Script hnap-info

Script types: portrule
Categories: safe, discovery, default, version
Download: https://svn.nmap.org/nmap/scripts/hnap-info.nse

Script Summary

Retrieve hardwares details and configuration information utilizing HNAP, the "Home Network Administration Protocol". It is an HTTP-Simple Object Access Protocol (SOAP)-based protocol which allows for remote topology discovery, configuration, and management of devices (routers, cameras, PCs, NAS, etc.)

Script Arguments

slaxml.debug

See the documentation for the slaxml library.

http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script hnap-info -p80,8080 <target>

Script Output

PORT     STATE SERVICE    REASON
8080/tcp open  http-proxy syn-ack
| hnap-info:
|   Type: GatewayWithWiFi
|   Device: Ingraham
|   Vendor: Linksys
|   Description: Linksys E1200
|   Model: E1200
|   Firmware: 1.0.00 build 11
|   Presentation URL: http://192.168.1.1/
|   SOAPACTIONS:
|     http://purenetworks.com/HNAP1/IsDeviceReady
|     http://purenetworks.com/HNAP1/GetDeviceSettings
|     http://purenetworks.com/HNAP1/SetDeviceSettings
|     http://purenetworks.com/HNAP1/GetDeviceSettings2
|     http://purenetworks.com/HNAP1/SetDeviceSettings2

Requires

• http
• table
• shortport
• stdnse
• slaxml
• nmap

---

Author:

• Gyanendra Mishra

License: Same as Nmap--See https://nmap.org/book/man-legal.html