Comments on: Hacking with UPnP (Universal Plug and Play)

By: To hell with IPv4… - Jigeiko

To hell with IPv4… - Jigeiko — Thu, 29 Oct 2009 08:36:55 +0000

[...] But then I came upon the following: hacking with UPnP [...]

By: Wifi Ownage « Samaldis’s Blog

Wifi Ownage « Samaldis’s Blog — Mon, 09 Mar 2009 00:25:44 +0000

[...] router and changed the primary DNS server through many of the available methods in the wild, like UPnP hacking, [...]

By: LoRdRapTuReZ

LoRdRapTuReZ — Mon, 10 Nov 2008 02:43:25 +0000

I have an universal plug and play server gateway. And its protected with the password which was set by pervously guy who work in my company.So, is there any other options that i can reset the server gateway or get the default

By: The Invisible Infection, Revisited | All That's Evil

The Invisible Infection, Revisited | All That's Evil — Thu, 18 Sep 2008 17:53:58 +0000

[...] fine folks at GNUcitizen provided much of the information that I’m mentioning here, and they even have some carefully [...]

By: More UPnP Hacking Fun with Google Media Server | GNUCITIZEN

More UPnP Hacking Fun with Google Media Server | GNUCITIZEN — Fri, 27 Jun 2008 09:31:46 +0000

[...] our exploration in the fields of UPnP earlier this year with some smoking posts which covered some basic attacks and the advance flash attacks. Today I stumbled across Google Media Server, a desktop gadget which [...]

By: vino

vino — Mon, 28 Apr 2008 14:27:39 +0000

Thats Greatt.., You guys Rock !!!!

By: Inseguridad en UPnP. » Vida Casi Digital

Inseguridad en UPnP. » Vida Casi Digital — Fri, 11 Apr 2008 20:11:31 +0000

[...] Hacking with UPnP (Universal Plug and Play): http://www.gnucitizen.org/blog.....-and-play/ [...]

By: Nick

Nick — Fri, 28 Mar 2008 07:17:48 +0000

Alright.

So I’m in an interesting situation. A desperate friend convinced me to help him try to get a friend’s MSN and Gmail accounts back from a malicious ex-friend. I am now communicating with the malicious ex-friend’s router via Flash SOAP requests and I would really like to change this person’s DNS servers. Bad I know, but my friend claims her life is getting ruined. I am having trouble finding an API for SOAP communication with routers – specifically a 3COM OfficeConnect.

For justice!

By: WiFi Ownage | GNUCITIZEN

WiFi Ownage | GNUCITIZEN — Thu, 07 Feb 2008 11:00:18 +0000

[...] router and changed the primary DNS server through many of the available methods in the wild, like UPnP hacking, [...]

By: UPnP: The Saga Continues | GNUCITIZEN

UPnP: The Saga Continues | GNUCITIZEN — Sun, 20 Jan 2008 20:35:33 +0000

[...] already covered what UPnP is and how it works in most basic form. We’ve also showed how it can be exploited [...]

By: And Go it Does: CSRF « Reasons to Fear the Matrix

And Go it Does: CSRF « Reasons to Fear the Matrix — Fri, 18 Jan 2008 20:16:30 +0000

[...] a side note, the security issues raised by GnuCitizen about the use of UPnP (Universal Plug and Play) are quite more interesting. Of course, you have to be on the local [...]

By: Pericoloso bug per Flash e Excel :: News Orebla.it

Pericoloso bug per Flash e Excel :: News Orebla.it — Wed, 16 Jan 2008 13:26:26 +0000

[...] pubblicato dai due ricercatori (vedi articolo) si evince come il problema non sia localizzato in una mancanza di validazione da parte di Apple [...]

By: סדקים » בעית האבטחה שמאיימת על כ-ו-ל-ם

סדקים » בעית האבטחה שמאיימת על כ-ו-ל-ם — Tue, 15 Jan 2008 18:32:04 +0000

[...] כדי לזרז את הטיפול בנושא. בחודש האחרון הם חקרו ופרסמו מספר מאמרים העוסקים בנושא כהכנה לגילוי. הצמד גילה שניתן ליצור קבצי [...]

By: rizki

rizki — Tue, 15 Jan 2008 10:25:13 +0000

how to hacking in the syistem

By: G-Brain

G-Brain — Sun, 13 Jan 2008 11:47:58 +0000

“Home Wirless”. An excellent article nonetheless.

By: Hacking The Interwebs | GNUCITIZEN

Hacking The Interwebs | GNUCITIZEN — Sat, 12 Jan 2008 12:57:28 +0000

[...] the last week we’ve tried to prepare you for this very moment by exposing bits and pieces on how UPnP works and why it is so important to keep it in mind when testing and securing networks. [...]

By: Adrian Pastor

Adrian Pastor — Fri, 11 Jan 2008 00:26:26 +0000

@zmx – Plug-and-Play Tester – like other upnp tools – are very handy for reverse-engineering the protocol. make a config change with the tool while sniffing the traffic. once the SOAP request is captured is trivial to convert to XHR() for remote exploitation.

@agent0×0 – you definitely made me want to test UPnP attacks on consoles. Nice idea as I’m sure they use UPnP stacks that can also be found on other devices besides gaming consoles.

By: ambient » Some links from today

ambient » Some links from today — Thu, 10 Jan 2008 21:25:55 +0000

[...] Hacking with UPNP [...]

By: pdp

pdp — Thu, 10 Jan 2008 16:25:16 +0000

definitely a risk, I must say. we haven’t done any research on UPnP enabled consoles although I am sure that there might be a lot of interesting stuff to play with. To give you a hint, certain printers allow you to do a lot more through UPnP then the Web interface ;)

By: agent0x0

agent0x0 — Thu, 10 Jan 2008 15:59:29 +0000

Good stuff guys! I am concerned with all these “media server” devices and clients that auto enable UPnP…I know many people are sticking 360’s and PS3’s out on their Internet Gateway so they can play multiplayer games easier…perhaps video game consoles with UPnP enabled is a growing attack vector along with the devices you mentioned. Have you done any research with UPnP and consoles like the Xbox 360 or PS3?