Open Micraow opened 1 year ago
If the ICMP gets through, you can definitely deliver data in the data portion of the embedded packet inside the data portion of the ICMP (packetception!)
You will need to adjust pwnat to send ICMPs in reverse as well if the UDPs aren't getting through however.
If the UDP source port is being randomized on one side of the connection and that's causing the issue, I believe we can resolve this through another technique I've been considering which is to exploit the birthday paradox and I believe ~360 UDP packets (IP=20 bytes, UDP=8 bytes) from each side with the random port intentionally randomized should produce 99% likelihood of a collision, at which point the two sides will be able to communicate once the collision occurs. Still need to test and implement.
Thank you!
You will need to adjust pwnat to send ICMPs in reverse as well if the UDPs aren't getting through however.
I am interested in this, but I think I will start another project to imply it in a simpler way (maybe just send some text messages) since I have some difficulty modifying on your project due to my poor coding ability.
I'm considering using pwnat to punch hole between two symmetric NATs, but it seems that udp packets are not being delivered successfully. I was thinking that since we can send icmp response packets disguised as a hop to a device behind another NAT, could we deliver some data (like a text message) in this response packet?