6 野に咲く名無し@転載禁止 2024/07/19 (金) 02:31:21.362 ID:???-183860010219
Port Shadow Attack Allows VPN Traffic Interception, Redirection
https://www.securityweek.com/port-shadow-attack-allows-vpn-traffic-interception-redirection/
The Port Shadow attack enables threat actors to target others who are using the same VPN server. Specifically, VPN servers have a shared resource called a port, with each connection being assigned to a port.
According to the researchers, an attacker can “shadow their own information on a victim’s port as a shared resource”.
“By carefully crafting packets from within the attacker’s own connection to the VPN server and from a remote Internet location controlled by the attacker, it is possible to carry out attacks on other VPN users who are using the same VPN server in a manner that is very similar to the attacks that could be carried out on shared WiFi,” they explained.
The researchers demonstrated how an attacker can leverage Port Shadow to act as an in-path router between the targeted user and the VPN server, enabling them to intercept and redirect encrypted traffic, deanonymize a VPN peer, and conduct port scans.