{"id":1638,"date":"2020-11-01T11:46:48","date_gmt":"2020-11-01T03:46:48","guid":{"rendered":"https:\/\/tongwing.woon.sg\/blog\/?p=1638"},"modified":"2020-11-01T11:46:48","modified_gmt":"2020-11-01T03:46:48","slug":"samy-kamkar-nat-slipstreaming","status":"publish","type":"post","link":"https:\/\/tongwing.woon.sg\/blog\/samy-kamkar-nat-slipstreaming\/","title":{"rendered":"Samy Kamkar &#8211; NAT Slipstreaming"},"content":{"rendered":"<p>Another impressive hack from <a href=\"https:\/\/tongwing.woon.sg\/blog\/samy-kamkar-poisontap-exploiting-locked-computers-over-usb\/\">Samy<\/a>. In this article, he introduces a novel technique to gain remote connection to any TCP\/UDP service on your machine simply by having you visit a malicious website (with some conditions). To be clear, this isn&#8217;t remote code execution or remote shell &#8211; the exploit is at the networking level &#8211; but it could serve as a first step towards that. For example, the hacker could connect to the victim&#8217;s RDP port and start password brute-forcing.<\/p>\n<p><a href=\"https:\/\/samy.pl\/slipstream\/\"><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/tongwing.woon.sg\/blog\/wp-content\/uploads\/2020\/11\/lan.png\" alt=\"\" \/><\/a><\/p>\n<blockquote><p>exploit NAT\/firewalls to access TCP\/UDP services bound on a victim machine<\/p><\/blockquote>\n<p>Source: <em><a href=\"https:\/\/samy.pl\/slipstream\/\">Samy Kamkar &#8211; NAT Slipstreaming<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another impressive hack from Samy. In this article, he introduces a novel technique to gain remote connection to any TCP\/UDP service on your machine simply by having you visit a malicious website (with some conditions). To be clear, this isn&#8217;t remote code execution or remote shell &#8211; the exploit is at the networking level &#8211; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,10],"tags":[],"_links":{"self":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1638"}],"collection":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/comments?post=1638"}],"version-history":[{"count":1,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1638\/revisions"}],"predecessor-version":[{"id":1640,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1638\/revisions\/1640"}],"wp:attachment":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/media?parent=1638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/categories?post=1638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/tags?post=1638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}