ca4ti

UPnP Tomfoolery

Turns out, UPnP is terrible when it comes to security. The entire protocol exists to have devices easily find and connect to one another without any authentication at all. This is all good fun to poke around with. Here are a few tools and notes I've found along the way.

UPnP devices can be found by listening to UDP packets on port 1900. To actively discover these services on your network, send an HTTP M-SEARCH request to the default UDP mulicast address: 239.255.255.250.

There are some great Linux tools that make interfacing with all of these stuff a synch:

sudo apt update

Configure Git to use a proxy

In Brief

You may need to configure a proxy server if you're having trouble cloning or fetching from a remote repository or getting an error like unable to access '...' Couldn't resolve host '...'.

Consider something like:

On the host

Ensure these modules are loaded

cat /proc/sys/net/bridge/bridge-nf-call-iptables

Disable swap

sysctl vm.swappiness=0
swapoff -a

OpenWRT on x86_64

This is a very brief tutorial on getting OpenWRT installed on a regular computer, it assumes you know your way around Linux. If you find this and need additional details, please like, subscribe, and comm... oh wait this isn't youtube, just comment.

This is how I got OpenWRT going on a Mini ITX Intel DH67CF with an Intel G870 CPU with 4GB of RAM.

What You'll Need

2 USB Sticks
Linux Live ISO

	Run the following:

	iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
	iptables -A FORWARD -m pkttype --pkt-type multicast -j ACCEPT
	iptables -A OUTPUT -m pkttype --pkt-type multicast -j ACCEPT

	Or:

	iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
	iptables -A FORWARD -s 224.0.0.0/4 -d 224.0.0.0/4 -j ACCEPT

	#!/bin/bash
	#~/bin/upnpPortMapper.sh
	#sudo apt-get install miniupnpc
	#crontab -l \| grep upnp \|\| echo $(crontab -l ; echo '/5 * * * ~/bin/upnpPortMapper.sh >/dev/null 2>&1') \| crontab -

	export LC_ALL=C
	router=$(ip r \| grep default \| cut -d " " -f 3)
	gateway=$(upnpc -l \| grep "desc: http://$router:[0-9]*/rootDesc.xml" \| cut -d " " -f 3)
	ip=$(upnpc -l \| grep "Local LAN ip address" \| cut -d: -f2)

	admin:
	access_log_path: /tmp/admin_access.log
	address:
	socket_address:
	address: 127.0.0.1
	protocol: TCP
	port_value: 9901
	static_resources:
	listeners:
	- name: listener_0

	CREATE TABLE `cel` (
	`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
	`eventtype` VARCHAR(30) COLLATE utf8_unicode_ci NOT NULL,
	`eventtime` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
	`userdeftype` VARCHAR(255) COLLATE utf8_unicode_ci NOT NULL,
	`cid_name` VARCHAR(80) COLLATE utf8_unicode_ci NOT NULL,
	`cid_num` VARCHAR(80) COLLATE utf8_unicode_ci NOT NULL,
	`cid_ani` VARCHAR(80) COLLATE utf8_unicode_ci NOT NULL,
	`cid_rdnis` VARCHAR(80) COLLATE utf8_unicode_ci NOT NULL,
	`cid_dnid` VARCHAR(80) COLLATE utf8_unicode_ci NOT NULL,

	#!/bin/bash

	#
	# template script for generating CentOS container for LXC
	#

	#
	# lxc: linux Container library

	# Authors:


	Few day ago we showed you how to install Webmin on Ubuntu 14.10. This brief tutorial is going to show you how to install the same Webmin on a CentOS 7 machine.

	For those who don’t know, Webmin is a web-based tool to mange every aspect of your Unix-like systems. From creating new accounts to managing file permissions to installing applications and services, Webmin allows you to perform all these tasks easily from any modern web browser.

	Instead of using the command line console or terminal, new systems administrators could install Webmin and perform all system management from via a web browser without sacrificing time and efforts. Webmin also enables remotely management of your servers.

	Before you continue with the installation, please make sure you have root level permissions to your system. If you don’t have root access the installation may fail.