search

momalab / ICSREF

A tool for reverse engineering industrial control systems binaries.
MIT License
158 stars 46 forks source link

CODESYS v2.3 version #1

Closed zytMatrix closed 5 years ago

zytMatrix commented 5 years ago

hello,can you help me ? I want to know your codesys 2.3's specific version, because i can not open your *.pro files successfully. I get error "Description file for module 'Module.root' not found".Thanks

tkeliris commented 5 years ago

Hello @AllfourYR, we used the WAGO-flavored CODESYS version 2.3.9.44.

zytMatrix commented 5 years ago

I am very appreciate your replay. I have a question, why do not use CODESYS V3.5 to do research?

hjzmc commented 5 years ago

hi, I have the same questions. I use CODESYS V3.5 ,but have not found the prg files, only the app file. but the .app file have not the same format with prg. can you help me?

tkeliris commented 5 years ago

@AllfourYR there are many reasons behind our choice of devices and software that fall out of scope here. At the moment, ICSREF only handles CODESYS v2.3 binaries.

@AllfourYR, @hjzmc From preliminary analyses on CODESYS v3.5 I also found that *.app files are employed in the place of PRG files. These *.app files include several configurations for the target devices, including HTML for the webserver, graphics and visualization files, along with the compiled application binary (the application binary is somewhat equivalent to the *.PRG files). I think of it as a "combined" configuration file that includes all the target details in one file. It should be feasible to carve out the compiled application binary from the *.app files and apply ICSREF on them; since the mechanics of the underlying compiler (i.e., the CODESYS compiler) do not change significantly between versions, the tool should, perhaps with minor tweaks, apply to the newer app files.

One idea is to have a separate extractor that carves out the prg equivalent from app files and then apply ICSREF on them; another idea is to incorporate such an extractor into ICSREF directly, and recognize whether an app or a prg file is provided and apply the corresponding analyses. In either case, we welcome pull requests for these features. ICSREF development is ongoing with this feature being in our list; however we don't have a definitive timeline for this feature.

zytMatrix commented 5 years ago

Thanks very much!!

hjzmc commented 5 years ago

thank you!

zytMatrix commented 5 years ago

If i use CODESYS V3.5, i can generate a boot project by CODESYS Control for Raspberry PI. If i want to generate a boot project in CODESYS V2.3, i have to use some others PLC, like WAGO ?

tkeliris commented 5 years ago

@AllfourYR For compiling projects for different targets CODESYS v2.3 uses the concept of "Targets", so you would need to have the appropriate target files (*.trg in the CODESYS installation directory). These are specific to each target device (in your case Raspberry Pi). I am not certain if Raspberry Pi targets are available for CODESYS v2.3, I would recommend checking the codesys website/forums for an answer to this question.

zytMatrix commented 5 years ago

@tkeliris Sorry to bother you again, I have been trying my best to find WAGO 750-881's target file , but I can not get it. Can you give me some help ?

tkeliris commented 5 years ago

@AllfourYR Sorry for the (very) late reply. Target files are bundled with licensed versions of CODESYS and therefore cannot be redistributed.