Jump to content

[Module] upnp-portfwd - uPnP Port Forwarding


Darren Kitchen

Recommended Posts

LAN Turtle user Shad contributed the module upnp-portfwd.

uPnP Port Forwarding

https://github.com/ShadGIT

https://forums.hak5.org/index.php?/user/51465-shad/

It's now available from modulemanager. I've created this thread for module support and discussion. Very nice module Shad!

From the help:

uPnP Portfwd is a service which provides automatic port forwarding when connected to some uPnP enabled routers.\nThis service is typically used to provide a convenient and persistent DIRECT shell from the outside into the LAN Turtle so that a remote "proxy" server or host is not needed.\n*IF* the router is uPnP enabled and forwards the port it would be possible to connect directly to the Turtle from any rbitrary/anonymous location, even from TOR.
Remote Port - External port on the router to be forwarded to the Turtle.
Local Port - The port where a local service is running in the Turtle (Tipically 22 -ssh-)
Protocol - TCP or UDP (tcp for ssh)
Example: Per the defaults, the router will forward its external port 45000 to the LAN Turtle port 22. In this scenario one may establish a direct connection to the LAN Turtle by ssh'ing into the router's external interface port 45000: ssh -p 45000 root@external.router.ip
While this won't work in many cases, it may come handy when it does, which is frequent for some telco provided SOHO routers.
  • Upvote 1
Link to comment
Share on other sites

My Comcast router out of the box had uPNP enabled...that lasted about 5 seconds...but the fact still stands that many (millions) of people have upnp enabled simply by the fact that its default. Great work Shad! And thanks for letting us know DK!

telot

Edited by telot
Link to comment
Share on other sites

Yep, I guess there may be a lot of upnp enabled routers out there. In fact it is a convenient feature for most users to just run their torrents or any other p2p software without having to know/care about port forwarding or anything. Security vs usability.. as always.

Anyway, once you are inside their network, upnp port forwarding is just another way to open an external "hole". It is just slightly better than reverse shells because you don't even need to pivot on an external proxy or host... but then again there are other ways to provide with a direct/arbitrary/anonymous access, like for example setting up a TOR hidden service (I have just sent a pull for a torshell module).

Ironically enough, I have UPnP enabled on my home router :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...