3702 - Ws Discovery
💡 学习提示: 本文档介绍 3702 - WS-Discovery 的渗透测试方法,适合信息安全初学者和从业人员参考。
⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。
⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。
3702/UDP - 渗透测试 WS-Discovery
基本信息
The Web Services Dynamic Discovery 协议 (WS-Discovery) is identified as a protocol designed for the discovery of services within a local network through multicast. It facilitates the interaction between Target Services and Clients. Target Services are endpoints available for discovery, while Clients are the ones actively searching for these services. Communication is established using SOAP queries over UDP, directed to the multicast address 239.255.255.250 and UDP port 3702.
Upon joining a network, a Target 服务 announces its presence by broadcasting a multicast Hello. It remains open to receiving multicast Probes from Clients that are on the lookout for services by Type, an identifier unique to the endpoint (e.g., NetworkVideoTransmitter for an IP camera). In response to a matching Probe, a Target 服务 may send a unicast Probe Match. Similarly, a Target 服务 could receive a multicast Resolve aimed at identifying a service by name, to which it may reply with a unicast Resolve Match if it is the intended target. In the event of leaving the network, a Target 服务 attempts to broadcast a multicast Bye, signaling its departure.
默认 port: 3702