EtherNet/IP协议开发2:在ubuntu测试

  • 开发
  • 33

下载源码:

git clone https://github.com/EIPStackGroup/OpENer

编译

首先进入目录

/big/opener/OpENer/bin/posix

执行脚本: 

lkmao@ubuntu:/big/opener/OpENer/bin/posix$ ./setup_posix.sh

执行make

lkmao@ubuntu:/big/opener/OpENer/bin/posix$ make
Scanning dependencies of target Utils
[  2%] Building C object src/utils/CMakeFiles/Utils.dir/random.c.o
[  4%] Building C object src/utils/CMakeFiles/Utils.dir/xorshiftrandom.c.o
/big/opener/OpENer/source/src/utils/xorshiftrandom.c: In function ‘CalculateNextSeed’:
/big/opener/OpENer/source/src/utils/xorshiftrandom.c:22:21: warning: conversion to ‘uint32_t {aka unsigned int}’ from ‘time_t {aka long int}’ may alter its value [-Wconversion]
     SetXorShiftSeed(time(NULL));
/*略*/
[100%] Linking C executable OpENer
[100%] Built target OpENer

开始执行

首先将虚拟机IP地址修改为和PLC相同网段。然后执行OpENer

sudo ./src/ports/POSIX/OpENer ens33

现在可以搜索到了

开一个新的终端,切换目录,

lkmao@ubuntu:/big/opener/OpENer$ pwd
/big/opener/OpENer

 创建文件,

lkmao@ubuntu:/big/opener/OpENer$ echo "hello lkmao" > testcase.txt
lkmao@ubuntu:/big/opener/OpENer$ lkmao@

然后执行脚本

lkmao@ubuntu:/big/opener/OpENer$ python fuzz/scripts/send_testcase.py 192.168.250.11 testcase.txt

结果如下所示:  

lkmao@ubuntu:/big/opener/OpENer$ python fuzz/scripts/send_testcase.py 192.168.250.11 testcase.txt
[-] Connecting to 192.168.250.11:44818
[-] Init ENIP session
[-] Got ENIP Session Handle: 1
[-] Reading testcase from: 'testcase.txt'
[-] Patching sender context and session handle
[-] Sending testcase of 12 bytes
lkmao@ubuntu:/big/opener/OpENer$

分析脚本send_testcase.py

没必要分析这个脚本

import sys 
import socket
import struct

if len(sys.argv) != 3:
    print("python {} IP TESTCASE_PATH".format(sys.argv[0]))
    sys.exit(1)

HOST_IP = sys.argv[1]
HOST_PORT = 44818
TESTCASE_PATH = sys.argv[2]

ENIP_SESSION_CONTEXT = b"\x92\x83J\x0b=\x9e\x0cW"
ENIP_INIT_SESSION_PACKET = b"e\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00" + ENIP_SESSION_CONTEXT + b"\x00\x00\x00\x00\x01\x00\x00\x00"


print("[-] Connecting to {}:{}".format(HOST_IP, HOST_PORT))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST_IP, HOST_PORT))

print("[-] Init ENIP session")
s.sendall(ENIP_INIT_SESSION_PACKET)
enip_session = s.recv(1024)
session_handle = enip_session[4:8]
print("[-] Got ENIP Session Handle: {}".format(struct.unpack("<I", session_handle)[0]))
print("[-] Reading testcase from: '{}'".format(TESTCASE_PATH))
with open(TESTCASE_PATH, "rb") as f:
    testcase_data = f.read()

print("[-] Patching sender context and session handle")
testcase = testcase_data[:4]        # command, len
testcase += session_handle      # session handle
testcase += testcase_data[8:12]     # status
testcase += ENIP_SESSION_CONTEXT    # session context
testcase += testcase_data[20:]      # options and payload
print("[-] Sending testcase of {} bytes".format(len(testcase)))
s.send(testcase)
s.close()

阅读全部

相关推荐

  6. 英国和美国签署开发人工智能安全测试协议

    2024-01-19 13:48:02       15 阅读

最近更新

  4. TCP协议是安全的吗?

    2024-01-19 13:48:02       18 阅读

  12. 阿里云服务器执行yum,一直下载docker-ce-stable失败

    2024-01-19 13:48:02       19 阅读

  13. 【Python教程】压缩PDF文件大小

    2024-01-19 13:48:02       18 阅读

  18. 通过文章id递归查询所有评论(xml)

    2024-01-19 13:48:02       20 阅读

热门阅读

  1. Python设计模式详解

    2024-01-19 13:48:02       31 阅读

  6. What is `JsonSanitizer.sanitize` does?

    2024-01-19 13:48:02       36 阅读

  7. Spring MVC的面试知识点

    2024-01-19 13:48:02       34 阅读

  8. 前端常见面试题之防抖、节流、xss、xsrf

    2024-01-19 13:48:02       31 阅读

  9. 系统架构12 - 数据库基础(下)

    2024-01-19 13:48:02       29 阅读

  11. vue2挂载全局方法/组件

    2024-01-19 13:48:02       31 阅读

  14. el-table点击每一行加背景颜色

    2024-01-19 13:48:02       31 阅读

  26. 第11章 jQuery

    2024-01-19 13:48:02       25 阅读
  28. protobuf

    protobuf

    2024-01-19 13:48:02      30 阅读

  30. React16源码: React中的beginWork的源码实现

    2024-01-19 13:48:02       30 阅读