andrew.rioux/sparse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

docs: point to tech descriptions of network access

Browse Source
This commit is contained in:
Andrew Rioux
2025-10-21 08:02:55 -04:00
parent 8905d027ea
commit e267f282c6
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
sparse-05/README.md
View File

@@ -23,6 +23,12 @@ Sparse 0.5 is a stopgap solution until the C2 framework itself is more mature. I
- A richer CLI with Sparse specific commands such as #upload, #download, and #edit
- A Windows version using winpcap, with both standalone binary and service versions
## How it works, or what makes this unique
[Read the blog post about it](https://andrew.riouxs.co/articles/20251017-direct-network-access.html)
Sparse 0.5 weaponizes libpcap to both receive and send packets. It listens at the network interface level, recreating IP packets to respond to a UDP stream inbound to a specific port. Due to how libpcap creates a raw socket, the only thing the operating system sees is arbitrary writes to the network interface, bypassing the ACLs and auditing included in the IP, UDP, and TCP protocol suites built into the operating system.
# Obtaining
Sparse 0.5 is immediately ready to build from source if using the [Nix package manager](https://nixos.org/download) [with flakes enabled](https://nixos.wiki/wiki/Flakes) by running `nix build .#sparse-05-client`.