Sabtu, 22 November 2008

PuttyHijack V1.0

I don't know this is bad or good news. With this software, you can hijack SSH/PuTTY connection.

Description from Developer:

PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.

This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.





It does not kill the current connection, and will cleanly uninject
if the socket or process is stopped. PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.

Details

1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords

Some basic commands in this version include;
!disco - disconnect the real putty from the display
!reco - reconnect it
!exit - just another way to exit the injected shell

Name: Putty Hijack
Released: 31 July Feb 2008
Author: Brett Moore, Insomnia Security
Original Link: http://www.insomniasec.com/releases/tools
Operating System: Windows


Tidak ada komentar:

Poskan Komentar

Related Posts Plugin for WordPress, Blogger...