Skip to content

A
Asset_Discovery
Commit 59f2239d authored by Dipti mishra's avatar Dipti mishra
Browse files
Options

Created codesys protocol

parent 179a2e62
Show whitespace changes
Inline Side-by-side
Showing with 15 additions and 3 deletions
assets.json
View file @ 59f2239d
{"2.2.2.5": {"last_activity": "11-08-23 16:13:03", "dev_type": "Unknown", "protocols": "udp:tcp:", "mac": "a4:4c:c8:61:0a:18", "vendor": "Dell Inc.", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "2.2.2.21": {"last_activity": "11-08-23 16:13:02", "dev_type": "Programmable Logic Controller", "protocols": "tcp:udp:enip", "mac": "f4:54:33:ac:3d:e9", "vendor": "Rockwell Automation/Allen-Bradley", "firmware": "1766-L32BWA C/21.02", "model": "60d3071e", "os": "Windows", "plant": "Dalmia Cement"}, "2.2.2.23": {"last_activity": "11-08-23 16:13:18", "dev_type": "PLC_2 S7300/ET200M station_1", "protocols": "tcp:s7comm", "mac": "8c:f3:19:0b:14:a1", "vendor": "Original Siemens Equipment", "firmware": "6ES7 315-2EH14-0AB0 3.2.17", "model": "SV-N3AJ03442021", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}} {"2.2.2.5": {"last_activity": "11-08-23 16:13:03", "dev_type": "Unknown", "protocols": "udp:tcp:", "mac": "a4:4c:c8:61:0a:18", "vendor": "Dell Inc.", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "2.2.2.21": {"last_activity": "11-08-23 16:13:02", "dev_type": "Programmable Logic Controller", "protocols": "tcp:udp:enip", "mac": "f4:54:33:ac:3d:e9", "vendor": "Rockwell Automation/Allen-Bradley", "firmware": "1766-L32BWA C/21.02", "model": "60d3071e", "os": "Windows", "plant": "Dalmia Cement"}, "2.2.2.23": {"last_activity": "11-08-23 16:13:18", "dev_type": "PLC_2 S7300/ET200M station_1", "protocols": "tcp:s7comm", "mac": "8c:f3:19:0b:14:a1", "vendor": "Original Siemens Equipment", "firmware": "6ES7 315-2EH14-0AB0 3.2.17", "model": "SV-N3AJ03442021", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "57.128.101.83": {"last_activity": "21-08-23 15:35:09", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "192.168.2.134": {"last_activity": "21-08-23 15:35:09", "dev_type": "Unknown", "protocols": "udp:tcp", "mac": "f4:8c:50:d3:86:eb", "vendor": "Intel Corporate", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "192.168.0.243": {"last_activity": "21-08-23 15:34:17", "dev_type": "SSDP", "protocols": "udp", "mac": "f4:2e:7f:cc:80:80", "vendor": "Aruba, a Hewlett Packard Enterprise Company", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "54.67.68.88": {"last_activity": "21-08-23 15:35:02", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "142.250.195.234": {"last_activity": "21-08-23 15:30:01", "dev_type": "http protocol over TLS/SSL", "protocols": "udp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "35.206.80.10": {"last_activity": "21-08-23 15:35:09", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "35.217.17.196": {"last_activity": "21-08-23 15:35:08", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "192.168.0.222": {"last_activity": "21-08-23 15:34:53", "dev_type": "Domain Name Server", "protocols": "udp", "mac": "20:67:7c:de:26:04", "vendor": "Hewlett Packard Enterprise", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "13.89.178.27": {"last_activity": "21-08-23 15:30:16", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "142.250.195.206": {"last_activity": "21-08-23 15:30:50", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "192.168.1.96": {"last_activity": "21-08-23 15:30:01", "dev_type": "Unknown", "protocols": "", "mac": "e2:40:44:7b:14:9b", "vendor": "No Mac", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "3.221.85.129": {"last_activity": "21-08-23 15:30:02", "dev_type": "Unknown", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "192.168.2.94": {"last_activity": "21-08-23 15:34:34", "dev_type": "Unknown", "protocols": "", "mac": "c0:2c:5c:57:04:71", "vendor": "Apple, Inc.", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "192.168.1.138": {"last_activity": "21-08-23 15:34:42", "dev_type": "Unknown", "protocols": "", "mac": "32:07:9d:86:c4:72", "vendor": "No Mac", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "20.189.173.13": {"last_activity": "21-08-23 15:30:23", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "54.144.111.231": {"last_activity": "21-08-23 15:34:16", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "52.114.36.179": {"last_activity": "21-08-23 15:35:02", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "13.107.5.93": {"last_activity": "21-08-23 15:30:22", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "192.168.1.60": {"last_activity": "21-08-23 15:33:20", "dev_type": "Unknown", "protocols": "", "mac": "4c:7c:d9:c4:33:16", "vendor": "Apple, Inc.", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "52.168.112.66": {"last_activity": "21-08-23 15:30:55", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "52.114.36.191": {"last_activity": "21-08-23 15:35:06", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "185.70.147.146": {"last_activity": "21-08-23 15:30:29", "dev_type": "Linux", "protocols": "tcp:codesys", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "3S-Smart Software Solutions", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "142.251.175.188": {"last_activity": "21-08-23 15:35:07", "dev_type": "HP Virtual Room Service", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "104.46.162.224": {"last_activity": "21-08-23 15:31:24", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "20.189.173.9": {"last_activity": "21-08-23 15:32:40", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "142.250.205.227": {"last_activity": "21-08-23 15:32:54", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "172.217.166.163": {"last_activity": "21-08-23 15:32:54", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "172.217.166.99": {"last_activity": "21-08-23 15:32:54", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "193.149.136.134": {"last_activity": "21-08-23 15:32:05", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "13.89.179.8": {"last_activity": "21-08-23 15:33:03", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "20.190.146.35": {"last_activity": "21-08-23 15:32:49", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "216.239.36.117": {"last_activity": "21-08-23 15:32:54", "dev_type": "http protocol over TLS/SSL", "protocols": "udp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "35.190.39.137": {"last_activity": "21-08-23 15:34:53", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "40.79.141.153": {"last_activity": "21-08-23 15:33:14", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "20.42.73.26": {"last_activity": "21-08-23 15:33:49", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "34.236.161.191": {"last_activity": "21-08-23 15:33:51", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "172.217.163.195": {"last_activity": "21-08-23 15:34:53", "dev_type": "http protocol over TLS/SSL", "protocols": "udp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}, "34.226.68.35": {"last_activity": "21-08-23 15:34:41", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Indeterminate Operating System", "plant": "Dalmia Cement"}, "13.89.179.9": {"last_activity": "21-08-23 15:34:49", "dev_type": "http protocol over TLS/SSL", "protocols": "tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Windows", "plant": "Dalmia Cement"}, "172.217.160.163": {"last_activity": "21-08-23 15:34:54", "dev_type": "http protocol over TLS/SSL", "protocols": "udp:tcp", "mac": "7c:5a:1c:7f:6e:ef", "vendor": "Sophos Ltd", "firmware": "Unknown", "model": "Unknown", "os": "Unix/Linux Based", "plant": "Dalmia Cement"}}
\ No newline at end of file \ No newline at end of file
db.sqlite3
View file @ 59f2239d
No preview for this file type
helpers/Packet_Analyzer.py
View file @ 59f2239d
import binascii import binascii
import json import json
from protocol_discover_helpers import modbus_discover,enip_discover,s7_discover,omron_discover,bacnet_discover from protocol_discover_helpers import modbus_discover,enip_discover,s7_discover,omron_discover,bacnet_discover,codesys_discover
class Packet_Analyzer(): class Packet_Analyzer():
def __init__(self): def __init__(self):
self.data=None self.data=None
self.protocol_list={502: modbus_discover,44818:enip_discover,102:s7_discover,9600:omron_discover,47808:bacnet_discover} self.protocol_list={502: modbus_discover,44818:enip_discover,102:s7_discover,9600:omron_discover,47808:bacnet_discover,2455:codesys_discover}
def identify_protocol(self,hex_pkt): def identify_protocol(self,hex_pkt):
protocols="" protocols=""
......
protocol_actions.py
View file @ 59f2239d
...@@ -2,6 +2,7 @@ from protocol_enumerators import ethernetip_enum as eip ...@@ -2,6 +2,7 @@ from protocol_enumerators import ethernetip_enum as eip
from protocol_enumerators import s7_enum as s7 from protocol_enumerators import s7_enum as s7
from protocol_enumerators import bacnet as bac from protocol_enumerators import bacnet as bac
from protocol_enumerators import modbus from protocol_enumerators import modbus
from protocol_enumerators import codesys
from helpers.port_service_helper import psdata from helpers.port_service_helper import psdata
from protocol_enumerators import omron from protocol_enumerators import omron
import binascii import binascii
...@@ -42,6 +43,12 @@ def analyse_protocol(protocols,pkt): ...@@ -42,6 +43,12 @@ def analyse_protocol(protocols,pkt):
vendor = res['vendorid'] vendor = res['vendorid']
firmware = res['firmware'] firmware = res['firmware']
model = res['model'] model = res['model']
elif ("codesys" in protocols):
res = codesys.get_info(eip.get_info(pa.get_ip(inhex), int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int(
pa.get_udp_port(inhex))))
if (res):
dev_type = res['OS Name']
vendor = res['Product Type']
elif ("modbus" in protocols): elif ("modbus" in protocols):
res = modbus.get_info(eip.get_info(pa.get_ip(inhex), int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int( res = modbus.get_info(eip.get_info(pa.get_ip(inhex), int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int(
pa.get_udp_port(inhex))), False) pa.get_udp_port(inhex))), False)
...@@ -99,6 +106,11 @@ def update_protocol(protocols,pkt): ...@@ -99,6 +106,11 @@ def update_protocol(protocols,pkt):
vendor=res['vendorid'] vendor=res['vendorid']
firmware=res['firmware'] firmware=res['firmware']
model=res['model'] model=res['model']
elif("codesys" in protocols):
res=codesys.get_info(pa.get_ip(inhex) ,int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int(pa.get_udp_port(inhex)))
if(res):
dev_type=res['OS Name']
vendor=res['Product Type']
elif("modbus" in protocols): elif("modbus" in protocols):
res=modbus.get_info(pa.get_ip(inhex) ,int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int(pa.get_udp_port(inhex)),False) res=modbus.get_info(pa.get_ip(inhex) ,int(pa.get_tcp_port(inhex)) if "tcp" in protocols else int(pa.get_udp_port(inhex)),False)
if(res): if(res):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment