New Nmap script ssdp.nse

[Ulrik Haugen <ulrik.haugen () liu se>]

Hello!

I've written another Nmap script for extracting information about a
potential reflector/amplifier. This time it's Universal plug and
play/simple service discovery protocol. In scans of our network we've
discovered services with bandwidth amplification factors from 3.6 to
33.4.

A fingerprint for nmap-service-probes might be:

Probe UDP ssdp-msearch q|M-SEARCH *
HTTP/1.1\r\nHOST:239.255.255.250:1900\r\nMAN:"ssdp:discover"\r\nMX:1\r\nST:ssdp:all\r\n\r\n|
ports 1900
match ssdp m|^HTTP/1.1 200 OK|

I haven't tried adding that to nmap-service-probes though.

I have some plans for the future to make it try shortening the probe
payload once it finds a machine that answers but as is it's enough to
identify the affected machines and it might be a while before i have the
time to do it.

I'd be very happy to have it included in Nmap or to get feedback on it!

Best regards
/Ulrik Haugen

Attachment: ssdp.nse
Description: Nmap script for ssdp

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/