Search the Community
Showing results for tags 'sandman:'.
-
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre defined server. Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility. Capabilities Getting and executing an arbitrary payload from an attacker’s controlled server. Can work on hardened networks since NTP is usually allowed in FW. Impersonating a legitimate NTP server via IP spoofing. Setup SandmanServer (Setup) Python 3.9 Requirements are specified in the requirements file. [hide][Hidden Content]]