We all know very well that the security of our devices is something we always have to monitor to ensure nothing like hacking comes up. This is because, if we are not up to date with the security patches or solutions for our device operating systems, it is possible that someone can hack us with relative ease. However, now according to the reports, there is a new tool which can hack any vulnerable device easily. This new tool can hack any vulnerable devices and not only that even this tool also finds and hacks vulnerable devices automatically. A new script called “AutoSploit” makes this even easier.
AutoSploit Automatic Hacking Tool – A Python based mass exploit tool which gathers targets via Shodan and automatically invokes selected Metasploit modules to facilitate RCE.
AutoSploit, a new tool released by a “cyber security enthusiast” has done more than spark controversy, however, by combining two well-known tools into an automatic hunting and hacking machine—in much the same way people already could with an hour or two of copy-pasting scripts together.
This new set of tools goes a step beyond the automation tools that hackers usually have. For example, some tools allow you to test usernames and passwords in various web services from previously hacked accounts. With AutoSploit, the damage can be much greater, since it automates the entire process of searching for vulnerabilities and finding the type of attack necessary to take advantage of them. Its creator turns a deaf ear to criticism and publish it.
This tool basically does is unite several hacking tools and different workflows in a single package. For example, instead of the attacker having to manually search for a target and check if it is vulnerable, the tool combines Shodan (the search engine for connected devices) with Metasploit, which allows penetration tests to find possible exploitable vulnerabilities. You set this script running, it crawls the internet looking for machines that are possibly vulnerable to attack – typically due to unpatched security bugs – and automatically takes over them for you. No super-l33t skills required.
Finding a vulnerable machine is as easy as opening the program and searching for “apache.” With this, all devices that include apache in their description in Shodan are searched. From there, the Metasploit modules are loaded in an orderly manner. Once the appropriate modules are selected, they start running against the target as needed.
If there were already tools that simplified the process of hacking a computer, with AutoSploit practically anyone without advanced knowledge can try (and probably get) to hack a vulnerable device. It is even possible that they perform automated attacks on a larger group of devices that they otherwise could not have achieved.
This has led to many detractors of the tool because it is sure that it will get hacked. For example, a security expert named Richard Bejtlich states that there is no reason to publish the tool. The fact that it has incorporated the search in Shodan makes it out of place.
The fact that it is currently possible to create such a tool does not mean that it has to be published and made available to practically any user. Its creator, called Vector, says that such arguments can be applied to virtually any tool that is open source, so it will not desist in its attempt to publish it.
What do you think about autosploit automatic hacking tool? We will like to read your comments via the comments section below