Port 5357 Hacktricks ((install)) [99% Trending]
Web Services for Devices API (WSDAPI)
Port 5357 is used by the , a Microsoft implementation of WS-Discovery. This service allows devices on a local network—like printers, scanners, and file shares—to advertise and discover services without a central server.
"Recommendation: Block Port 5357/tcp on the perimeter firewall immediately. The exposed WS-Discovery service allowed for the enumeration of the primary Domain Controller hostname ('LEDGER-DC01') and internal network topology without authentication." port 5357 hacktricks
SSDP and UPnP
: Port 5357 is used by SSDP, which is part of the UPnP protocol. SSDP is used for discovering UPnP devices and services on a network. This protocol is widely used in IoT devices and home networks for device discovery and service advertisement. Web Services for Devices API (WSDAPI) Port 5357
- Internal hostname
- Windows domain name
- MAC address (via device ID)
- Serial numbers of printers/scanners
- Network shares (if virtual device)