Jump to content



Photo

Test your router to see if its vulnerable to the UPnP Exploit.

upnpvulnerabilitytest

  • Please log in to reply
75 replies to this topic

#1 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 03 February 2013 - 18:08

As of recently it has been discovered that most routers expose UPnP to the outside world, which is not good at all. This allows attackers "from the internet" to open ports in your routers.

https://community.ra...nplug-dont-play


It is recommended you DISABLE UPnP in your router. Below is a test to see if your router is vulnerable. Steve Gibson, the creator of the very popular "Shields-up" which scans your IP for open ports in your router has recently added a test for the upnp vulnerability. Simply click the link then click the "proceed" button. You will then see a button for the UPnP test. Good luck!


The Test

https://www.grc.com/x/ne.dll?bh0bkyd2


#2 MiniMeSorinel

MiniMeSorinel

    I aim to misbehave.

  • Joined: 27-October 05
  • Location: Bucuresti, ROU
  • OS: Windows 8.1 Pro
  • Phone: Nokia Lumia 520

Posted 03 February 2013 - 18:15

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!


Guess that's a good thing...

#3 tsupersonic

tsupersonic

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 30-September 06
  • Location: New York
  • OS: Win. 8.1 Pro. x64
  • Phone: Nexus 5 16 GB

Posted 03 February 2013 - 18:17

Guess that's a good thing...

Got the same results

#4 OP +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 03 February 2013 - 18:18

Yes.. Those are good results :)

#5 Detection

Detection

    Detecting stuff...

  • Joined: 30-October 10
  • Location: UK
  • OS: 7 SP1 x64

Posted 03 February 2013 - 18:20

I have uPnP enabled but still fine (Expected as much with DD-WRT though)

Posted Image

#6 LUTZIFER

LUTZIFER

    Resident Evil

  • Joined: 09-January 02
  • Location: Vancouver Island, BC CANADA
  • OS: Windows 8.1 Pro
  • Phone: Google Nexus 4

Posted 03 February 2013 - 18:20

Been a long time since I've last been to that site. It's been around for many many years.

I tried that test...

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!

#7 pes2013

pes2013

    Neowinian

  • Joined: 24-September 12

Posted 03 February 2013 - 18:20

It is recommended you DISABLE UPnP in your router.

No; It is recommened that you get a good router. I have UPnP on my router enabled and

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!


So either I have a good router or the test sucks.

#8 nyolc8

nyolc8

    Neowinian

  • Joined: 25-May 07
  • Location: Budapest, Hungary
  • OS: OSX Mavericks 10.9.1, Windows 8.1 Pro WMC
  • Phone: Nokia Lumia 520

Posted 03 February 2013 - 18:21

I have UPnP enabled all the time and the result is:

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!


#9 OP +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 03 February 2013 - 18:22

I have uPnP enabled but still fine (Expected as much with DD-WRT though)

Posted Image


Correct this is a route test, not a computer test.

#10 +Livin in a box

Livin in a box

    Oh man. I shot Marvin in the face.

  • Tech Issues Solved: 2
  • Joined: 03-January 09
  • Location: Warrington, UK
  • OS: Windows 8.1
  • Phone: HTC One

Posted 03 February 2013 - 18:22

THE EQUIPMENT AT THE TARGET IP ADDRESS
ACTIVELY REJECTED OUR UPnP PROBES!

Yay!

#11 ajua

ajua

    Neowinian Senior

  • Joined: 12-February 07
  • Location: Mexico

Posted 03 February 2013 - 18:26

It's only recommended to disable UPnP on your routers if they don't pass that test, which means they are exposing you to the outer world.

Just passed the test on three touters with UPnP enabled. Two of them are running DD-WRT.

upnp.png

#12 Pupik

Pupik

    Neowinian Senior

  • Joined: 09-December 05

Posted 03 February 2013 - 18:28

upnp enabled on wr841nd.
"THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!"

#13 OP +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 03 February 2013 - 18:32

I disable it anyway. The fact that UPnP, by design, lets any application communicate with the router and open ports should make any security conscious user uneasy.

#14 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows Embedded Standard 8 & Server 2012/08 Datacenter
  • Phone: Nokia Lumia 920

Posted 03 February 2013 - 18:33

THE EQUIPMENT AT THE TARGET IP ADDRESS
ACTIVELY REJECTED OUR UPnP PROBES!

Cisco IOS FTW

#15 trek

trek

    7 / X

  • Joined: 11-August 02
  • Location: Vancouver, Canada

Posted 04 February 2013 - 08:12

THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!

Why would you disable uPnP anyways? It allows internal hosts to dynamically open ports like XBL or PSN for gaming and voice. Without it you'd have to manually open every single port those services and similar ones use. Just keep your internal hosts clean.



Click here to login or here to register to remove this ad, it's free!