Jump to content

UPnP Forwarding Tool


Dаrren Kitchen
 Share

Recommended Posts

Pen-testers and folks that want to run certain games/p2p at coffee shops and the like.

Interesting... although (from a pen test point of view) it's hardly difficult to see that a router as offering UPnP as a service (nmap). :P

So it boils down to people playing games and dealing warez on the open wifi :D

Additionally (having a quick look at wikipedia, so I'm probably wong) UPnP seems to use UDP, so assuming there is no talk bacK you can probably spoof UPnP requests that open other computers on the network up to the Internet (just farward ports 139, 135 and 80 to 192.168.1.255 xD)

Link to comment
Share on other sites

UPnP just uses UDP/SSDP to find UPnP devices. To communicate with a specific device, TCP is usually used.

If I remember correctly UPnP port forwarding dealt with an array of public ports that are to be forwarded to specified private address at specified ports. Any UPnP client can, unless blocked (by IP or MAC address?), open, close, create, modify, or delete any UPnP NATed port. Also destination address are not bound to be the address of the client, and may, in a few of the dumber routers, even be an internet address or host name.

Malicious intent? Just open ports 1 to 1024 from the internet onto the same ports on a computer that would have otherwise been protected. If not 1 to 1024 you could just chose the RPC ports on windows. That would kill a machine running Windows 95. I recommend that you do NOT test this. :zombie:

In short: Do not use UPnP.

[edit]To actually answer your original question... No. The only UPnP client that I have seen is that GUI that Windows will provide in network connections when it can see a UPnP router on the network. That's hardly pen test worthy, however.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...