Method 18: HNAP - Home Network Administration Protocol

0 Shields

The Home Network Administration Protocol was originally introduced (and patented) by Pure Networks, who were acquired by Cisco. It offers a way to externally manage a network device from a centralized console, which is handy when more than one device needs to be managed.

A number of flaws have been found with HNAP, and depending on its implementation, it can even be directly used by hackers to compromise a WiFi router. Even if the compromise flaws are corrected, the HNAP APIs can reveal a great deal about a router that can make a hacker’s job easier to figure out how to compromise the device. And it cannot be turned off.

As it currently stands, the HNAP service found on most WiFi routers cannot be disabled. It does, however, reveal a great deal about the WiFi router without requiring any authentication. This makes it a very dangerous feature when it comes to security and requires very little sophistication to exploit.

For the majority of home and small office users, WiFi routers definitely do not require a management API. Normally, these are used to consolidate management practices when more than one device needs to be managed, especially when they are geographically dispersed. This is not the typical deployment scenario for most home and small businesses.



What HNAP adds is another information source and entry point for hackers to try and exploit (increases the attack surface in security parlance). As the image depicts above, the hackers have free access to the type of WiFi router, the model, and even the firmware version. With this information, they can easily research possible attacks and weaknesses for the specific device.

Unfortunately, a number of WiFi routers and other network gear actually support this protocol. Why is this unfortunate? Because despite your best efforts to lock down your WiFi router, this little gem not only exposes all sorts of valuable information about your WiFi router that a hacker may find valuable, it may even provide a hacker entry into the device. Reports and research have shown that the protocol can be co-opted, in some cases, to completely circumvent all of the security settings and allow hackers to completely take control of the device. And there’s nothing you can do about it short of replacing the WiFi router with a model that doesn’t run HNAP.