I didn't have time to read all the comments (or the brain cells to digest them), but there's a discussion here: https://news.ycombinator.com/item?id=24955891
-----Original Message----- From: AF <af-boun...@af.afmug.com> On Behalf Of fiber...@mail.com Sent: Sunday, November 1, 2020 9:23 AM To: af@af.afmug.com Subject: Re: [AFMUG] NAT Slipstreaming - or how to attack any internal host behind NAT The URL points to the security researcher's writeup on the attack and the page contains a link to proof of concept source code on github. > Sent: Sunday, November 01, 2020 > From: "Robert" <i...@avantwireless.com> > To: af@af.afmug.com > Subject: Re: [AFMUG] NAT Slipstreaming - or how to attack any internal host behind NAT > > Was that site a source of the "evil javascript"? > > On 11/1/20 5:39 AM, fiber...@mail.com wrote: > > Synopsis: NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim's NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website. > > > > https://samy.pl/slipstream/ > > > > > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
