Get full access to Nmap: Network Exploration and Security Auditing Cookbook - Second Edition and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

How to do it...

Huawei HG5xx routers reveal sensitive information when they receive a special packet to UDP port 43690. This vulnerability caught my attention because this is a very popular device, worked remotely, and obtains interesting information such as the PPPoE credentials, MAC address, and exact software/firmware version. Let's write a script to exploit these devices:

To start, create the file huawei-hg5xx-udpinfo.nse and define the required information tags:

   description=[[    Tries to obtain the PPPoE credentials, MAC address, firmware        version and IP information of the aDSL modems    Huawei Echolife 520, 520b, 530 and possibly others by exploiting       an information disclosure vulnerability via UDP.  The script works by sending a crafted ...

Get Nmap: Network Exploration and Security Auditing Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now