Autosploit is a tool developed by a cyber security enthusiat that combines two tools, Metasploit and Shodan, making it pretty easy to hack someone by using automated tools anyone could use without lots of skills.
According to its author, “AutoSploit attempts to automate the exploitation of remote hosts.” To do that, the Python script uses command line interfaces and text files to extract data from the Shodan database, which is a search engine that taps into scan data on millions of Internet-connected systems. AutoSploit then runs shell commands to execute the Metasploit penetration testing framework.
You just ype in keywords to locate certain devices or targets, and AutoSploit will both list available targets and allow hackers to launch a menu of pre-loaded hacking techniques against them.
In the Shodan part, you type the query you want it it will return you the IP address from the device, then in Metasploit it uses the text that was used for Shodan and run the exploit, if everything works well, the script will then kick off Metasploit attacks against all the hosts.
The release of Autosploit caused a controversy, security experts thought that releasing automated tools that would do the hacking easier is a terrible error, because anyone could do something with the tool even without hacking knowledge. Personally I think releasing Autosploit can make a lot of damage, giving scripts anyone could use is very wrong, people may not know what they are really doing and create a great damage, and it also makes hackers job easier, putting in risk thousands of devices.
Gallagher, S. (2018). Threat or menace? “Autosploit” tool sparks fears of empowered “script kiddies”. Arstechnica. Recovery date: February 2nd 2018. Recovered from: https://arstechnica.com/information-technology/2018/02/threat-or-menace-autosploit-tool-sparks-fears-of-empowered-script-kiddies/
Greenberg, A. (2018). SECURITY NEWS THIS WEEK: ‘AUTOSPLOIT’ TOOL MAKES UNSKILLED HACKING EASIER THAN EVER. Wired. Recovery date: February 2nd 2018. Recovered from: https://www.wired.com/story/autosploit-tool-makes-unskilled-hacking-easier-than-ever/