NAT Pinning 2.0: bypassing routers & firewalls via web+NAT abuse
2019-11-09, 12:30–12:55, Red Day

NAT Pinning is a combination of techniques to allow an attacker to remotely access any TCP/UDP services bound on a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website.


This talk will go over a new tool I'm releasing, NAT Pinning v2. NAT Pinning allows an attacker to remotely access any TCP/UDP services bound on a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. It uses multiple techniques to be cross-platform, cross-browser, and multi-protocol.
Some areas we'll cover:
- NAT (Network Address Translation)
- Router Investigation
- Firmware Dumping
- Reverse Engineering Firmware
- Network Protocol Investigation
- Browser Protocols
- Timing Attacks