One of the more interesting facets of this industry is there’s always something new to learn. The
creativeness and inventive nature shine with the new tools introduced for attacks and subsequently to
improve defenses. One area that hasn’t seen many new tools created has been with SSH. This is widely
used and continue to be a primary security method.
The new security tool is SSH-Snake. This is an open-source tool. Originally released in January 2024, the
design was to work through a network using SSH private keys. This is done automatically. The program
through its work then creates a thorough network map and its dependencies. The result allows the
security staff to understand vulnerable points where an attacker could use SSH and private keys.
You can see the usefulness of this for the company. Like any tool, there are positive and negative uses.
The negative side of the coin here is the tool was weaponized. This was modified to self-modify and
replicate itself through the network. The upgraded tool has been coded to find locations where
credentials are generally kept and analyzes the shell history files.
As an additional aspect to circumvent security, the tool is fileless. While this is newer, it allows for an
increased level of difficulty in detecting the tool and allows it a greater level of flexibility. This is still a
tool to be used to improve your network security stance. The weaponized version should be on your
radar.
No comments:
Post a Comment