PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a
callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco – disconnect the real putty from the display
!reco – reconnect it
!exit – just another way to exit the injected shell
You can download PuttyHijack V1.0 here:
Or read more here.
Recent in Exploits/Vulnerabilities:
- 2 Different Hacker Groups Exploit The Same IE 0-Day
- Researchers Crack 4096-bit RSA Encryption With a Microphone
- vBulletin.com Hacked – Forum User Emails & Encrypted Passwords Leaked
- DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability
- Surf Jack – Cookie Session Stealing Tool
- Windows Rootkits
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 224,512 views
- AJAX: Is your application secure enough? - 118,890 views
- eEye Launches 0-Day Exploit Tracker - 84,983 views