How to use UPnP in Python?

There is a port that I want open to the outside. By default, on the computer all ports are open, but outside of their blocking 1 or 2 routers(with UPnP support — otherwise how would Skype work, or torrent?).

Accordingly, it is not clear — what has to be done in code, not to do the port forwarding on the router, and the port, which is expected to connect from the outside, has been opened(was proposalsa) itself.
October 8th 19 at 02:58
1 answer
October 8th 19 at 03:00
For example here (miranda-upnp) to see how it works. In downloads/ have readme.html which shows how to create a portmappinga.
And then you can use this library (pyupnp) to implement the portmappinga in the program.
But I hope that including (or rather not turning off) the UPnP on the router you're aware of the vulnerability, which is already more than four years (for example 1, 2) and which may just open your network to the attacker with a simple visit to the website with the flash? - oswaldo_Schulist commented on October 8th 19 at 03:03
Cool. And what exactly is a vulnerability to use my computer, to transfer data while I'm looking at this flash movie? Well, not high I will send a couple of packages — why not? :) - orin60 commented on October 8th 19 at 03:06
The links explains what you can do. The effect will be permanent, as using UPnP you can control the device, the roller needs to run once all the settings that he made will remain until you reboot the router. For example you have RDP enabled (SSH, FTP, substitute his own) to from the kitchen to the bathroom not to go... Flash can do portforwarding 3389 (22, 21, any) port and your "RDP" will be exhibited in the world, and you can brute force and gain access to the internal machine. (Although you are sure that the firewall of the router she's not in danger).

From the second link (translated for convenience):
The following is possible with UPnP:
  • portmap internal services on the external interface (port forwarding)
  • portmap web interface of the router on the external interface (allows you to brute-force thinking webcam the router from the Internet)
  • portmap to any external address (helps the attacker to hide your IP when attacks on external address. It sends packets to your router and promplty port, and your router from their IP forwards packets to the host of the victim)
  • substitution of DNS servers (useful if the router at the same time the DHCP server allows to redirect requests to a thread bank.com to the attacker's server).
  • change administrative passwords on the router
  • to change the connection settings PPP
  • to change IP settings on all interfaces
  • change the WiFi settings
  • to break the connection


It's more for the paranoid, but better to know what you can potentially do with this Protocol.
And need to choose between "Yes to whom I need nafig" and safety :) - oswaldo_Schulist commented on October 8th 19 at 03:09
Very useful, however. Thanks for the translation.
I'll have to figure out how to compose a flash banner. :) - orin60 commented on October 8th 19 at 03:12

Find more questions by tags Universal Plug and Play