Newer
Older
SCADA / modbus / misc / dump_odd.py
root on 8 May 2022 1 KB playing with modbus day #1
  1. import sys
  2. from pymodbus.client.sync import ModbusTcpClient
  3. #from https://ctftime.org/writeup/31455
  4.  
  5. client = ModbusTcpClient(sys.argv[1])
  6.  
  7. for unit in range(32):
  8. for address, register in enumerate(client.read_holding_registers(0, 99, unit=unit).registers):
  9. if register != 0:
  10. print(f"hr {unit} {address} {register}")
  11.  
  12. for unit in range(32):
  13. for address, register in enumerate(client.read_input_registers(0, 99, unit=unit).registers):
  14. if register != 1:
  15. print(f"ir {unit} {address} {register}")
  16.  
  17. for unit in range(32):
  18. for address_base in range(0, 2999, 256):
  19. for address_index, coil in enumerate(client.read_coils(address_base, min(256, 2999 - address_base), unit=unit).bits[:min(256, 2999 - address_base)]):
  20. if coil != False:
  21. print(f"c {unit} {address_base + address_index} {coil}")
  22.  
  23. for unit in range(32):
  24. for address_base in range(0, 2999, 256):
  25. for address_index, coil in enumerate(client.read_discrete_inputs(address_base, min(256, 2999 - address_base), unit=unit).bits[:min(256, 2999 - address_base)]):
  26. if coil != True:
  27. print(f"di {unit} {address_base + address_index} {coil}")
Buy Me A Coffee