PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a
callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco – disconnect the real putty from the display
!reco – reconnect it
!exit – just another way to exit the injected shell
You can download PuttyHijack V1.0 here:
Or read more here.
- Apple’s Password Storing Keychain Cracked on iOS & OS X
- The Logjam Attack – ANOTHER Critical TLS Weakness
- WordPress Critical Zero-Day Vulnerability Fixed In A Hurry
- DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability
- Surf Jack – Cookie Session Stealing Tool
- Windows Rootkits
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 230,697 views
- AJAX: Is your application secure enough? - 119,546 views
- eEye Launches 0-Day Exploit Tracker - 85,232 views