|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Brett Moore (brett.moore
insomniasec.com)
Date: Sat Aug 02 2008 - 18:08:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
___________________________________________________________________
Insomnia Security :: PuttyHijack V1.0
___________________________________________________________________
Name: Putty Hijack
Released: 31 July Feb 2008
Author: Brett Moore, Insomnia Security
Original Link: http://www.insomniasec.com/releases/tools
___________________________________________________________________
_______________
Description
_______________
PuttyHijack is a POC tool that injects a dll into the Putty
process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that
has been compromised is used to SSH/Telnet into other servers.
The injected DLL installs some hooks and creates a socket for a
callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject
if the socket or process is stopped.
PuttyHijack was inspired by the work that Metlstorm did on SSHJack
(http://www.storm.net.nz/projects/7) but at this release does not
create a new SSH tunnel for the connection.
_______________
Legals
_______________
The information is provided for research and educational purposes
only. Insomnia Security accepts no liability in any form whatsoever
for any direct or indirect damages associated with the use of this
information.
___________________________________________________________________
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]