You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I have deployed Conpot using the default template to analyze EtherNet/IP, but when I try to scan the machine (in which i deploy the honeypot) using some nmap script like enip-info (nmap --script enip-info -sU -p 44818 ) it always returns the same values. It doesn't matter what values you write at templates/default/enip/enip.xml because those values are no picked to create an object (that part was not implemented).
To Reproduce
Steps to reproduce the behavior:
Install Conpot (documentation)
Run Conpot using the default template (conpot --template default --force)
Execute nmap script against the machine (nmap --script enip-info -sU -p 44818 194.1x.x.x)
See output
Stop Conpot (ctrl+c)
Change some value in the file enip.xml (for example: < ProductName>ThisShouldChange< /ProductName>)
Run Conpot again
Execute nmap script again
Compare outputs (Both outputs have the same information)
Solution
I have modified the code of Conpot to update this functionality and now it works as expected. I create an object using the values the user provide in enip.xml and I pass that object as an argument to the correct function, so the response is created with the values the user wants. Here is the commit: aec74ee
Expected behavior
When you update the code, you can change some values in enip.xml and you will see a new output if you scan the honeypot again:
PORT STATE SERVICE
44818/tcp open EtherNet-IP-2
| enip-info:
| type: DC Power Generator (31)
| vendor: Eaton Electrical (68)
| productName: CustomThisName
| serialNumber: 0x000abfc2
| productCode: 70
| revision: 16.1
| status: 0x3160
| state: 0xff
|_ deviceIp: 0.0.0.0
Desktop (please complete the following information):
Inside that function "def setup( **kwds ):" is called. The description of "setup" says "Create the required CIP device Objects" but the object was not created and passed as an argument.
Describe the bug
I have deployed Conpot using the default template to analyze EtherNet/IP, but when I try to scan the machine (in which i deploy the honeypot) using some nmap script like enip-info (nmap --script enip-info -sU -p 44818 ) it always returns the same values. It doesn't matter what values you write at templates/default/enip/enip.xml because those values are no picked to create an object (that part was not implemented).
To Reproduce
Steps to reproduce the behavior:
Solution
I have modified the code of Conpot to update this functionality and now it works as expected. I create an object using the values the user provide in enip.xml and I pass that object as an argument to the correct function, so the response is created with the values the user wants. Here is the commit: aec74ee
Expected behavior
When you update the code, you can change some values in enip.xml and you will see a new output if you scan the honeypot again:
PORT STATE SERVICE
44818/tcp open EtherNet-IP-2
| enip-info:
| type: DC Power Generator (31)
| vendor: Eaton Electrical (68)
| productName: CustomThisName
| serialNumber: 0x000abfc2
| productCode: 70
| revision: 16.1
| status: 0x3160
| state: 0xff
|_ deviceIp: 0.0.0.0
Desktop (please complete the following information):
Additional context
Workflow:
The text was updated successfully, but these errors were encountered: