Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Trying to figure out what a weird device on my network was - turns out it was my FIL's LG soundbar

Trying to figure out what this thing is:

$ nmap -A -T4 -Pn 10.99.98.97 2>/dev/null                                                  

Starting Nmap 7.60 ( https://nmap.org ) at 2020-10-07 16:34 NZDT
Nmap scan report for 10.99.98.97
Host is up (0.0038s latency).
Not shown: 997 filtered ports
PORT      STATE SERVICE         VERSION
8008/tcp  open  http            Google Chromecast httpd
|_http-title: Site doesn't have a title (text/html).
8009/tcp  open  ssl/ajp13?
|_ajp-methods: Failed to get a valid response for the OPTION request
| ssl-cert: Subject: commonName=62079806-1072-38a0-a1bf-aa84c1858e34
| Not valid before: 2020-10-06T11:54:29
|_Not valid after:  2020-10-08T11:54:29
|_ssl-date: 2020-10-07T03:35:58+00:00; 0s from scanner time.
10001/tcp open  ssl/scp-config?
|_ssl-date: 2020-10-07T03:35:58+00:00; 0s from scanner time.
Service Info: Device: media device

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 122.01 seconds

Aha! Looks like a Google Chromecast. I went round and unplugged the two Chromecasts I knew about (I should have done this a long time ago) - but the device still showed.

Cue some Googling (actually, DDGing), and figured out I could probe ssdp :

$ curl http://10.99.98.97:8008/ssdp/device-desc.xml    
<?xml version="1.0"?>
<root xmlns="urn:schemas-upnp-org:device-1-0">
  <specVersion>
    <major>1</major>
    <minor>0</minor>
  </specVersion>
  <URLBase>http://10.99.98.97:8008</URLBase>
  <device>
    <deviceType>urn:dial-multiscreen-org:device:dial:1</deviceType>
    <friendlyName>Sound Bar</friendlyName>
    <manufacturer>LG Electronics</manufacturer>
    <modelName>LG Soundbar SK9</modelName>
    <UDN>uuid:deadb33f</UDN>
    <iconList>
      <icon>
        <mimetype>image/png</mimetype>
        <width>98</width>
        <height>55</height>
        <depth>32</depth>
        <url>/setup/icon.png</url>
      </icon>
    </iconList>
    <serviceList>
      <service>
        <serviceType>urn:dial-multiscreen-org:service:dial:1</serviceType>
        <serviceId>urn:dial-multiscreen-org:serviceId:dial</serviceId>
        <controlURL>/ssdp/notfound</controlURL>
        <eventSubURL>/ssdp/notfound</eventSubURL>
        <SCPDURL>/ssdp/notfound</SCPDURL>
      </service>
    </serviceList>
  </device>
</root>

Bloody hell.

@cam8001

This comment has been minimized.

Copy link
Owner Author

@cam8001 cam8001 commented Mar 21, 2021

Similarly for a Sonos:

nmap -A -T4 -Pn 10.0.99.22 2>/dev/null
Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-21 20:10 NZDT
Nmap scan report for 10.0.99.22
Host is up (0.0063s latency).
Not shown: 999 closed ports
PORT     STATE SERVICE  VERSION
1443/tcp open  ssl/upnp Sonos upnpd 62.1-86220 (UPnP 1.0; model ZPS12)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment