September 8th, 2013, 02:20 AM
Hacking with uPnP
Hey guys, i have some questions related to hacking, and trust me this is not malicious hacking, more educational.
I have a few questions, my first is is it possible to open a tunnel for hacking a victim using the uPnP protocol? This preventing the need for creating forwards for NAT.
I run an application called iCam, its a software where i can use my webcam as a security camera and view it on my iPhone etc, When installing this program, there was absolutely NO configuration needed to initiate a remote connection over 3G to my home, no forwarding or anything, just a public IP of course! How is this possible.
My last question is regarding NAT!
I see NAT as the main security feature of a router, almost more powerful then a firewall or just as important as a firewall for security reasons alone! So, how in earth do you get around NAT?
My major fallback is i dont code, and dont want to learn how to!
September 9th, 2013, 03:46 PM
Is the iCam connected to your network? If so its probably sending data to their servers, which you can then view on your phone.
September 9th, 2013, 04:43 PM
Yes is does connect to remote servers its based on a username and password and tyen you use the same details on the phone
Originally Posted by seack79
September 9th, 2013, 07:40 PM
Yeah, so it is not actually contacting your internal network, but rather accessing iCams network.
September 11th, 2013, 04:44 PM
NAT is NOT a security device. NAT is Network Address Translation. In it's purist form it means that on the outside of your router 18.104.22.168 becomes equal to 192.168.40.100 (or whatever you set it up to be.) It let's you manage a device on the inside like it's part of your network, and lets people on the outside access it like it's part of the world. Meaning you can tie a DNS record as such server.test.com == 22.214.171.124; but when you go to log into it from your laptop you use the 192.168.40.100 address. This will be true for ****ALL**** TCP, UDP, and other ports.
It's cohort is PAT; Port Address Translation. It's just as it sounds port 80 on the outside may map to port 35789. This just allows you to custom config port on a server to use any port you want and have standard port mappings to the outside.
Used together NAT and PAT can be used to host a bevy of services from the same public IP address. Let's say you had ten web servers at addresses 192.168.40.100 through .109. From the outside it could look like you have the addresses 126.96.36.199 and server 1 could be at port 80 (standard web port) and server 2 could be on port 81 and so on.
None of this prevents someone accessing things that they shouldn't be. That is what a firewall is for... ( :
October 18th, 2013, 05:18 AM
I understand what NAT is, and PAT but i believe NAT acts as security as all ports are closed. The way i see it, without have a port open in NAT, there is no way of hacking or being hacked unless you run and exploit on the remote host which creates that NAT forward and a service running for that specific port.
Originally Posted by AdamPI
However, what I was getting at was can you use uPnP to create a path using PAT to a remote service that is listening.
October 19th, 2013, 08:51 PM
To an extent, yes, but NAT/PAT alone do not protect you from things such as ddos attacks, etc...