‘PuttyHijack – Putty Hijacking Tool’
‘PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.
The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
PuttyHijack was inspired by the work that Metlstorm did on SSHJack but at this release does not create a new SSH tunnel for the connection.’