ssdp.nse

[Ulrik Haugen <ulrik.haugen () liu se>]

Hello!

I've written another Nmap script for extracting information about a
potential reflector/amplifier. This time it's Simple service discovery
protocol. In scans of our network we've discovered services with
bandwidth amplification factors from 3.6 to 33.4.

A fingerprint for nmap-service-probes might be:

Probe UDP ssdp-msearch q|M-SEARCH * 
HTTP/1.1\r\nHOST:239.255.255.250:1900\r\nMAN:"ssdp:discover"\r\nMX:1\r\nST:ssdp:all\r\n\r\n|
ports 1900
match ssdp m|^HTTP/1.1 200 OK|

I haven't bothered trying to add that to nmap-service-probes though.

I have some plans for the future to make it try shortening the probe
payload once it finds a machine that answers but as is it's enough to
identify the affected machines and it might be a while before i have the
time to do it.

I'd be very happy to have it included in Nmap or to get feedback on it!

Best regards
/Ulrik Haugen

Attachment: ssdp.nse
Description: Ssdp Nmap script

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/