WS-Discovery - Port 3702/UDP
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic info
WS-Discovery (Web Services Dynamic Discovery) is a UDP-based multicast discovery protocol used primarily in local networks for service advertisement and discovery. It is commonly implemented in:
Network printers
IP cameras
Media servers
IoT devices
Windows services
WS-Discovery uses SOAP messages over UDP to allow clients to locate services automatically without manual configuration.
When exposed to the internet or misconfigured, WS-Discovery can:
Leak internal network information.
Allow attackers to enumerate available devices and services.
Be abused for DDoS amplification attacks.
Key Details
Default Port:
3702/udpProtocol: WS-Discovery (SOAP over UDP)
Risk: Device enumeration, sensitive information leakage, DDoS amplification.
Port Discovery
Check if the port is open/responding:
Enumeration
1. Nmap Script Scan
This will send WS-Discovery probe requests and list discovered devices on the network.
2. Manual WS-Discovery Probe
You can send a crafted SOAP Probe request using netcat or socat:
If successful, the device will respond with details about its services and network location.
Learn & practice For the Bug Bounty
Last updated
Was this helpful?