https://github.com/ValtteriL/UPnProxyChain
从 UPnProxy 易受攻击的设备中创建 SOCKS 代理服务器的工具
使用方法:
_ _ ___ ___ ___ _ _| | | | _ _ _ | _ _ _ _____ ___ _ / *| |* __ *(*) _| |_| | _/ ' | */ '*/ _ \ \ / || | (__| ' / _` | | ' \ */|*| ||||*| |*| ***/***, |***|*****||***,*|*|*||_| |__/ Author: Valtteri Lehtinen [[email protected]](mailto:[email protected]) Writeup: [https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/](https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/)usage: [upnproxychain.py](http://upnproxychain.py) [-h] [-p PORT] [-l LISTENADDRESS] [-c] [-v] host [host ...]A SOCKS proxy server that forwards traffic through a chain of exposed WANIP- or WANPPPConnection UPnP servicespositional arguments: host hosts to use as proxy chain links in orderoptional arguments: -h, --help show this help message and exit -p PORT, --port PORT port for SOCKS proxy to listen on -l LISTENADDRESS, --listenaddress LISTENADDRESS address for SOCKS proxy to listen on -c, --check only check for UPnProxy vulnerability -v, --verbose increase output verbosity通过单主机代理:
# start proxy./upnproxychain.py <IP># use the proxy to curl example.comcurl socks5h://localhost:1080 http://example.com通过多个主机代理:
# start proxy./upnproxychain.py <IP1> <IP2> <IP3> <IP4> <IP5># use the proxy to curl example.comcurl socks5h://localhost:1080 http://example.com
检查主机是否存在漏洞:
./upnproxychain.py -v -c <IP>侵权请私聊公众号删文
热文推荐
文章来源: http://mp.weixin.qq.com/s?__biz=MzUyMTA0MjQ4NA==&mid=2247539932&idx=1&sn=928a3ad490fbae2778579ae2ceb2290e&chksm=f9e33387ce94ba91fc7acc9a97b34d29d8a13182bed14379e26a1d85a3ab7314be4ba39a0393#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh