UPnP Forwarding Tool

[Dаrren Kitchen]

Anyone know a good UPnP Forwarding Tool, one where you can arbitrarily put in the port and IP would want to forward to? Many P2P clients have built in UPnP forwarding functions, but anyone know a tool that lets you set it up yourself?

[Sparda]

If I didn't know any better... I would say you'r asking for this with malitiuos intent ;)

UPnP = bad

[Dаrren Kitchen]

I'm asking because I'm thinking of writing one, but I won't bother if there is already a good one.

[Sparda]

I can't think and any real use for such a program, at least with in this sort of community (tech savy (ish) people who have a clue about security).

What is the intended user base of the program?

[Dаrren Kitchen]

Pen-testers and folks that want to run certain games/p2p at coffee shops and the like.

[Sparda]

Pen-testers and folks that want to run certain games/p2p at coffee shops and the like.

Interesting... although (from a pen test point of view) it's hardly difficult to see that a router as offering UPnP as a service (nmap). :P

So it boils down to people playing games and dealing warez on the open wifi :D

Additionally (having a quick look at wikipedia, so I'm probably wong) UPnP seems to use UDP, so assuming there is no talk bacK you can probably spoof UPnP requests that open other computers on the network up to the Internet (just farward ports 139, 135 and 80 to 192.168.1.255 xD)

[lunex]

UPnP just uses UDP/SSDP to find UPnP devices. To communicate with a specific device, TCP is usually used.

If I remember correctly UPnP port forwarding dealt with an array of public ports that are to be forwarded to specified private address at specified ports. Any UPnP client can, unless blocked (by IP or MAC address?), open, close, create, modify, or delete any UPnP NATed port. Also destination address are not bound to be the address of the client, and may, in a few of the dumber routers, even be an internet address or host name.

Malicious intent? Just open ports 1 to 1024 from the internet onto the same ports on a computer that would have otherwise been protected. If not 1 to 1024 you could just chose the RPC ports on windows. That would kill a machine running Windows 95. I recommend that you do NOT test this. :zombie:

In short: Do not use UPnP.

[edit]To actually answer your original question... No. The only UPnP client that I have seen is that GUI that Windows will provide in network connections when it can see a UPnP router on the network. That's hardly pen test worthy, however.

[unasoto]

would this type of prog help with certain ISP blocking ports use with P2P file sharing?

[lunex]

would this type of prog help with certain ISP blocking ports use with P2P file sharing?

No. ISPs usually don't use UPnP.

[Dаrren Kitchen]

Well, after looking up more info on the COM object so I could make my own I found this tool that I think will do what I need:

http://www.codeproject.com/internet/PortForward.asp

If I wanted to do my own coding this helps a bit:

http://www.knoxscape.com/Upnp/NAT.htm