Wireshark - access to PLC ?

EICS

Member
EICS
Join Date
Dec 2008
Location
Melbourne, Australia
Posts
323
if this thread contravenes this sites rules i will delete it.

has anyone used Wireshark to access a password-ed PLC via a serial port or know if this is at all "technically" possible?

i am not asking for a "how to" just simply if it is at all possible.

Machine is Chinese built and only 5 years old, the OEM does not have the password as they had another company do the automation, that other company will not supply it due to what they term as "secret business"
 
Wire shark is for ethernet, not serial. You will need to look at multidrop serial and a Telnet type application.


What brand of PLC?
 
There are a number of serial sniffers that when run can see the send/recieve traffic & log it. they even work on USB to serial cables.
 
mad4x4 said:
Wire shark is for ethernet, not serial. You will need to look at multidrop serial and a Telnet type application.


What brand of PLC?
Click to expand...

Wireshark can if the comm is on a USB dongle. It would use the USBPCAP driver to do so.

I have had success with Micrologix processors when the previous engineer passed away unexpectedly with every single processor in the building password locked.
 
You can use this program to capture serial traffic on a COM port and it will save it as a Wireshark PCAP file
https://github.com/j123b567/SerialPCAP


I just tested it with Modbus RTU traffic, and it seems to work. I did have to increase the gap time though (the default is 10ms) because it was splitting up packets incorrectly at 10ms.
 

Similar Topics

J
Wireshark Industrial Networks
So I was trying to shed some light on intermittent timeouts to a 1769-AENTR from CompactLogix L36ERM (basically timeouts are counting up in...
Replies
3
Views
1,292
joseph_e2
J
mad4x4
Wireshark Capture file
Is there anyway to replay the capture file from a PC to simulate traffic on a network. This would be to allow testing of some sensors and check if...
Replies
1
Views
1,060
AlfredoQuintero
A
E
How to use wireshark to determine network traffic in my plant bus network (PLC)
Hi Experts, Any manual or steps on how to use the Wireshark app to determine the network traffic on our plant bus network?:confused: I'm having...
Replies
3
Views
2,503
Thomas_v2
T
7
Take a look at my wireshark screen when I lost comms
My ip address is 10.2.2.200, the compact logix L 33E is 10.2.2.129. I go online and within 30 seconds I get booted and I'm pretty sure this...
Replies
1
Views
1,704
dmroeder
dmroeder
willxfmr
Wireshark for DeviceNet?
I didn't want to hijack a different thread so I figured it was best to start a new one. The question comes from this thread...
Replies
2
Views
2,120
thingstodo
T
Back
Top Bottom