Full Disclosure mailing list archives

By Date By Thread Releasing PuttyRider - for penetration testers From: Adrian Furtuna <adif2k8 () gmail com>

Date: Tue, 9 Dec 2014 23:51:48 +0200

Dear List, I am pleased to announce the release of a new tool that I have recently developed - called PuttyRider. In a few words, PuttyRider injects a DLL into a running putty.exe process in order to sniff all communication and inject Linux commands on the remote server. This can be useful in an internal penetration test when you already have access to a sysadmin’s machine who has a Putty session open to a Linux server. You can use PuttyRider to take control of the remote server using the existing SSH session. The tool has been recently presented at Defcamp 2014 – a security conference in Romania. Presentation slides: *http://defcamp.ro/dc14/AdrianFurtuna.pdf* <http://defcamp.ro/dc14/AdrianFurtuna.pdf> Presentation video: *https://www.youtube.com/watch?v=nfhzoFPGUhg&list=UUc05xgnkf4YZEdn3zBJRFkA* <https://www.youtube.com/watch?v=nfhzoFPGUhg&list=UUc05xgnkf4YZEdn3zBJRFkA> Source code & binary: *https://github.com/seastorm/PuttyRider* <https://github.com/seastorm/PuttyRider> Enjoy and let me know if you have any feedback or suggestion for improvement. Cheers, Adrian _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/ By Date By Thread Current thread: Releasing PuttyRider - for penetration testers Adrian Furtuna (Dec 09)