I don't know this is bad or good news. With this software, you can hijack SSH/PuTTY connection.
Description from Developer:
PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject
if the socket or process is stopped. PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.
Details
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco - disconnect the real putty from the display
!reco - reconnect it
!exit - just another way to exit the injected shell
Name: Putty Hijack
Released: 31 July Feb 2008
Author: Brett Moore, Insomnia Security
Original Link: http://www.insomniasec.com/releases/tools
Operating System: Windows
Description from Developer:
PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject
if the socket or process is stopped. PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.
Details
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco - disconnect the real putty from the display
!reco - reconnect it
!exit - just another way to exit the injected shell
Name: Putty Hijack
Released: 31 July Feb 2008
Author: Brett Moore, Insomnia Security
Original Link: http://www.insomniasec.com/releases/tools
Operating System: Windows
No comments:
Post a Comment