Shulou(Shulou.com)06/01 Report--

Participated in a sctf competition, also wrote a WP, yes, that is one. Because only one title has been made. And it is the simplest topic of modbus protocol. As a newly born ctf child, it is also very gratifying. No matter how much is made, a summary is necessary and a thorough understanding is needed.

1. First open the topic and download a data packet. Open it using wireshark.

There's a lot of data in it. See the title first Baidu a wave of modbus, it turned out that this is an industrial agreement.

Definition of Leibo protocol: Modbus protocol is a general language used in electronic controllers. Through this protocol, controllers can communicate with each other and between controllers via a network (such as Ethernet) and other devices. The Modbus protocol defines the message structures that a controller can recognize and use, regardless of the network over which they communicate. It describes the process of a controller requesting access to other devices, how to respond to requests from other devices, and how to detect and log errors. It defines the message domain pattern and the common format of the content.

To put it bluntly, it is a protocol for request and reply.

2. Next, a display filter is used to filter out the data of modbus protocol. It is convenient for us to inquire about relevant information.

With these things, I want to see what exactly the communication value is passed between the two devices? We know that trace streams can be used to query in wirwshark. Tcp is used here to track the flow. Tcp tracking streams can put small chunks of data into an easy-to-read form.

A reliability of the TCP protocol: application data is divided into blocks that TCP considers most suitable for transmission.

3. Track TCP data flow

Click on tcp stream to track data, or ctrl+alt+shift+T shortcut key to track TCP stream

Here we can choose to view the data sent from the client to the server or from the server to the client. However, the data can be understood directly on this topic.

The official WP has come down and I want to study it. Although I can hardly understand it, who makes me a rookie living in the world of ctf?

I don't know how those bosses changed. What they went through.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.