AutoSploit. Someone bridged Shodan and Metasploit

I caught this story yesterday on The Register. Ars has it now.

I downloaded AutoSploit last night to play with it, but I haven’t actually had the chance to yet. I’m of the mindset that this makes the internet a scarier place in general. Historically Metasploit has been out of the mental reach of script kiddies. AutoSploit puts Metasploit squarely in the hands of script kiddies. Well, at least some of Metasploit’s features, anyways. Fortunately not all of them.

On the other hand, this also makes it easier for those of us who are not security experts. This could help us to audit our own internet presence without paying for a full penetration test.

Bonus humor: Bridging Metasploit and Shodan is like bringing the Key Master and Gate Keeper together. Soon we’ll be seeing Zuul in all of our internet connected refrigerators. :slight_smile:


Oh sweet merciful Lord.

I feel like there’s a lot of news relating to the inevitable downfall of the internet and society as we know it lately.

Too bad it requires me to sign up for shodan. I’m going to have to do that later so I can see how this works out.

I look at it this way, I don’t think it’s a script kiddie thing.

Yeah sure they would be able to use it, but it would make professional engagements that much quicker. Work smarter, not harder. Use whatever tool gets the job done. I don’t care if it has a GUI or not.

1 Like

Shodan had a sick Black Friday deal- got mine for $5. Still haven’t used it…