Posted on: 5th February 2018
A “cyber security enthusiast” that goes by the name of Vector, has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules to automate mass exploitation of remote hosts.
The code works by finding a vulnerable device using Shodan, and then uses Metasploit’s database of exploits to potentially hijack the devices. This is achieved by running the script which will then crawl the internet looking for machines that are possibly vulnerable to attack – typically due to unpatched security bugs – and automatically takes over them for you.
After collecting targets using the Shodan search engine – an API key is required and the Python 2.7 script attempts to run Metasploit modules against them. (API stands for application programming interface. It can be helpful to think of the API as a way for different apps to talk to one another. For many users, the main interaction with the API will be through API keys, which allow other apps to access your account without you giving out your password.)
‘AutoSploit’ was publicly posted on software development platform, GitHub by its creator and the worrying part is that it makes mass hacking extremely easy. It takes the idea of efficient hacking, but severely ramps up the potential for damage by automating pretty much everything, including the process of finding a vulnerable target to attack.
In order to avoid being at the receiving end of this exploit and others of its kind, we recommend always having the latest software updates installed, patching over any vulnerabilities.
What do people think of AutoSploit?
Vector explained on Twitter that “As with anything, it can be used for good or bad,” the security researcher added. “The responsibility is with the person using it. I am not going to play gatekeeper to information. I believe information should be free and I am a fan of open source in general.
I just released AutoSploit on #Github. #Python based mass #exploit #tool. Gathers targets via #Shodan and automatically invokes selected #Metasploit modules to facilitate #RCE.https://t.co/BNw6JvTVH9#OffSec #InfoSec #Programming #Security pic.twitter.com/hvc3vrNCEJ
— VectorSEC (@Real__Vector) January 30, 2018
However, Cybersecurity Coordinator at the National Security Council, Rob Joyce has said that the release of AutoSploit was irresponsible and illegal.
Releasing AutoSploit, making mass exploitation even easier, was irresponsible. My friends at the FBI remind us all that while exploitation is easier, it is not any less illegal. #scriptkiddiesbeware
— Rob Joyce (@RobJoyce45) February 1, 2018