mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
45 lines
1.3 KiB
YAML
45 lines
1.3 KiB
YAML
id: modicon-info
|
|
|
|
info:
|
|
name: Schneider Modicon PLC Information Disclosure
|
|
author: biero-el-corridor
|
|
severity: info
|
|
description: |
|
|
Detected Schneider Electric Modicon PLCs via the Modbus TCP protocol by extracting device identification information.Extracted the device model and version from responses on port 502 for fingerprinting and ICS vulnerability assessment.
|
|
metadata:
|
|
verified: true
|
|
shodan-query: "Device Identification: Schneider Electric"
|
|
tags: ics,modicon,schneider,detect,network,tcp
|
|
|
|
tcp:
|
|
- inputs:
|
|
- data: "000000000005002b0e0200"
|
|
type: hex
|
|
read: 200
|
|
name: info
|
|
- data: "000f0000000d005a002000140064000000f600"
|
|
type: hex
|
|
read: 200
|
|
name: note
|
|
- data: "000400000005005a000300"
|
|
type: hex
|
|
read: 200
|
|
name: info
|
|
|
|
host:
|
|
- "{{Hostname}}"
|
|
port: 502
|
|
read-size: 1024
|
|
|
|
matchers:
|
|
- type: word
|
|
part: raw
|
|
words:
|
|
- "Schneider Electric"
|
|
|
|
extractors:
|
|
- type: regex
|
|
group: 1
|
|
regex:
|
|
- "Schneider Electric ([A-Z 0-9a-z.]+)"
|
|
# digest: 4b0a00483046022100bbbfadafbba53d32918f22125ea8af14d246cdad8c4201da5c09fd0f5ff0ba6d022100deea44e05daea5f88b1f73ff541a3371d3f64f7a21c20c3503e7e99abedd2d79:922c64590222798bb761d5b6d8e72950 |