New Variant of NAT Slipstreaming Attack Developed

Last year, Hackers Review wrote about a new method to bypass Network Address Translation (NAT) and firewalls, allowing remote access to TCP / UDP services on the victim's internal network. Known as NAT Slipstreaming, the attack uses a browser and Application Level Gateway (ALG) mechanism to track connections from firewalls, NATs, and routers.

Now security researchers from Armis detail describe a new variant of this attack, called NAT Slipstreaming 2.0, which can circumvent the protection of NAT Slipstreaming, as well as expanding the attacker action zone, allowing you to create the path to any device on the internal network of the victi

Embedded and unmanaged devices are at risk of attacks by allowing attackers to gain access to devices located on internal networks, experts say. Unmanaged devices are at greater risk because they are often weakly secured, they require little or no authentication to access data, and can contain various vulnerabilitie

Such devices can include printers accessible through the default printing protocol, industrial controllers using unauthenticated protocols, and IP cameras that have an internal web server protected by built-in credential

The new attack option allows you to connect to any destination port, completely bypassing the protections that browser manufacturers have introduced against NAT Slipstreaming. As before, the attacker needs to create a website with malicious code and then trick the victim into visiting the resources.

Previous Post Next Post