samyk / pwnat

The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind separate NATs without any 3rd party involvement. Pwnat is a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, DNS, router admin requirements, STUN/TURN/UPnP/ICE, or spoofing.
https://samy.pl/pwnat/
GNU General Public License v3.0
3.39k stars 486 forks source link

Does pwnat still work? #18

Open MrBruz opened 4 years ago

MrBruz commented 4 years ago

Does this still work reliably between two home networks?

stdjs commented 4 years ago

I don't know

samyk commented 4 years ago

This only works on some consumer routers now but not all. Many routers have stopped allowing the time exceeded ICMP packets out. You could test to see if the routers you're using allow those out or not, also if you reported what router and if it did or not, that would be great info.

groundstack commented 4 years ago

I was not successful also. In my case maybe never worked. My ISP assigns me a private IP. There are at least two NAT layers. I have tried pwnat at home and access from outside without luck. Any recommendation how to get by this?? I am trying to setup a vpn server at home. Thank you!

samyk commented 4 years ago

I'm working on a modernized version. Would be helpful if you could test some things for me. Can you share your router model and firmware version please? I can send you some commands privately to test some things as well if you email me directly at code@samy.pl. Thanks!

simonfelding commented 4 years ago

I'm interested too. Sent you an email.

lachesis commented 3 years ago

It does not work for me between a NAT behind EdgeRouter X and a NAT behind OpenWrt 19.07, unless I have made some sort of other firewall error along the way.

mrbluecoat commented 3 years ago

+1

I'm guessing the new tool is https://github.com/samyk/slipstream ?