Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-26 06:30:37 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/3702-udp-pentesting-ws-discovery.md

3.7 KiB
Raw Blame History

3702/UDP - Pentesting WS-Discovery

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

Basic Information

Web Services Dynamic Discovery Protocol (WS-Discovery) inatambulika kama protokali iliyoundwa kwa ajili ya kugundua huduma ndani ya mtandao wa ndani kupitia multicast. Inarahisisha mwingiliano kati ya Huduma za Lengo na Wateja. Huduma za Lengo ni mwisho zinazopatikana kwa ajili ya kugunduliwa, wakati Wateja ni wale wanaotafuta kwa bidii huduma hizi. Mawasiliano yanaanzishwa kwa kutumia SOAP queries over UDP, yanayolengwa kwenye anwani ya multicast 239.255.255.250 na bandari ya UDP 3702.

Pale inapojiunga na mtandao, Huduma ya Lengo inatangaza uwepo wake kwa kutangaza multicast Hello. Inabaki wazi kupokea multicast Probes kutoka kwa Wateja wanaotafuta huduma kwa Aina, kitambulisho ambacho ni cha kipekee kwa mwisho (mfano, NetworkVideoTransmitter kwa kamera ya IP). Katika kujibu Probe inayolingana, Huduma ya Lengo inaweza kutuma unicast Probe Match. Vivyo hivyo, Huduma ya Lengo inaweza kupokea multicast Resolve inayolenga kutambua huduma kwa jina, ambayo inaweza kujibu kwa unicast Resolve Match ikiwa ni lengo lililokusudiwa. Katika tukio la kuondoka kwenye mtandao, Huduma ya Lengo inajaribu kutangaza multicast Bye, ikionyesha kuondoka kwake.

Default port: 3702

PORT     STATE         SERVICE
3702/udp open|filtered unknown
| wsdd-discover:
|   Devices
|     Message id: 39a2b7f2-fdbd-690c-c7c9-deadbeefceb3
|     Address: http://10.0.200.116:50000
|_    Type: Device wprt:PrintDeviceType

{% hint style="success" %} Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}