hnapEver since the discovery of the Linksys “Moon” worm that relies on HNAP, many people have been interested in this protocol. What is it? What is it vulnerable to?

HNAP orĀ Home Network Administration Protocol was developed by Pure Networks for their Network Magic product – a system to make managing home networks more easily. This company was sold to Cisco in 2008 who used the protocol and product for their solutions for Linksys devices.

HNAP is based on SOAP, and can be used by systems to get information about devices on the network. HNAP enabled devices respond to queries with information about the status of the services that they expose to the network. This allows tools like Network Magic to make it easier for home users to manage their networks.

HNAP does have some security implications. It’s not a very secure protocol – it simply uses HTTP Basic Authentication to control messages between devices. A more in-depth explanation of HNAP’s vulnerabilities can be found here.

But vulnerabilities aren’t even what makes HNAP interesting to hackers now. It’s the fact that it provides a simple way to get information about the devices on a network and what they’re capable of doing. After doing a little bit of reconnaissance work and knowing what he’s dealing with, a hacker can then determine the vulnerabilities available to him and then launch his attack.

Cisco discontinued Network Magic in August 2012. It’s interesting to notice that most technical documentation about this once important protocol has been deleted from the internet since then.