Looking back, I can’t remember a time where I used Nmap to perform UDP port scans. Pentesters are far too impatient to spend hours waiting for a UDP scan to finish in the hope of finding some badly configured service. Which is why I found it odd when I received a message saying “why do UDP scans take hours?”
It never occurred to me that this poor dude was staring at the screen, Nmap torturing him every 30 seconds by telling him he won’t be done with this machine any time this week. I told him about this gem of a payload transmitter that just also happened to be an epic UDP port scanner, largely forgotten since the sad departure of the late Jack C. Louis. And seeing as this was a client supplied ‘jump-box’ and not something handy like Kali, I decided to take a crack at installing and showing the tester good ol’ unicornscan. (I didn’t realise installing unicornscan would take longer than the Nmap UDP scan itself)
Many, MANY hours later I finally got unicornscan working and decided to make a note on how to deploy this on an updated debian distro circa 2014.
Get the dependencies installed
sudo apt-get install postgresql libdnet-dev libpq-dev libpcap-dev bison flex
Download and Install unicornscan
wget http://sourceforge.net/projects/osace/files/unicornscan/unicornscan%20-%200.4.7%20source/unicornscan-0.4.7-2.tar.bz2/download -O unicornscan-0.4.7-2.tar.bz2
tar jxvf unicornscan-0.4.7-2.tar.bz2
sudo make install
Hope this helps.