6 posts

hackademix.net » NAT Pinning and ABE

hackademix.net/2010/01/08/nat-pinning-and-abe/ view page cached page
Here is a proof of concept in what I’m calling NAT Pinning (”hacking gibsons” was already taken). The idea is an attacker lures a victim to a web page. The web page forces the user’s router or firewall, unbeknownst to them, to port forward any port number back to the user’s machine. If the user had FTP/ssh/etc open but it was blocked from the router, it can now be forwarded for anyone... moreHere is a proof of concept in what I’m calling NAT Pinning (”hacking gibsons” was already taken). The idea is an attacker lures a victim to a web page. The web page forces the user’s router or firewall, unbeknownst to them, to port forward any port number back to the user’s machine. If the user had FTP/ssh/etc open but it was blocked from the router, it can now be forwarded for anyone to access (read: attack) from the outside world. No XSS or CSRF required. view page



All posts about this link

  • share this page on Twitter
  • rss feed for hackademix.net
  • alerts create email alert for hackademix.net
Copy and paste this code below into your website:
customize »