Nmap Development mailing list archives

nmap nat-pmp-info script not working with Fritz!Box

From: Arne Eickenberg <eickenberg () verklangwelt de>
Date: Tue, 23 Feb 2016 18:00:51 +0100

Hello,

I'm trying to run nmap to discover the WAN IP from the router. The router itself is a Fritz!Box 7490 (latest OS), 
NAT-PMP compatible, UPnP activated.

The command I'm running is the following:

$ sudo nmap -sU -p 5351 --script=nat-pmp-info 192.168.178.1 -v

This is the standard command from the nmap documentation, only with the added -v option. However, the WAN IP is not 
mentioned in the nmap output (see below), even though the router is NAT-PMP compatible.

###
$ sudo nmap -sU -p 5351 --script=nat-pmp-info 192.168.178.1 -v
Password:

Starting Nmap 7.01 ( https://nmap.org ) at 2016-02-23 17:52 CET
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 17:52
Completed NSE at 17:52, 0.00s elapsed
Initiating ARP Ping Scan at 17:52
Scanning 192.168.178.1 [1 port]
Completed ARP Ping Scan at 17:52, 0.01s elapsed (1 total hosts)
Initiating UDP Scan at 17:52
Scanning fritz.box (192.168.178.1) [1 port]
Discovered open port 5351/udp on 192.168.178.1
Completed UDP Scan at 17:52, 0.01s elapsed (1 total ports)
NSE: Script scanning 192.168.178.1.
Initiating NSE at 17:52
Completed NSE at 17:52, 0.00s elapsed
Nmap scan report for fritz.box (192.168.178.1)
Host is up (0.0031s latency).
PORT     STATE SERVICE
5351/udp open  nat-pmp
MAC Address: 34:xx:xx:xx:xx:xx (AVM GmbH)

NSE: Script Post-scanning.
Initiating NSE at 17:52
Completed NSE at 17:52, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.35 seconds
           Raw packets sent: 2 (58B) | Rcvd: 2 (58B)
###

The command dns-sd -X does print the WAN IP, so imho the router can't be the problem. (?)

###
$ dns-sd -X
DATE: ---Tue 23 Feb 2016---
17:54:29.842  ...STARTING...
Timestamp     if   External Address     Protocol        Internal Port   External Port   TTL
17:54:29.843  0    77.xxx.xxx.xxx       0               0               0               0
###

Best wishes,
Arne Eickenberg

Attachment: smime.p7s
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nmap nat-pmp-info script not working with Fritz!Box Arne Eickenberg (Feb 25)
- Re: nmap nat-pmp-info script not working with Fritz!Box Arne Eickenberg (Feb 25)
- Re: nmap nat-pmp-info script not working with Fritz!Box Gisle Vanem (Feb 25)
- Re: nmap nat-pmp-info script not working with Fritz!Box Daniel Miller (Mar 07)