PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection.
This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for acallback connection that is then used for input/output redirection.
It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
Details
1) Start a nc listener
2) Run PuttyHijack specify the listener ip and port
3) Watch the echoing of everything including passwords
Some basic commands in this version include;
!disco - disconnect the real putty from the display!reco - reconnect it!exit - just another way to exit the injected shell
You can download PuttyHijack V1.0 here:
PuttyHijackV1.0.rar
Or read more here.
How to Change JKS KeyStore Private Key Password
Use following keytool command to change the key store password >keytool -storepasswd -new [new password ] -keystore [path to key stor...
-
AIX Environment Procedures The best way to approach this portion of the checklist is to do a comprehensive physical inventory of the server...
-
Java Keytool Commands for Creating and Importing keystore files: These commands allow you to generate a new Java Keytool keystore file, crea...