
    
    how
    
    method
  - 0 replies
  - 519 views
- Montar un VPS de proxy inverso en la red TOR para mostrar el contenido de otro VPS en la Clearnet
  
  By dEEpEst, April 28, 2023
  - vps
  - darknet
  - (and 11 more)
    
    Tagged with:
    
    vps
    
    darknet
    
    deepweb
    
    clearnet
    
    proxy
    
    contenido
    
    otro
    
    red
    
    para
    
    montar
    
    inverso
    
    tor
    
    mostrar
  - 0 replies
  - 208 views

Sign In

Locked Sandman: NTP based backdoor for red team engagements

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

Offence RAT v2.5

SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)

How to sniff API of android aps For making configs

How To Make Simple APP Config(API) In OPENBULLET Using Fiddler

Montar un VPS de proxy inverso en la red TOR para mostrar el contenido de otro VPS en la Clearnet

Browse

Activity

Store

Important Information