Wireshark沒有得到Scapy Modbus響應

Question

我正在運行Wireshark運行的遠程PLC的代碼示例。爲什麼我只接受查詢（我也應該得到答覆）？由於Scapy的輸出爲Received 1 packets, got 1 answers, remaining 0 packets，PLC似乎發送了響應。

爲什麼會發生這種情況的任何想法？

我還使用Scapy中的sniff（）函數執行了嗅探，但結果相同（僅獲取查詢）。

#! /usr/bin/env python 

import logging 
logging.getLogger("scapy").setLevel(1) 

from scapy import * 
from modLib import * 

# IP for all transmissions 
ip = IP(dst="192.168.10.131") 

# Sets up the session with a TCP three-way handshake 
# Send the syn, receive the syn/ack 
tcp = TCP(flags = 'S', window = 65535, sport = RandShort(), dport = 502, options = [('MSS', 1360), ('NOP', 1), ('NOP', 1), ('SAckOK', '')]) 
synAck = sr1 (ip/tcp) 

# Send the ack 
tcp.flags = 'A' 
tcp.sport = synAck[TCP].dport 
tcp.seq = synAck[TCP].ack 
tcp.ack = synAck[TCP].seq + 1 
tcp.options = '' 
send(ip/tcp) 

# Creates and sends the Modbus Read Holding Registers command packet 
# Send the ack/push i.e. the request, receive the data i.e. the response 
tcp.flags = 'AP' 
adu = ModbusADU() 
pdu = ModbusPDU03() 
adu = adu/pdu 
tcp = tcp/adu 
data = sr1((ip/tcp), timeout = 2) 
data.show() 

# Acknowledges the response 
# Ack the data response 
# TODO: note, the 17 below should be replaced with a read packet length method... 
tcp.flags = 'A' 
tcp.seq = data[TCP].ack 
tcp.ack = data[TCP] + 17 
tcp.payload = '' 
finAck = sr1(ip/tcp) 

Answer 1

首先，你必須在你的代碼中的錯誤（這是目前在原來的版本http://www.digitalbond.com/scadapedia/security-controls/scapy-modbus-extensions/），你需要添加.seq有：tcp.ack = data[TCP].seq + 17。

正如評論中所說，你可以寫tcp.ack = data[TCP].seq + len(data[TCP].payload)。

無論如何，對於你嘗試做的事情來說，做TCP堆棧的工作通常是毫無用處的。

我會做這樣的事情：

from scapy import * 
from modLib import * 
import socket 

sock = socket.socket() 
sock.connect(("192.168.10.131", 502)) 
s = StreamSocket(sock, basecls=ModbusADU) 

ans, unans = s.sr(ModbusADU()/ModbusPDU03()) 
ans.show() 

這是否更好地工作？