UPn代理链(SOCKS 代理服务器的工具)
2022-12-28 00:1:39 Author: LemonSec(查看原文) 阅读量:14 收藏

https://github.com/ValtteriL/UPnProxyChain

从 UPnProxy 易受攻击的设备中创建 SOCKS 代理服务器的工具

使方法

_   _ ___      ___                   ___ _         _| | | | _ _ _ | _ _ _ _____ ___  _ / *| |*  __ *(*) _| |_| |  _/ ' |  */ '*/ _ \ \ / || | (__| ' / _` | | ' \  */|*| ||||*| |*| ***/***, |***|*****||***,*|*|*||_|    |__/  Author: Valtteri Lehtinen [[email protected]](mailto:[email protected])  Writeup: [https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/](https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/)usage: [upnproxychain.py](http://upnproxychain.py) [-h] [-p PORT] [-l LISTENADDRESS] [-c] [-v] host [host ...]A SOCKS proxy server that forwards traffic through a chain of exposed WANIP- or WANPPPConnection UPnP servicespositional arguments:  host                  hosts to use as proxy chain links in orderoptional arguments:  -h, --help            show this help message and exit  -p PORT, --port PORT  port for SOCKS proxy to listen on  -l LISTENADDRESS, --listenaddress LISTENADDRESS    address for SOCKS proxy to listen on  -c, --check           only check for UPnProxy vulnerability  -v, --verbose         increase output verbosity

通过单主机代理:

# start proxy./upnproxychain.py <IP># use the proxy to curl example.comcurl socks5h://localhost:1080 http://example.com

通过多个主机代理:

# start proxy./upnproxychain.py <IP1> <IP2> <IP3> <IP4> <IP5>
# use the proxy to curl example.comcurl socks5h://localhost:1080 http://example.com

检查主机是否存在漏洞

./upnproxychain.py -v -c <IP>

侵权请私聊公众号删文

 热文推荐  

欢迎关注LemonSec
觉得不错点个“赞”、“在看“

文章来源: http://mp.weixin.qq.com/s?__biz=MzUyMTA0MjQ4NA==&mid=2247539932&idx=1&sn=928a3ad490fbae2778579ae2ceb2290e&chksm=f9e33387ce94ba91fc7acc9a97b34d29d8a13182bed14379e26a1d85a3ab7314be4ba39a0393#rd
如有侵权请联系:admin#unsafe.sh