Skip to main content

'AutoSploit' Tool Makes Unskilled Hacking Easier Than Ever

posted onFebruary 5, 2018
by l33tdawg

The tools used by security researchers, penetration testers, and "red teams" often spark controversy because they package together, and automate, attacks to a degree that make some uncomfortable—and often, those tools end up getting folded into the kits of those with less noble pursuits. AutoSploit, a new tool released by a "cyber security enthusiast" has done more than spark controversy, however, by combining two well-known tools into an automatic hunting and hacking machine—in much the same way people already could with an hour or two of copy-pasting scripts together.

Malicious parties have weaponized scanning utilities, network commands, and security tools with various forms of automation before. By "stress testing" tools such as "Low-orbit Ion Cannon" (LOIC), High Orbit Ion Cannon (written in RealBasic!), and the Lizard Squad’s stresser site powered by hacked Wi-Fi routers, they took exploits known well to security pros and turned them into political and economic weapons. The Mirai botnet did the same with Internet of Things devices, building a self-spreading attack tool based on well-documented vulnerabilities in connected devices.

AutoSploit is slightly more sophisticated but only because it leverages two popular, well-supported security tools. "As the name might suggest," its author wrote on the tool's GitHub page, "AutoSploit attempts to automate the exploitation of remote hosts." To do that, the Python script uses command line interfaces and text files to extract data from the Shodan database, which is a search engine that taps into scan data on millions of Internet-connected systems. AutoSploit then runs shell commands to execute the Metasploit penetration testing framework.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th