CallStranger - Exploitable UPnP vulnerability in millions of devices
8 hours ago, BlueScope819 said:Could someone possibly make an "idiots guide to scanning your local network"? This is my first time using Python, I just tried and windows CLI told me python3 was not a command that existed. Thanks.
HA! I got it working natively under Windows 10.
It all starts with:
1) Download the python script from https://github.com/yunuscadirci/CallStranger/archive/master.zip
2) Unpack it into a directory of your choice.
WINDOWS 10 natively:
Use these steps:
3) Install Python 3.8 from the Microsoft Store.
4) Open a PowerShell or cmd (I used an Administrator PowerShell for this, but I am not sure whether you really need it).
5) Install PIP using the Script provided here:https://www.liquidweb.com/kb/install-pip-windows/
6) Execute the following commands on the shell:
cd [to the directory called "CallStranger-master"] pip install --upgrade pip pip install -r requirements.txt python3 setup.py install --local python3 CallStranger.py
see COMMON NOTES... below when the script does not detect anything on the first run.
WINDOWS 10 using Cygwin:
(Alternatively) It IS possible to run that script on a Windows machine, but ... well ... it uses a Linux subsystem ^_^; You can use Cygwin for that, see https://www.cygwin.com/.
3) Download the Cygwin setup program: https://www.cygwin.com/setup-x86_64.exe
4) Follow instructions and when selecting packages to install, select the following additional packages:
* cygwin-gcc-core
* python36-devel
* python36-pip
* python36-cffi
* python36-openssl
* mingw64-x86_64-openssl
* libffi-devel
(I hope I didn't miss anything here.)
Setup your Python stuff:
5) Open the freshly installed Cygwin Shell (Called Cygwin64 Terminal in the Start Menu).
6) enter the following:
cd [into the directory "CallStranger-master" you unpacked from the zip above. That might start with /cygdrive/c/ under cygwin!] pip3 install --upgrade pip pip3 install -r requirements.txt python3 setup.py install python3 CallStranger.py
see COMMON NOTES... below when the script does not detect anything on the first run.
Windows 10 using WSL / WSL 2:
The WSL for Windows will NOT work because it is usually configured as a virtual machine with a NAT so the Linux there will run on another encapsuled network. If you know how to run WSL in the same network of the windows machine, you're good to go.
Windows 10 using VMWare Player (or similar):
Another possibility would be to run a Linux in a VM that a free tool like VMWare Player provides. The only thing to remember here is to connect this VM directly to your network via "bridge" and avoid using NAT.
When Linux is installed, temporarily stop your firewall with
sudo systemctl stop firewalld
or it might block all UPnP access from within your Linux VM.
COMMON NOTES FOR ALL OF THE ABOVE:
The first run of the CallStranger.py will likely NOT provide you with any results. Try to connect with your windows machine to at least one UPnP enabled device and then run CallStranger.py again. (The UPnP device that did the trick for me was my minidlna service on my Linux server. I connected my VLC Player to it and played some music while CallStranger.py was running).
Hth,
questargon
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now