18:["$","$L5",null,{"breadcrumbs":[{"label":"Breachforums","href":"/"},{"label":"Cracking","href":"/Forum-Cracking"},{"label":"Cracking Tutorials","href":"/Forum-Cracking-Tutorials"},{"label":"Sandman !!!","href":"/Thread-42655-Sandman"}],"children":[["$","div",null,{"id":"thread-display","children":[["$","br",null,{}],[["$","div",null,{"className":"float_left","children":["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"pages","children":["Pages (",1,"):"]}],false,false,[["$","span","1",{"className":"pagination_current","children":1}]],false,false]}]}],["$","div",null,{"className":"float_right","style":{"marginTop":4}}],["$","br",null,{"className":"clear"}]],["$","table",null,{"className":"tborder clear cell-padding-5 table-auto full-width","children":["$","tbody",null,{"children":[["$","tr",null,{"children":["$","td",null,{"className":"thead","children":["$","div",null,{"className":"thread-info__thread","children":[["$","div",null,{"className":"float_right","children":["$","a",null,{"href":"/Forum-Cracking-Tutorials","className":"smalltext","children":["$","strong",null,{"children":"Return to forum"}]}]}],["$","span",null,{"className":"thread-info__name rounded","children":"Sandman !!!"}],["$","div",null,{"className":"thread-info__datetime","children":["by ","$undefined"," - ","Thursday, January 1, 1970 at 12:00 AM"]}]]}]}]}],["$","tr",null,{"children":["$","td",null,{"id":"posts_container","style":{"width":"100%","padding":0},"children":["$","div",null,{"id":"posts","style":{"width":"100%"},"children":[["$","$1","821142",{"children":[["$","a",null,{"id":"pid821142"}],["$","div",null,{"className":"post","id":"post_821142","style":{"width":"100%"},"children":[["$","div",null,{"className":"post__author scaleimages","children":[["$","div",null,{"className":"post__author-info","children":[["$","div",null,{"className":"post__user","children":[["$","div",null,{"className":"post__user-profile largetext","children":["$","a",null,{"href":"/User-Venom888","children":["$","$L21",null,{"username":"Venom888","rankIconClass":"$undefined","showRankIcon":false,"rankSpanClass":"rf_elite","usernameExtrasClass":"","style":{},"apiUsernameColor":""}]}]}],["$","div",null,{"className":"post__user-avatar","children":["$","a",null,{"href":"/User-Venom888","children":["$","img",null,{"alt":"","src":"/images/default_avatar.png","width":"130","height":"130"}]}]}]]}],["$","div",null,{"className":"post__user-title","children":["Elite User",["$","span",null,{"className":"post__buddy-status","children":["$","a",null,{"className":"post__status post__status--offline","href":"javascript:void(0)","title":"Offline"}]}]]}],["$","div",null,{"className":"post__user-stars hidden-md"}],["$","div",null,{"className":"post__user-badge","children":[["$","$L22",null,{"variant":"postbit","src":"/images/awards/member.png","alt":"Elite","title":"Elite User"}],["$","br",null,{}]]}]]}],["$","div",null,{"className":"post__author-stats","children":[["$","div",null,{"className":"socialsites socialsites--postbit rounded"}],["$","div",null,{"className":"post__stats-bit group","children":[["$","span",null,{"className":"float_left","children":"Posts:"}]," ",["$","span",null,{"className":"float_right","children":"122"}]]}],["$","div",null,{"className":"post__stats-bit group","children":[["$","span",null,{"className":"float_left","children":"Threads:"}]," ",["$","span",null,{"className":"float_right","children":"0"}]]}],["$","div",null,{"className":"post__stats-bit group","children":[["$","span",null,{"className":"float_left","children":"Joined:"}]," ",["$","span",null,{"className":"float_right","children":"N/A"}]]}],["$","div",null,{"className":"post__stats-bit group","children":[["$","span",null,{"className":"float_left","children":"Reputation: "}]," ",["$","span",null,{"className":"float_right","children":["$","a",null,{"href":"/User-Venom888","children":["$","strong",null,{"className":"reputation_positive","children":"0"}]}]}]]}],["$","br",null,{"className":"ougc_awards_postbit_maxperline"}],["$","$L23",null,{"awards":[]}],["$","div",null,{"className":"post__user-awards"}]]}]]}],["$","div",null,{"className":"post_whole","style":{"flex":"1 1 auto","minWidth":0,"flexDirection":"column"},"children":[["$","div",null,{"className":"post_content","style":{"width":"100%"},"children":[["$","div",null,{"className":"post_head","children":[["$","div",null,{"className":"float_right","style":{"verticalAlign":"top"},"children":["$","strong",null,{"children":["$","a",null,{"href":"/Thread-42655-Sandman?pid=821142#pid821142","title":"Sandman !!!","children":["#",1]}]}]}],["$","span",null,{"className":"post_date","children":"November 15, 2022 at 8:56 PM"}]]}],["$","div",null,{"className":"post_body scaleimages","id":"pid_821142","dangerouslySetInnerHTML":{"__html":"Sandman is a backdoor that is meant to work on hardened networks during red team engagements.

Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre-defined server.

Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility.

Hidden Content

You must register or login to view this content.

"}}],null,"$L24"]}],"$L25"]}]]}]]}]]}]}]}]]}]}],"$L26"]}],"$L27","$L28"]}]