π¨SSDP Spoofing
SSDP
SSDP or Simple Service Discovery Protocol is a network protocol designed for advertisement and discovery of network services. It can work without any DHCP or DNS Configuration. It was designed to be used in residential or small office environments. It uses UDP as the underlying transport protocol on port 1900. It uses the HTTP method NOTIFY to announce the establishment or withdrawal of services to a multicast group. It is the basis of the discovery protocol UPnP.
UPnP
UPnP or Universal Plug and Play is a set of networking protocols that allows networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points, and mobile devices to discover each otherβs availability on the network and establish network services for communications, data sharing, and entertainment. The UPnP architecture supports zero-configuration networking. A UPnP compatible device from any vendor can dynamically join a network, obtain an IP address, announce its name, advertise or convey its capabilities upon request, and learn about the presence and capabilities of other devices.
Evil SSDP
A tool for setting up a fake SSDP device and phishing the user for clear text credentials:
The attacker has to be in the same network as the target systems.
to run the attack :
to setup a fake scanner for phishing, use the scanner template:
if the user clicks on the scanner icon in windows explorer > networks, the default browser will open up a web page and ask for credentials in order to connect to the device:
if the user enters the credentials, EvilSSDP will grab and show them
Other templates
Office 365
Bitcoin Wallet
check the repository for other available templates or use your own template and xml description file.
Last updated