If you're interested in playing around with the Modbus protocol, you probably want to start with free, or preferably, open source tools. Here are the ones I've found useful:
Linux
- Metasploit - Everyone's favourite penetration testing tool has by default a bunch of modules which are helpful for analyzing Modbus services. I often use the modbusdetect and modbusclient modules for checking to see if a service is actually a valid Modbus service and triggering IDS' like Snort which are using Modbus rules.
- Modscan - This basic tool allows you to check if a service is an actual Modbus service, like the Metasploit modules, but is a simple, self-contained Python script so you don't need to install the entire Metasploit framework to see if a service is an actual Modbus service or not. I can also reliably crash my test PLC hardware with a couple of scans from this script, so be careful! :-)
- PLCscan - This script allows you to also probe a Modbus service to see if it's genuine, but I found it personally to not be as useful as the previous two tools. It does have some specific, non-Modbus, functionality for Siemens PLCs which may be of use to you, however.
- Wireshark - The best network sniffer around, bar none. Contains modbus decoding modules.
- Nmap - The best port scanner around, bar none. Useful if you need to quickly check for open ports.
Windows
- Modscan64 (not to be confused with the Modscan tool above) - This tool is free, but could be more accurately classified as nagware. It's great for dumping all the registers of a Modbus service and seeing what is laid out in the memory of PLC, but it's a bit awkward to use.
- CAS Modbus Scanner - This tool is completely free but I personally found to not be as useful at revealing the internals of a Modbus service as Modscan64.
Honeypots
- Digital Bond SCADA HoneyNet - The good folks at Digital Bond have created a SCADA Honeypot which emulates Modbus, HTTP, FTP and SNMP for a Modicon PLC. The instructions that come with it are for the old version of VMWare Server, so if you want to run it with the new VMWare Server, be prepared for a struggle. However, you can just extract the protocol simulators (like Modbus) which are just standard Java programs and run them yourself. The system that you can download provides you with an emulated PLC and the networking infrastructure around it for you to monitor any potential attacks. It is not being actively developed, AFAICT.
- ConPot - A new SCADA/ICS honeypot which currently emulates Modbus and SNMP. It is much simpler to setup than the Digital Bond SCADA HoneyNet but has pretty much the same functionality. It is currently under active development.
Obviously: only use these tools against a network that you are authorized to assess!
Phreaklets: And Open Source Modbus/Tcp Tools >>>>> Download Now
ReplyDelete>>>>> Download Full
Phreaklets: And Open Source Modbus/Tcp Tools >>>>> Download LINK
>>>>> Download Now
Phreaklets: And Open Source Modbus/Tcp Tools >>>>> Download Full
>>>>> Download LINK lU
( CYSCredits@Post.com ) OFFER ALL KIND OF LOANS - APPLY FOR AFFORDABLE LOANS ( CYSCredits@Asia.com )
ReplyDeleteDo You Need A Loan To Consolidate Your Debt At 1% ? CYSCredits@Asia.com ( CYSCredits@Post.com ) Or A Personal Loans * Business Loans etc. Interested Parties Should Contact Us For More Information Via Email: ( CYSCredits@Asia.com ) CYSCredits@Post.com
Please Fill the Application Form Below: -
Complete Name: -
Loan amount needed: -
Loan Duration: -
Purpose of loan: -
City / Country: -
Telephone: -
Name Of The Site You/Link Hear About Us:
( CYSCredits@Post.com ) OFFER ALL KIND OF LOANS - APPLY FOR AFFORDABLE LOANS ( CYSCredits@Asia.com )
Do You Need A Loan To Consolidate Your Debt At 1.0%? CYSCredits@Asia.com ( CYSCredits@Post.com ) Or A Personal Loans * Business Loans etc. Interested Parties Should Contact Us For More Information Through Via E-mail: ( CYSCredits@Asia.com ) CYSCredits@Post.com
We Offers Financial Consulting To Client, CYSCredits@Asia.com ( CYSCredits@Post.com ) Companies Seeking Debt / Loan Financing And Seeking For Working Capital To Start A New Business Or To Expand Existing Business. Interested Parties Should Contact Us For More Information Through Via E-mail: ( CYSCredits@Asia.com ) CYSCredits@Post.com
Do You Need A Loan To Consolidate Your Debt At 1.0%? ( CYSCredits@Asia.com ) CYSCredits@Post.com Or A Personal Loans * Business Loans etc. Interested Parties Should Contact Us For More Information Through Via E-mail: ( CYSCredits@Asia.com ) CYSCredits@Post.com
( CYSCredits@Post.com ) OFFER ALL KIND OF LOANS - APPLY FOR AFFORDABLE LOANS ( CYSCredits@Asia.com
Hello Everyone
ReplyDeleteSelling SSN DOB Fullz in bulk
DL & work history will be include (if needed)
High Credit Scores USA Fullz/Pros
USA/UK/Canada CC Fullz also available
Dumps Tutorials & Dumps with pin codes available (101 & 202)
Business Fullz with EIN
Office365 Logs in bulk
Here I'm
TG/ICQ = @killhacks
WA = +92 317 2721122
Emails = exploit dot tools4u at gmail dot com
Wickr = peeterhacks
Hacking, Spamming, Carding Stuff also available
Tools with tutorials & Ebooks
Mailers/Brutes/Viruses
Kali Linux Full course
D**P/D**k web Courses with Legit Links
Combos/logs/I.P's/Proxies
Legit & Genuine Tools
Emails = exploit dot tools4u at gmail dot com
Wickr = peeterhacks
TG/ICQ = @killhacks
WA = +92 317 2721122
Apply here for personal and business loans and approved in less than 24 hours. Email: triumphantfinanceltd@gmail.com
ReplyDeleteWelcome to Triumphant Finance Company Ltd, we are specialized in cash management and offering of Loans to interested individuals and companies who are seeking financial assistance and business growth or business expansion funds in any desired sector. We offer small and large amounts of Loans to all our qualified clients. We operate under short/long, clear and understandable terms and conditions, we give out loans at a low interest rate and our services are 100% guaranteed and risk-free. For more inquiries Email: triumphantfinanceltd@gmail.com
ReplyDelete