Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 20:53:37 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/7-tcp-udp-pentesting-echo.md
Translator workflow e90c803209 Translated to Japanese
2023-07-07 23:42:27 +00:00

5.7 KiB
Raw Blame History

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥

基本情報

このホスト上でエコーサービスが実行されています。エコーサービスはテストと計測のために設計されており、TCPおよびUDPプロトコルの両方でリッスンすることがあります。サーバーは受信したデータを変更せずに送り返します。
同じマシンまたは別のマシンのエコーサービスに接続することで、サービス拒否攻撃を引き起こすことが可能です。影響を受けるマシンは、生成されるパケットの数が極端に多いため、実質的にサービスを停止させられる可能性があります。
情報元:https://www.acunetix.com/vulnerabilities/web/echo-service-running/

デフォルトポート: 7/tcp/udp

PORT   STATE SERVICE
7/udp  open  echo
7/tcp  open  echo

Echoサービスへの接続UDP

The Echo service is a simple network service that allows a client to send a message to a server, which then echoes the message back to the client. This service is commonly used for testing and debugging purposes.

To contact the Echo service using UDP, you can use the nc command with the -u flag followed by the IP address and port number of the server. For example:

nc -u <server_ip> <port_number>

Replace <server_ip> with the IP address of the server running the Echo service, and <port_number> with the port number on which the service is listening.

Once connected, you can type a message and press Enter to send it to the server. The server will then echo the message back to you.

It's important to note that the Echo service is often disabled or restricted in production environments due to security concerns. Therefore, it's recommended to only use this service for testing and debugging purposes in controlled environments.

nc -uvn <IP> 7
Hello echo    #This is wat you send
Hello echo    #This is the response

Shodan

  • port:7 echo

参考文献

Wikipedia echo

CA-1996-01 UDP Port Denial-of-Service Attack

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥