Nmap Development mailing list archives
Re: [NSE] modbus-enum.nse, modbus discovery script
From: David Fifield <david () bamsoftware com>
Date: Sun, 12 Dec 2010 18:10:24 -0800
On Sun, Dec 12, 2010 at 08:37:55PM +0300, Alexander Rudakov wrote:
Hi, all. It's me again. I cleaned modbus-discover.nse script. I refactored code, it's became cleaner and simplier (I hope). I threw away data and function code script arguments, and saved only aggressive mode arg of slave id detection. I tested script on real devices with next cases: 1) Neither the slave id (0x11) function nor read device identification (0x2B) function supported (just error string printed) 2) Report slave Id function not supported by device, but read device identification function supported. 3) Both function supported (maximum information shows) The main achievement for me is that I could find modbus device in the wild using this script and get vendor information about it.
I tried this version of the script against the modbus-emul.py you posted in http://seclists.org/nmap-dev/2010/q4/489. I got some errors: ./scripts/modbus-discover.nse:98: variable 'byte_count' is not declared stack traceback: [C]: in function 'error' ./nselib/strict.lua:69: in function <./nselib/strict.lua:60> ./scripts/modbus-discover.nse:98: in function 'extract_slave_id' ./scripts/modbus-discover.nse:136: in function <./scripts/modbus-discover.nse:115> (tail call): ? ./scripts/modbus-discover.nse:65: attempt to perform arithmetic on local 'number_of_objects' (a nil value) stack traceback: ./scripts/modbus-discover.nse:65: in function <./scripts/modbus-discover.nse:54> (tail call): ? ./scripts/modbus-discover.nse:145: in function <./scripts/modbus-discover.nse:115> (tail call): ? The first one is just because of a missing "local" declaration. The second one looks like it must be a bug in either modbus-emul.py or modbus-discover.nse. Can you find out please? Please change the script arg name from "aggressive" to "modbus-discover.aggressive". You can keep "aggressive" as a synonym. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] modbus-enum.nse, modbus discovery script Александр Рудаков (Nov 22)
- Re: [NSE] modbus-enum.nse, modbus discovery script David Fifield (Nov 29)
- <Possible follow-ups>
- Re: [NSE] modbus-enum.nse, modbus discovery script Bob Radvanovsky (Nov 29)
- Re: [NSE] modbus-enum.nse, modbus discovery script Александр Рудаков (Nov 29)
- Re: [NSE] modbus-enum.nse, modbus discovery script Bob Radvanovsky (Nov 30)
- Re: [NSE] modbus-enum.nse, modbus discovery script Александр Рудаков (Nov 30)
- Re: [NSE] modbus-enum.nse, modbus discovery script Bob Radvanovsky (Nov 30)
- Re: [NSE] modbus-enum.nse, modbus discovery script Александр Рудаков (Dec 03)
- Re: [NSE] modbus-enum.nse, modbus discovery script Alexander Rudakov (Dec 12)
- Re: [NSE] modbus-enum.nse, modbus discovery script David Fifield (Dec 12)
- Re: [NSE] modbus-enum.nse, modbus discovery script Alexander Rudakov (Dec 13)
- Re: [NSE] modbus-enum.nse, modbus discovery script David Fifield (Dec 16)
- Re: [NSE] modbus-enum.nse, modbus discovery script Alexander Rudakov (Dec 17)
- Re: [NSE] modbus-enum.nse, modbus discovery script Александр Рудаков (Dec 03)
- Re: [NSE] modbus-enum.nse, modbus discovery script David Fifield (Dec 17)