Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problem scanning Conpot default template for S7comm protocol #552

Open
cyberitot79 opened this issue Feb 22, 2021 · 4 comments
Open

Problem scanning Conpot default template for S7comm protocol #552

cyberitot79 opened this issue Feb 22, 2021 · 4 comments

Comments

@cyberitot79
Copy link

Hello,

I wanted to ask for a problem I'm having using Conpot. I've been trying to use the honeypot to simulate PLCs devices using Modbus and S7 protocols. But I'm having some problems with S7 protocol, even with the default templates, not with the ones I modified, so I'm opening this issue for the case you could help me.

I've read other previous issues, and I've read so much time the code trying to understand it. If I'm not wrong, Conpot should give support against tools or scripts like plcscan (https://github.com/meeas/plcscan). But even using the default template without any modification, I find no results for this plcscan scanning. As they say in their github info, the results should be similar to something like this when scanning s7:

127.0.0.1:102 S7comm (src_tsap=0x100, dst_tsap=0x102)
Module : 6ES7 151-8AB01-0AB0 v.0.2 (36455337203135312d38414230312d304142302000c000020001)
Basic Hardware : 6ES7 151-8AB01-0AB0 v.0.2 (36455337203135312d38414230312d304142302000c000020001)
Basic Firmware : v.3.2.6 (202020202020202020202020202020202020202000c056030206)
Unknown (129) : Boot Loader A (426f6f74204c6f61646572202020202020202020000041200909)
Name of the PLC : SIMATIC 300(xxxxxxxxx) (53494d4154494320333030280000000000000000002900000000000000000000)
Name of the module : IM151-8 PN/DP CPU (494d3135312d3820504e2f445020435055000000000000000000000000000000)
Plant identification : (0000000000000000000000000000000000000000000000000000000000000000)
Copyright : Original Siemens Equipment (4f726967696e616c205369656d656e732045717569706d656e74000000000000)
Serial number of module : S C-BOUVxxxxxxxx (5320432d424f5556xxxxxxxxxx00000000000000000000000000000000000000)
Module type name : IM151-8 PN/DP CPU (494d3135312d3820504e2f445020435055000000000000000000000000000000)

But when I use the script to test that, I get no answers (as you can see in the image I'm attaching to the issue, that's my output result). I know using default conpot would never give me the same answer as they say in plcscan github, as Conpot doesn't have all values for all the fields (basic hardware, firmware...). But at least I guess it should give me the ones it has, as I've seen in other people using conpot and plcscan. But I'm not sure if this is because of Conpot (TODAY) gives no support to this kind of tool (plcscan) or if there's something wrong, as I'm using the default templates and code, I did not change it to test this.

If it helps, I'm using Ubuntu 18.04 LTS. I've tried this in other machines, or using docker, and always the output is the same, with no results. I have all libraries installed as the script works with other conpot instances from other people. I'm testing it against localhost and 102, as it's where it's listening.

Thank you for your time and for your help.
conpot_s7_output

@glaslos
Copy link
Member

glaslos commented Mar 1, 2021

Hi @cyberitot79 , do you see any output in Conpot when you do the scan?

@cyberitot79
Copy link
Author

Hi!

I know it's at least connecting to the port as it seems to create Conpot output. Next picture shows what it logs when I do the scan:
image

@glaslos
Copy link
Member

glaslos commented Apr 16, 2021

Please provide text instead of images to make it searchable and more accessible.
I'm not too familiar with SNMP, did you check if we support the PDU type 7?

@soso288
Copy link

soso288 commented Apr 23, 2021

I found the solution. When installing conpot with virtualenv and via pip the s7 file seems to be outdated. I just copied the code from GitHub (s7.py) into my project and now it works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants