“Just Got PWND.sh” presented at Skydogcon 2016

by Itzik Kotler,

Summary : You've been at it for all night. Trying all the exploits you can think of. The server seems tight.You've tried everything. Guessable passwords, SSH bugs, shellshock and so on... Nothing. WAIT! What's that!?!? A "#" ?? Finally! After seeming endless toiling, you've managed to steal root. Now what? Meet pwnd.sh, a pure post-exploitation framework written in Bash. In this talk, I will unveil pwnd.sh and demo how it can be used to backdoor a machine, run reconnaissance, search for assets and more.