[Plug-security] UPNP
Lisa Kachold
lisakachold at obnosis.com
Mon Feb 14 16:02:26 MST 2011
Since more than a few people were interested in current technology related
to UpNp,
here's some of the features of this dangerous, yet mostly open protocol:
Miranda is one of the oldest tools used for upnp discovery.
http://www.securiteam.com/tools/6N0012KN5Q.html
http://www.ethicalhacker.net/content/view/220/24/
On a more interesting note, upnp can actually be used as an attack vector:
http://www.gnucitizen.org/blog/hacking-with-upnp-universal-plug-and-play/
Which has been exposed at both 2600 and DefCon as early as 2001.
http://www.upnp-hacks.org/upnp.html
The most common current use of upnp as an attack vector involves Linksys
"routers":
http://homecommunity.cisco.com/t5/Wireless-Routers/Hackers-Using-Linksys-Wireless-Router-to-Break-In-Through-The/m-p/330103
As you can see, any of you wanting to do research in this area, could easily
come upon some real world cracks or at least a few bugtraq entries. Perhaps
enough to present next year at one of the security Cons?
http://www.obnosis.com
*Catch My MetaSploit & IP CAM Surveillance
Presentations @ ABLEConf.com in April!*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-security/attachments/20110214/6cf9cf60/attachment.html>
More information about the Plug-security
mailing list