mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-23 05:03:35 +00:00
25 lines
1.5 KiB
Markdown
25 lines
1.5 KiB
Markdown
# 3702/UDP - Pentesting WS-Discovery
|
||
|
||
## Basic Information
|
||
|
||
The Web Services Dynamic Discovery Protocol (WS-Discovery) is a multicast discovery protocol that locates services on a local network.
|
||
|
||
In WS-Discovery terminology, a Target Service is an endpoint that makes itself available for discovery, whereas a Client is an endpoint that searches for Target Services. Both use SOAP queries over UDP to the 239.255.255.250 multicast address with the destination UDP port 3702.
|
||
|
||
.png>)
|
||
|
||
A Target Service sends a multicast Hello 1 when it joins a network. The Target Service can receive a multicast Probe 2, a message sent by a Client searching for a Target Service by Type, at any time. The Type is an identifier for the endpoint. For example, an IP camera could have NetworkVideoTransmitter as a Type. It might also send a unicast Probe Match3 if the Target Service matches a Probe (other matching Target Services might also send unicast Probe Matches). Similarly, a Target Service might receive a multicast Resolve4 at any time, a message sent by a
|
||
|
||
Client searching for a Target by name, and send a unicast Resolve Match5 if it’s the target of a Resolve. Finally, when a Target Service leaves a network, it makes an effort to send a multicast Bye 6.
|
||
|
||
**Default port**: 3702
|
||
|
||
```
|
||
PORT STATE SERVICE
|
||
3702/udp open|filtered unknown
|
||
| wsdd-discover:
|
||
| Devices
|
||
| Message id: 39a2b7f2-fdbd-690c-c7c9-deadbeefceb3
|
||
| Address: http://10.0.200.116:50000
|
||
|_ Type: Device wprt:PrintDeviceType
|
||
```
|