PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a
callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco – disconnect the real putty from the display
!reco – reconnect it
!exit – just another way to exit the injected shell
You can download PuttyHijack V1.0 here:
Or read more here.
- PayPal Remote Code Execution Vulnerability Patched
- Fortinet SSH Backdoor Found In Firewalls
- Facebook Disabled Flash For Video Finally
- DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability
- Surf Jack – Cookie Session Stealing Tool
- Windows Rootkits
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 233,163 views
- AJAX: Is your application secure enough? - 119,823 views
- eEye Launches 0-Day Exploit Tracker - 85,362 views