Query OpenPLC -> FactoryIO: query the status of the sensors.The first communication between OpenPLC and FactoryIO is a 3-way handshake:įrom that point, there is a communication loop that repeats indefinitely using a typical Modbus TCP query-response structure: Analyzing the Communication Loop OpenPLC’s communication loopīy direct observation of the traffic capture, one can see that: This information can very relevant for an attacker as it may point out some vulnerabilities or attack vectors to exploit. Now let’s start analyzing the traffic captured in order to understand the communication loop used by OpenPLC.
0 Comments
Leave a Reply. |