What is Sandokan ?


NetBSD homepage is https://www.netbsd.org/

Please note that this will not run on non x86_64/amd64 CPUs as this is pure 64bit NetBSD system. Also the USB image is GPT formatted (containst 3 partitions, one EFI, two FFS)

How to download it ?

$ wget https://www.sandokan.tk/release/sandokan-public.img.xz


md5  c05d7496c9774d7518b1fd11b43321cb sandokan-public.img.xz

sha256  82c83ba342ea4079ae74388554a32cf2aec0901a18c34d53f90efe789edac5c1 sandokan-public.img.xz

How to create a bootable USB ?

You will need to have a USB stick of minimum 16 GB size. The extracted image size is 15518924800 bytes big. The image is compressed using xz, so unxz is needed to extract this. On windows 7zip can handle xz compression format.

$ unxz sandokan-public.img.xz

On NetBSD: for example if the memory stick is recognized as sd0 (Warning: this will overwrite all the contents on your memory stick):

# dd if=sandokan-public.img of=/dev/rsd0d bs=1m

On Linux: for example if the memory stick is recognized as sdb (Warning: this will overwrite all the contents on your memory stick):

# dd if=sandokan-public.img of=/dev/sdb bs=1M

On Windows you can use rawrite32 to copy the image to the stick.

Running Sandokan

You can try to run Sandokan via qemu-system-x86_64 first before burning it to a USB stick as simply as following

qemu-system-x86_64 -enable-kvm -boot c -cpu host -m 2048 -hda sandokan-public.img \
-net nic -net tap

Boot it and you should get greeted by the NetBSD bootloader


After it boots you can login as either user or root, credentials are the following

user:  p4ssw0rd

root:  p4ssw0rd

You should change the credentials  then. To switch to root from user you can run su (user is part of the wheel group)  Please note any additional rc scripts should be enabled or added to /etc/rc.conf. Currently there is a hardcoded value for the atheros based wireless card - athn0, so you should change this to your wireless or ethernet interface device


And assign proper WPA (if used) credentials and ESSID for wifi in /etc/wpa_supplicant.conf


In  order to start X11 just run startx from the user shell environmnet after you logged in, Xorg should autoconfigure to your environment.

user@sandokan:/disk/home/user> startx


And Fluxbox window manager should start. The menu is accessed via "right" mouse click. Exiting back to console "Fluxbox Menu > Exit "

Audio volume can be adjusted via GTK aumix or via mixerctl

What tools are in Sandokan ?

gcc 7.4.0

radare2 3.6

weechat 2.6

clang 8.0.1

ntfsprogs 3.23

wireshark 3.0.5

go 1.12.10

opera 12.16


rust 1.38.0

dillo  3.0.5

OpenSSH 8.0

python 3.7.4

elinks 0.12rc6

OpenSSL 1.1.1c

python 2.7.16

mplayer 1.4

SDL 1/2

ruby 2.6.5

gdb 8.3

fluxbox 1.3.7

ruby 2.4.9

postgresql 11.5

GTK 2/3

perl 5.30

samba 4.10.8

llvm 8.0.1

bash 5.0.11

openjdk 11


nmap 7.80

irssi 1.2.2

Linux emulation

Games fully playable (all should be abandonware now anyway)

Due to size limits I have omitted many other infosec tools, but they will be released later in next version, once I sort out the disk image size.

Shutting it down safely

In order to prevent the enforced fsck_ffs if the Live USB system is not shut down properly, always wait for the shutdown process to finish (it can take some time on the USB2 ) 

Shutting and powering down the system is done like this

# shutdown -p now

 In case of question you can reach me @ twitter https://twitter.com/astr0baby 

More information about NetBSD https://wiki.netbsd.org/