Penetration Testing mailing list archives
Insomnia: Tool Release - PuttyHijack V1.0
From: "Brett Moore" <brett.moore () insomniasec com>
Date: Thu, 31 Jul 2008 17:15:28 +1200
___________________________________________________________________ Insomnia Security :: PuttyHijack V1.0 ___________________________________________________________________ Name: Putty Hijack Released: 31 July Feb 2008 Author: Brett Moore, Insomnia Security Original Link: http://www.insomniasec.com/releases/tools ___________________________________________________________________ _______________ Description _______________ PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection. It does not kill the current connection, and will cleanly uninject if the socket or process is stopped. PuttyHijack was inspired by the work that Metlstorm did on SSHJack (http://www.storm.net.nz/projects/7) but at this release does not create a new SSH tunnel for the connection. _______________ Legals _______________ The information is provided for research and educational purposes only. Insomnia Security accepts no liability in any form whatsoever for any direct or indirect damages associated with the use of this information. ___________________________________________________________________ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Insomnia: Tool Release - PuttyHijack V1.0 Brett Moore (Jul 30)