1. Duyuruyu Kapat

Port Fail Vulnerability : Critical VPN Vulnerability

'Document' forumunda KaliBot tarafından 27 Aralık 2015 tarihinde açılan konu

  1. KaliBot

    KaliBot Albay

    Katılım:
    30 Haziran 2015
    Mesaj:
    498
    Beğeniler:
    12
    Ödül Puanları:
    2
    Web Sitesi:
    On November 26 Perfect Privacy disclosed the Port Fail vulnerability, which can lead to an IP address leak for clients of VPN services with a “port forwarding” feature.

    Though some might argue that this is not a vulnerability and just a Routing Feature .

    The news article published on Geektimes, which originally had a clickbait title, said that Private Internet Access — one of the biggest VPN service provider — paid $5000 for this “vulnerability”.
    What could go wrong due to Port Fail Vulnerability?
    A threat is posed only by the applications listening to incoming connections on a UDP port. There aren’t many of those applications on a regular home user’s PC. But usually there are at least some of them. So the threat is still eminent for most .

    [​IMG]

    Here is an example on how this vulnerability exposes the real IP of any Skype user :

    How Port Fail Vulnerability Exposes your REAL IP on SKYPE
    Using Port Fail Vulnerability it’s possible to disclose the real IP of a Skype accounts you’re interested in. There are a bunch of Skype IP resolvers which can give you the VPN IP address and port number of a Skype user using only their Skype login.

    We have an Artical recently published on the same : Link to Skype Resolver Tutorial

    Then you need to use the same thing a copyright monitoring company would use — send some UDP packets to the whole internet on the exact port. It’s remarkable but Skype will send you a reply for almost any data! The nping utility from nmap package suits our needs very well:

    Kod:
    # nping --udp -p 13318 --data-string 'hellothere!' -c 1 serv.valdikss.org.ru
    Starting Nping 0.7.00 ( https://nmap.org/nping ) at 2015-12-20 19:54 MSK
    SENT (0.0157s) UDP 195.154.127.59:53 > 92.42.31.8:13318 ttl=64 id=10802 iplen=39
    RCVD (0.0859s) UDP 185.61.149.121:4272 > 195.154.127.59:53 ttl=54 id=1534 iplen=32
    Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
    So , conviniently the real IP adderess of any Skype user is easily recovered . That’s a different story what the hacker can do if he tracks your real IP
     

Bu Sayfayı Paylaş

Share