pwnat

pwnat, pronounced 'poe-nat', is designed for NAT to NAT client-server communication. It allows any number of clients behind NATs to communicate with a server behind a separate NAT without the need for port forwarding or DMZ configuration on any routers. The server does not need prior knowledge of the clients attempting to connect, making it highly flexible for scenarios where direct access is blocked by NAT traversal issues.

Use cases include establishing connections in environments with strict firewall rules or symmetric NATs that typically prevent inbound connections. It's particularly useful for penetration testing, remote access, or any situation requiring peer-to-peer communication across NAT boundaries without third-party STUN/TURN servers.

The tool operates in client or server mode, leveraging UDP for proxying TCP connections, enabling seamless communication where standard TCP punching fails.

pwnat uses UDP-based hole punching techniques to establish connectivity between endpoints behind NATs. The server listens on a UDP port, and clients connect via UDP to the server's public IP/port, creating NAT mappings. It proxies TCP connections over these UDP mappings, allowing TCP traffic to traverse NATs without port forwarding. The protocol handles prediction of NAT mapping behaviors, supporting various NAT types including symmetric NATs.