‘PuttyHijack – Putty Hijacking Tool’

Summary

Credit:

‘The information has been provided by Brett Moore.
To keep updated with the tool visit the project’s homepage at: http://www.insomniasec.com/releases/tools


Details

‘PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.

This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.

The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.

PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.’

Categories: Tools