Open joroMaser opened 2 years ago
natesubra
commented
8 months ago Just in case anyone else was looking for a solution to this problem set, it is already supported (thanks Reid!):
The nmap feature, which masscan supports (at least v1.3.2): Reference
So to scan UDP port 1234 with "abcd"
Create a test payload file:
test.payload:
udp 1234
"\x61\x62\x63\x64"and then run the following with masscan
masscan <target_ip> --nmap-payloads test.payload -p U:1234
reidmefirst
commented
8 months ago To add to Nate's comment, if you want to look at the response data to see if it matches what you want, you can add --rawudp flag (added just two days ago to masscan!).
This will record the udp responses. While there is no filtering native to masscan (yet), but you can do something like:
masscan <target_ip> --nmap-payloads test.payload -p U:1234 --rawudp
You will then get results which contain the actual response payload. You can use some external processing/grep/etc to filter out results and look for the QWER response.
gabinkbl
commented
7 months ago Is it possible to use --nmap-payloads to send two separate custom UDP probes for each target. For example, send "ABC" in the first probe and then immediately send "DEF". In my case, my targets respond only after they receive two such messages.
How can I scan list of IP with only 1 specific UDP port (for example 8765) .
Send to this port "ABC" and check if the answer contains/equal to "QWER"
Thank you all.