Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: HNAP (was: New VA Modules: Nessus: 20)
From: Fyodor <fyodor () insecure org>
Date: Mon, 18 Apr 2011 14:37:26 -0700

On Mon, Apr 18, 2011 at 10:02:10AM -0700, New VA Module Alert Service wrote:

53471 os_fingerprint_hnap.nasl
http://nessus.org/plugins/index.php?view=single&id=53471
OS Identification : HNAP

I wasn't familiar with HNAP, which is the "Home Network Administration
Protocol".  It is an HTTP-Simple Object Access Protocol (SOAP)-based
protocol which allows for remote topology discovery, configuration,
and management of devices (routers, cameras, PCs, NAS, etc.)  It seems
to be Cisco sponsored.  Here are some details:

http://www.purenetworks.com/partners/hnap.php
http://www.cisco.com/web/partners/downloads/guest/hnap_protocol_whitepaper.pdf

Device discovery (and reconfiguration?) via HNAP might make a great
NSE script.  So I added it to the ideas list [1].  I also added one
for detecting and/or defeating HNAP security on D-Link devices with
the vulnerability described at [2].

Cheers,
Fyodor

[1] https://secwiki.org/w/Nmap/Script_Ideas
[2] http://www.sourcesec.com/2010/01/09/d-link-routers-one-hack-to-own-them-all/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault