Script `eap-info`

Script types: prerule
Categories: broadcast, safe
Download: https://svn.nmap.org/nmap/scripts/eap-info.nse

Script Summary

Enumerates the authentication methods offered by an EAP (Extensible Authentication Protocol) authenticator for a given identity or for the anonymous identity if no argument is passed.

Script Arguments

eap-info.identity: Identity to use for the first step of the authentication methods (if omitted "anonymous" will be used).
eap-info.scan: Table of authentication methods to test, e.g. { 4, 13, 25 } for MD5, TLS and PEAP. Default: TLS, TTLS, PEAP, MSCHAP.
eap-info.timeout: Maximum time allowed for the scan (default 10s). Methods not tested because of timeout will be listed as "unknown".
eap-info.interface: Network interface to use for the scan, overrides "-e".

Example Usage

nmap -e interface --script eap-info [--script-args="eap-info.identity=0-user,eap-info.scan={13,50}"] <target>

Script Output

Pre-scan script results:
| eap-info:
| Available authentication methods with identity="anonymous" on interface eth2
|   true     PEAP
|   true     EAP-TTLS
|   false    EAP-TLS
|_  false    EAP-MSCHAP-V2

Requires

Author:

Riccardo Cecolin

License: Same as Nmap--See https://nmap.org/book/man-legal.html

Script eap-info

Script Summary

Script Arguments

Example Usage

Script Output

Requires

Script `eap-info`