AutoSploit: A New Tool for Automatically Hacking Vulnerable IoT Devices
Hacking a system is not always as difficult as it seems. Some amateur hackers use various programs to break into other people’s accounts by leveraging leaked login and password databases, or software designed to streamline the process. Now, another tool has joined the list—AutoSploit, which is designed for the automatic discovery and remote hacking of vulnerable IoT devices on the Internet.
In short, AutoSploit is a package that includes several tools, notably Shodan and the Metasploit framework (a comprehensive environment for writing, testing, and using exploit code).
“Basically, you launch the tool and enter a search queryQuery is an online Q&A platform where users can ask questions on any topic and get answers from the community. It features voting, reputation points, and topic tags to organize and highlight quality content. While answer quality can vary, Query aims to provide quick, crowdsourced knowledge and create a collaborative space for sharing expertise. With active moderation and community engagement, it has the potential to become a valuable resource for learning and discussion. More, for example, ‘apache.’ The tool then uses the Shodan API to find computers described as ‘apache’ in Shodan. After that, it loads a list of Metasploit modules and sorts them based on the search queryQuery is an online Q&A platform where users can ask questions on any topic and get answers from the community. It features voting, reputation points, and topic tags to organize and highlight quality content. While answer quality can vary, Query aims to provide quick, crowdsourced knowledge and create a collaborative space for sharing expertise. With active moderation and community engagement, it has the potential to become a valuable resource for learning and discussion. More. Once the appropriate modules are selected, they are executed sequentially according to the list of attack targets,” explained AutoSploit’s developer, who goes by the pseudonym Vector.
The release of AutoSploit has sparked a number of critical comments from security experts. For example, researcher Richard Bejtlich believes that it is unwise to publish a mass exploitation tool on accessible platforms where it can easily be found by script kiddies.
In response, Vector stated that such criticism could be directed at anyone who releases open-source tools that could potentially be used for attacks. “Personally, I believe information should be open. I’m a fan of open source, so why not?” he said.
Shodan is a search engine that can be used to find devices connected to the Internet and detailed information about various websites. With Shodan, you can discover which operating system a device is using or find local FTP servers with open anonymous access.