I wondered when someone would exploit this. I knew the possibility existed because most firewalls and nat base their packet forwarding on the origin. If it is a new connection and it wasn't established internally it drops it. So when we establish a connection outside we open an arbitrary source port and the router holds this port open. This is where the clever javascript comes into play where the browser can be exploited and malformed packets can do their little dance.
Quite a cool concept actually. [ https://www.wavedirect.net/ | ] [ https://www.facebook.com/ruralhighspeed ] [ https://www.instagram.com/wave.direct/ ] [ https://www.linkedin.com/company/wavedirect-telecommunication/ ] [ https://twitter.com/wavedirect1 ] [ https://www.youtube.com/user/WaveDirect ] STEVEN KENNEY DIRECTOR OF GLOBAL CONNECTIVITY & CONTINUITY A: 158 Erie St. N | Leamington ON E: [email protected] | P: 519-737-9283 W: www.wavedirect.net From: [email protected] To: "af" <[email protected]> Sent: Sunday, November 1, 2020 8:39:30 AM Subject: [AFMUG] NAT Slipstreaming - or how to attack any internal host behind NAT Synopsis: NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim's NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. https://samy.pl/slipstream/ -- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
