Perhaps the best quote from this article is from Richard Bejtlich, “This will end in tears.”
Motherboard’s article, “New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices” provides a good quick snapshot of the situation. The gem link is the GitHub link to the source though.
The description of the tool, AutoSploit, according to Motherboard, is, “AutoSploit on the other hand, combines Shodan, a sort-of search engine for internet-connected devices, and Metasploit, a well-known penetration testing tool for executing of exploits.” Now, do you remember the best quote of the article?
This will end in tears.
I just released AutoSploit on #Github. #Python based mass #exploit #tool. Gathers targets via #Shodan and automatically invokes selected #Metasploit modules to facilitate #RCE.https://t.co/BNw6JvTVH9#OffSec #InfoSec #Programming #Security pic.twitter.com/hvc3vrNCEJ
— VectorSEC (@Real__Vector) January 30, 2018