»NAT Pinning 2.0: bypassing routers & firewalls via web+NAT abuse«
2019-11-09, 12:30–12:55, Red Day

NAT Pinning is a combination of techniques to allow an attacker to remotely access any TCP/UDP services bound on a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website.

This talk will go over a new tool I'm releasing, NAT Pinning v2. NAT Pinning allows an attacker to remotely access any TCP/UDP services bound on a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. It uses multiple techniques to be cross-platform, cross-browser, and multi-protocol. Some areas we'll cover: - NAT (Network Address Translation) - Router Investigation - Firmware Dumping - Reverse Engineering Firmware - Network Protocol Investigation - Browser Protocols - Timing Attacks