Last year s slipstream technique revived to pierce vulnerable firewalls – browsers patched to thwart bypass attempts Share
Copy
Video Ben Seri and Gregory Vishnepolsky, threat researchers at Armis, have found a way to expand upon the NAT Slipstream attack disclosed last year by Samy Kamkar, CSO of Openpath Security.
The original NAT Slipstream potentially allowed a miscreant to access any TCP/UDP service tied to a victim s machine by bypassing the victim s NAT (Network Address Translation) and firewall defenses. It can be triggered via JavaScript code on a malicious website.
NAT Slipstream v2 takes the technique further by allowing a hacker to penetrate a vulnerable NAT/firewall and reach any internal IP on the network, rather than just the IP address of the victim s device.