Autosploit marries Shodan, Metasploit, puts IoT devices at risk
Autosploit, a new tool that basically couples Shodan and Metasploit, makes it easy for even amateurs to hack vulnerable IoT devices.
“As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts,” its creator, who goes by the handle “Vector,” wrote on Github.
Using the Shodan.io API, the program automatically collects targets and lets users enter platform-specific search queries, for instance, Apache. Based on the search criteria it retrieves a list of candidates.
The tool then runs a set of Metasploit modules – selected by programmatically comparing module names to the search query – against the potential targets in an effort to exploit them. “I have added functionality to run all available modules against the targets in a ‘Hail Mary’ type of attack as well,” Vector wrote, adding that “the available Metasploit modules have been selected to facilitate Remote Code Execution and to attempt to gain Reverse TCP Shells and/or Meterpreter sessions.”
The pseudonymous security researcher explained that “workspace, local host and local port for MSF facilitated back connections are configured through the dialog that comes up before the ‘Exploit’ component is started.
“Metasploit reduced the barrier of skill required to hack over a decade ago. Shodan is search engine that can find and identify any and every system connected to the internet,” Chris Morales, head of security analytics at Vectra, explained. “The ability to find and exploit systems isn’t new. The idea that these two highly automated tools are combined to make life even easier for someone to hack systems lowers the bar much more.”
Source | scmagazineuk