We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
packets that were being correctly parsed as modbus in 2.5.0 are now not being recognized as Read Holding Registers Response in 2.6.0
Read Holding Registers Response
2.6.0
3.10
Ubuntu 22.04.4 LTS
No response
import sys from scapy.contrib.modbus import * from scapy.utils import rdpcap pcap_file = sys.argv[1] print(f"Reading pcap file: {pcap_file}") packets = rdpcap(filename=pcap_file, count=1000) print(packets[32].show2(dump=True))
with provided pcap file
Reading pcap file: error.pcap ###[ cooked linux v2 ]### proto = IPv4 reserved = 0 ifindex = 4 lladdrtype= 0x1 pkttype = unicast-to-another-host lladdrlen = 6 src = b',\xcfg,\xe2?' ###[ IP ]### version = 4 ihl = 5 tos = 0x0 len = 307 id = 18082 flags = DF frag = 0 ttl = 64 proto = tcp chksum = 0xd998 src = 10.1.2.168 dst = 10.1.2.225 \options \ ###[ TCP ]### sport = 502 dport = 58136 seq = 499266911 ack = 1928828226 dataofs = 8 reserved = 0 flags = PA window = 249 chksum = 0x7860 urgptr = 0 options = [('NOP', None), ('NOP', None), ('Timestamp', (3747823981, 2872918422))] ###[ ModbusADU ]### transId = 0x0 protoId = 0x0 len = 249 unitId = 0x1 ###[ Raw ]### load = b'\x03\xf6\x02\xbd\x00\x99\x00\x02\x00\x01\x00\x03\x00\x01\x00\x00\x00\x00\xff\xff\xff\xff\x03\xd0\x03\xd1\x00\x00\x03\xe7 x00\x0c\x139\x0b\x19\x00\x00\xeaL\x00\x00\x00\x00\x00\x00\x00\x96\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 x00\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\xff\xf6\x02&\x02\x8a\x01\xf4\x01\x90\x01\xa4\x01E\x01F\x00\x00\x03\xe7\x00\x04 \x13;\x0b\x1b\x00\x00\x00\x00\x00\x00\xa9[\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00|\x00\x00\x00\x00 x00\x00\x12\xf8\x01E\x01F\x00\x00\x03\xe7\x00\x04\x137\x0b\x19\x00\x00\x00\x00\x00\x00\xa9\x14\x00\x00\x00\x00\x00\x00 x00\x00\x00\x00\x00\x00\x00\x00\x00\x84\x00\x00\x00\x00\x00\x00\x13\x0c\x01E\x01F\x00\x00\x03\xe7\x00\x04\x139\x0b\x17 \x00\x00\x00\x00\x00\x00\xa9R\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x7f\x00\x00\x00\x00\x00\x00\x 13\x04\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfd\x00\x00\xff\xfd\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff'
Reading pcap file: error.pcap ###[ cooked linux v2 ]### proto = IPv4 reserved = 0 ifindex = 4 lladdrtype= 0x1 pkttype = unicast-to-another-host lladdrlen = 6 src = ',\xcfg,\xe2?' ###[ IP ]### version = 4 ihl = 5 tos = 0x0 len = 307 id = 18082 flags = DF frag = 0 ttl = 64 proto = tcp chksum = 0xd998 src = 10.1.2.168 dst = 10.1.2.225 \options \ ###[ TCP ]### sport = 502 dport = 58136 seq = 499266911 ack = 1928828226 dataofs = 8 reserved = 0 flags = PA window = 249 chksum = 0x7860 urgptr = 0 options = [('NOP', None), ('NOP', None), ('Timestamp', (3747823981, 2872918422))] ###[ ModbusADU ]### transId = 0x0 protoId = 0x0 len = 249 unitId = 0x1 ###[ Read Holding Registers Response ]### funcCode = 0x3 byteCount = 246 registerVal= [701, 153, 2, 1, 3, 1, 0, 0, 65535, 65535, 976, 977, 0, 999, 12, 4921, 2841, 0, 59980, 0, 0, 0, 150, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 65526, 550, 650, 500, 400, 420, 325, 326, 0, 999, 4, 4923, 2843, 0, 0, 0, 43355, 0, 0, 0, 0, 0, 0, 0, 124, 0, 0, 0, 4856, 325, 326, 0, 999, 4, 4919, 2841, 0, 0, 0, 43284, 0, 0, 0, 0, 0, 0, 0, 132, 0, 0, 0, 4876, 325, 326, 0, 999, 4, 4921, 2839, 0, 0, 0, 43346, 0, 0, 0, 0, 0, 0, 0, 127, 0, 0, 0, 4868, 65535, 65535, 65535, 65535, 65535, 65533, 0, 65533, 0, 0, 0, 0, 65535]
error.zip
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Brief description
packets that were being correctly parsed as modbus in 2.5.0 are now not being recognized as
Read Holding Registers Responsein 2.6.0Scapy version
2.6.0
Python version
3.10
Operating system
Ubuntu 22.04.4 LTS
Additional environment information
No response
How to reproduce
with provided pcap file
Actual result
Reading pcap file: error.pcap
###[ cooked linux v2 ]###
proto = IPv4
reserved = 0
ifindex = 4
lladdrtype= 0x1
pkttype = unicast-to-another-host
lladdrlen = 6
src = b',\xcfg,\xe2?'
###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = 307
id = 18082
flags = DF
frag = 0
ttl = 64
proto = tcp
chksum = 0xd998
src = 10.1.2.168
dst = 10.1.2.225
\options \
###[ TCP ]###
sport = 502
dport = 58136
seq = 499266911
ack = 1928828226
dataofs = 8
reserved = 0
flags = PA
window = 249
chksum = 0x7860
urgptr = 0
options = [('NOP', None), ('NOP', None), ('Timestamp', (3747823981, 2872918422))]
###[ ModbusADU ]###
transId = 0x0
protoId = 0x0
len = 249
unitId = 0x1
###[ Raw ]###
load =
b'\x03\xf6\x02\xbd\x00\x99\x00\x02\x00\x01\x00\x03\x00\x01\x00\x00\x00\x00\xff\xff\xff\xff\x03\xd0\x03\xd1\x00\x00\x03\xe7
x00\x0c\x139\x0b\x19\x00\x00\xeaL\x00\x00\x00\x00\x00\x00\x00\x96\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
x00\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\xff\xf6\x02&\x02\x8a\x01\xf4\x01\x90\x01\xa4\x01E\x01F\x00\x00\x03\xe7\x00\x04
\x13;\x0b\x1b\x00\x00\x00\x00\x00\x00\xa9[\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00|\x00\x00\x00\x00
x00\x00\x12\xf8\x01E\x01F\x00\x00\x03\xe7\x00\x04\x137\x0b\x19\x00\x00\x00\x00\x00\x00\xa9\x14\x00\x00\x00\x00\x00\x00
x00\x00\x00\x00\x00\x00\x00\x00\x00\x84\x00\x00\x00\x00\x00\x00\x13\x0c\x01E\x01F\x00\x00\x03\xe7\x00\x04\x139\x0b\x17
\x00\x00\x00\x00\x00\x00\xa9R\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x7f\x00\x00\x00\x00\x00\x00\x
13\x04\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfd\x00\x00\xff\xfd\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff'
Expected result
Reading pcap file: error.pcap
###[ cooked linux v2 ]###
proto = IPv4
reserved = 0
ifindex = 4
lladdrtype= 0x1
pkttype = unicast-to-another-host
lladdrlen = 6
src = ',\xcfg,\xe2?'
###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = 307
id = 18082
flags = DF
frag = 0
ttl = 64
proto = tcp
chksum = 0xd998
src = 10.1.2.168
dst = 10.1.2.225
\options \
###[ TCP ]###
sport = 502
dport = 58136
seq = 499266911
ack = 1928828226
dataofs = 8
reserved = 0
flags = PA
window = 249
chksum = 0x7860
urgptr = 0
options = [('NOP', None), ('NOP', None), ('Timestamp', (3747823981, 2872918422))]
###[ ModbusADU ]###
transId = 0x0
protoId = 0x0
len = 249
unitId = 0x1
###[ Read Holding Registers Response ]###
funcCode = 0x3
byteCount = 246
registerVal= [701, 153, 2, 1, 3, 1, 0, 0, 65535, 65535, 976, 977, 0, 999, 12, 4921, 2841, 0, 59980, 0, 0, 0, 150, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0,
0, 0, 65526, 550, 650, 500, 400, 420, 325, 326, 0, 999, 4, 4923, 2843, 0, 0, 0, 43355, 0, 0, 0, 0, 0, 0, 0, 124, 0, 0, 0, 4856, 325, 326, 0,
999, 4, 4919, 2841, 0, 0, 0, 43284, 0, 0, 0, 0, 0, 0, 0, 132, 0, 0, 0, 4876, 325, 326, 0, 999, 4, 4921, 2839, 0, 0, 0, 43346, 0, 0, 0, 0, 0, 0, 0,
127, 0, 0, 0, 4868, 65535, 65535, 65535, 65535, 65535, 65533, 0, 65533, 0, 0, 0, 0, 65535]
Related resources
error.zip
The text was updated successfully, but these errors were encountered: