--- title: "3702 - Ws Discovery" weight: 3702 date: "2026-03-10T10:03:28+08:00" lastmod: "2026-03-10T13:26:55+08:00" --- 💡 **学习提示**: 本文档介绍 **3702 - WS-Discovery** 的渗透测试方法,适合信息安全初学者和从业人员参考。 ⚠️ **法律声明**: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。 --- > ⚠️ **法律声明**: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。 ## 3702/UDP - 渗透测试 WS-Discovery ### 基本信息 The **Web Services Dynamic Discovery 协议 (WS-Discovery)** is identified as a protocol designed for the discovery of services within a local network through multicast. It facilitates the interaction between **Target Services** and **Clients**. Target Services are endpoints available for discovery, while Clients are the ones actively searching for these services. Communication is established using **SOAP queries over UDP**, directed to the multicast address **239.255.255.250** and UDP port **3702**. Upon joining a network, a Target 服务 announces its presence by broadcasting a **multicast Hello**. It remains open to receiving **multicast Probes** from Clients that are on the lookout for services by Type, an identifier unique to the endpoint (e.g., **NetworkVideoTransmitter** for an IP camera). In response to a matching Probe, a Target 服务 may send a **unicast Probe Match**. Similarly, a Target 服务 could receive a **multicast Resolve** aimed at identifying a service by name, to which it may reply with a **unicast Resolve Match** if it is the intended target. In the event of leaving the network, a Target 服务 attempts to broadcast a **multicast Bye**, signaling its departure. ![](<../images/image (689).png>) **默认 port**: 3702 ``` PORT STATE SERVICE 3702/udp open|filtered unknown | wsdd-discover: | Devices | Message id: 39a2b7f2-fdbd-690c-c7c9-deadbeefceb3 | Address: http://10.0.200.116:50000 |_ Type: Device wprt:PrintDeviceType ``` --- --- --- ### 搜索引擎语法 #### FOFA ```bash # FOFA 搜索语法 port="3702" ``` #### Shodan ```bash # Shodan 搜索语法 port:3702 ``` #### ZoomEye ```bash # ZoomEye 搜索语法 port:3702 ``` --- ## 📖 参考资料 - [HackTricks - 3702-ws-discovery](https://book.hacktricks.wiki/en/network-services-pentesting/3702-ws-discovery.html)