maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/network-services-pentesting/3702-udp-pentesting-ws-discovery.md

24 lines
1.6 KiB
Markdown
Raw Blame History

# 3702/UDP - Pentesting WS-Discovery
{{#include ../banners/hacktricks-training.md}}
## Basic Information
**Web Services Dynamic Discovery Protocol (WS-Discovery)** inatambuliwa kama protokali iliyoundwa kwa ajili ya kugundua huduma ndani ya mtandao wa ndani kupitia multicast. Inarahisisha mwingiliano kati ya **Target Services** na **Clients**. Target Services ni mwisho wa huduma zinazopatikana kwa ajili ya kugunduliwa, wakati Clients ni wale wanaotafuta kwa bidii huduma hizi. Mawasiliano yanaanzishwa kwa kutumia **SOAP queries over UDP**, kuelekezwa kwenye anwani ya multicast **239.255.255.250** na bandari ya UDP **3702**.
Pale inapojiunga na mtandao, Target Service inatangaza uwepo wake kwa kutangaza **multicast Hello**. Inabaki wazi kupokea **multicast Probes** kutoka kwa Clients ambao wanatafuta huduma kwa Aina, kitambulisho ambacho ni cha kipekee kwa mwisho (mfano, **NetworkVideoTransmitter** kwa kamera ya IP). Katika kujibu Probe inayolingana, Target Service inaweza kutuma **unicast Probe Match**. Vivyo hivyo, Target Service inaweza kupokea **multicast Resolve** inayolenga kutambua huduma kwa jina, ambayo inaweza kujibu kwa **unicast Resolve Match** ikiwa ni lengo lililokusudiwa. Katika tukio la kuondoka kwenye mtandao, Target Service inajaribu kutangaza **multicast Bye**, ikionyesha kuondoka kwake.
![](<../images/image (689).png>)
**Default port**: 3702
```
PORT STATE SERVICE
3702/udp open|filtered unknown
| wsdd-discover:
| Devices
| Message id: 39a2b7f2-fdbd-690c-c7c9-deadbeefceb3
| Address: http://10.0.200.116:50000
|_ Type: Device wprt:PrintDeviceType
```
{{#include ../banners/hacktricks-training.md}}
Reference in New Issue View Git Blame Copy Permalink