Results 1 to 5 of 5

Thread: uPNP

  1. #1
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    23

    Default uPNP

    Is anyone lookign at uPNP security concerns from a pen. testing point of view.

    Seems to be getting a lot of attention and maybe worth chatting about or putting together a list of tools that can be used for uPNP exploitation.

    Most of the attacks are Internal Network Attacks but they can be positioned from the outside ie. the Internet.

    Comments ?

    Cheers
    Raz

  2. #2
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    Give this a read, its about using a Flash/uPnP exploit open port on a firewall:

    http://www.gnucitizen.org/blog/hacking-the-interwebs

    http://www.gnucitizen.org/blog/flash-upnp-attack-faq
    -----------------
    Edit:

    And this "exploiting IGDs remotely via UPnP"

    http://www.gnucitizen.org/blog/bt-ho...-bt-home-hub-5

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Any good Network Admin has uPNP turned off on all computers, since it's such a blasted chatty protocol. I despise it, and eliminate it with due prejudice.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by streaker69 View Post
    Any good Network Admin has uPNP turned off on all computers, since it's such a blasted chatty protocol. I despise it, and eliminate it with due prejudice.
    The FBI even recommends M$ users to never run it on a internet connected machine.
    dd if=/dev/swc666 of=/dev/wyze

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by swc666 View Post
    The FBI even recommends M$ users to never run it on a internet connected machine.
    I have it configured as a group policy that it gets disabled automatically on any machine on my domain. If you want your network to run slow, have it run on a whole bunch of machines. It's a POS protocol that serves no porpoise.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •