Looking back, I can’t remember a time where I used Nmap to perform UDP port scans. Pentesters are far too impatient to spend hours waiting for a UDP scan to finish in the hope of finding some badly configured service. Which is why I found it odd when I received a message saying “why do UDP scans take hours?”

It never occurred to me that this poor dude was staring at the screen, Nmap torturing him every 30 seconds by telling him he won’t be done with this machine any time this week. I told him about this gem of a payload transmitter that just also happened to be an epic UDP port scanner, largely forgotten since the sad departure of the late Jack C. Louis. And seeing as this was a client supplied ‘jump-box’ and not something handy like Kali, I decided to take a crack at installing and showing the tester good ol' unicornscan.

I didn’t realise installing unicornscan would take longer than the Nmap UDP scan itself

Many, MANY hours later I finally got unicornscan working and decided to make a note on how to deploy this on an updated debian distro circa 2014.

Get the dependencies installed:

sudo apt-get install postgresql libdnet-dev libpq-dev libpcap-dev bison flex

Download and Install unicornscan:

wget http://sourceforge.net/projects/osace/files/unicornscan/unicornscan%20-%200.4.7%20source/unicornscan-0.4.7-2.tar.bz2/download -O unicornscan-0.4.7-2.tar.bz2
tar jxvf unicornscan-0.4.7-2.tar.bz2
cd unicornscan-0.4.7/
./configure CFLAGS=-D_GNU_SOURCE
make
sudo make install

Hope this helps anyone stuck trying to get unicornscan up and running.

Keep on sploiting,

norsec0de