hacktricks/pentesting/7-tcp-udp-pentesting-echo.md

34 lines
1.1 KiB
Markdown
Raw Normal View History

# 7/tcp/udp - Pentesting Echo
## Basic Information
An echo service is running on this host. The echo service was intended for testing and measurement purposes and may listen on both TCP and UDP protocols. The server sends back any data it receives, with no modification.\
**It's possible to cause a denial of service by connecting the a echo service to the echo service on the same or another machine**. Because of the excessively high number of packets produced, the affected machines may be effectively taken out of service.\
Info from [https://www.acunetix.com/vulnerabilities/web/echo-service-running/](https://www.acunetix.com/vulnerabilities/web/echo-service-running/)
2021-11-30 13:55:54 +00:00
**Default Port: **7/tcp/udp
```
PORT STATE SERVICE
2020-09-24 15:19:06 +00:00
7/udp open echo
7/tcp open echo
```
### Contact Echo service (UDP)
```bash
nc -uvn <IP> 7
Hello echo #This is wat you send
Hello echo #This is the response
```
### Shodan
* `port:7 echo`
## References
2021-11-30 13:55:54 +00:00
[Wikipedia echo](http://en.wikipedia.org/wiki/ECHO_protocol)
[CA-1996-01 UDP Port Denial-of-Service Attack](http://www.cert.org/advisories/CA-1996-01.html)