Fri 7 Nov, 2008
Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities. Some of its features include:
- Interactive shell with tab completion and command history
- Passive and active discovery of UPNP devices
- Customizable MSEARCH queries (query for specific devices/services)
- Full control over application settings such as IP addresses, ports and headers
- Simple enumeration of UPNP devices, services, actions and variables
- Correlation of input/output state variables with service actions
- Ability to send actions to UPNP services/devices
- Ability to save data to file for later analysis and collaboration
- Command logging
Miranda was built on and for a Linux system and has been tested on a Linux 2.6 kernel with Python 2.5. However, since it is written in Python, most functionality should be available for any Python-supported platform. Miranda has been tested against IGDs from various vendors, including Linksys, D-Link, Belkin and ActionTec. All Python modules came installed by default on a Linux Mint 5 (Ubuntu 8.04) test system.
For more information about UPNP, visit the UPNP Forum. For information regarding UPNP vulnerabilities, see UPNP Hacks and GNUCitizen.
Download Miranda!
7 Responses to “Miranda UPNP Administration Tool”
Leave a Reply
You must be logged in to post a comment.
hake says:
Anyone using Miranda under Windows XP? Miranda.py won’t run because of unresolved references, e.g. IN.
I installed ActivePython-2.5.2.2-win32-x86. Is there something in the Linux implementation that is missing in Windows? I’m not Python literate so perhaps I’m missing something.
Miranda would be most useful to check router security for me and my friends who need UPNP enabled router operation for Live Messenger use.
craig says:
hake,
I just tested Miranda out on a WinXP box. The IN module is not needed for Windows, so you could change the ‘import IN,urllib,urllib2′ line to read ‘import urllib,urllib2′. However, Windows apparently doesn’t have a readline module either (gah!), which Miranda uses for its command shell. I tried a “windows alternative” readline module, but it doesn’t support tab completion correctly and seems to hang.
We’ll keep working on this and hopefully have something working in Windows by tomorrow; stay posted.
hake says:
Thanks Craig. I will look out for your mods. Miranda looks like a most useful tool. The subject of UPNP security in routers is almost completely elusive. Hardly anyone knows anything about it. Raise the issue in forums and the result is silence.
It will be fascinating to test my preferred router boxes (BT Voyager 2100 and Viking chipped Solwise SAR110 and SmartAX MT882) with your software.
My present defence is based on blocking the IP address of the router (using Agnitum Outpost Firewall Pro and the associated BlockPost plugin) and extremely strong password.
cheffner says:
hake,
OK, so this took a little longer than expected. Your particular error can be resolved by removing the IN module from the imports, but it appears that Windows also does not have a readline module (which is used to do the tab completion and get user input). I tried a readline Windows alternative (http://newcenturycomputers.net/projects/readline.html), but tab completion does not work and it seems to hang when performing the msearch/pcap commands. You can try it out if you want, but until we find a decent readline alternative, you might want to use one of the shareware UPNP tools available for Windows. I haven’t used any of them, so I can’t vouch for them personally.
FYI, we have had reports that Miranda works fine in Mac OSX 10.
sm says:
Just used the tool in Windows XP.
For readline installed module from here:
http://sourceforge.net/project/showfiles.php?group_id=82407&package_id=84552&release_id=302776
Then it needed win32con, and I installed module form here:
http://sourceforge.net/project/platformdownload.php?group_id=78018
Now testing …
craig says:
Thanks a lot for the suggestions sm; the readline from UNC tools that you linked to seems to work better than the one that I initially tried, but still not 100%. It tab completes properly on some commands but not others, and it still seems to hang when you run the msearch or pcap commands. This likely is a readline issue as well, since the cmdCompleter class is updated with new info when new hosts are discovered. I’ll have to look into it a little deeper…
Miranda - UPNP Administration and Audit Tool » IHackedThisBox Blog says:
[...] To keep updated with the tool visit the project’s homepage at: http://www.sourcesec.com/2008/11/07/miranda-upnp-administration-tool/ [...]