Describe the bug
I have deployed Conpot using the default template to analyze EtherNet/IP, but when I try to scan the machine (in which i deploy the honeypot) using some nmap script like enip-info (nmap --script enip-info -sU -p 44818 ) it always returns the same values. It doesn't matter what values you write at templates/default/enip/enip.xml because those values are no picked to create an object (that part was not implemented).
To Reproduce
Steps to reproduce the behavior:
Install Conpot (documentation)
Run Conpot using the default template (conpot --template default --force)
Execute nmap script against the machine (nmap --script enip-info -sU -p 44818 194.1x.x.x)
See output
Stop Conpot (ctrl+c)
Change some value in the file enip.xml (for example: < ProductName>ThisShouldChange< /ProductName>)
Run Conpot again
Execute nmap script again
Compare outputs (Both outputs have the same information)
Solution
I have modified the code of Conpot to update this functionality and now it works as expected. I create an object using the values the user provide in enip.xml and I pass that object as an argument to the correct function, so the response is created with the values the user wants. Here is the commit: https://github.com/mushorg/conpot/commit/aec74ee76b062bdd0fccc6d718d3e047502ede72
Expected behavior
When you update the code, you can change some values in enip.xml and you will see a new output if you scan the honeypot again:
PORT STATE SERVICE
44818/tcp open EtherNet-IP-2
| enip-info:
| type: DC Power Generator (31)
| vendor: Eaton Electrical (68)
| productName: CustomThisName
| serialNumber: 0x000abfc2
| productCode: 70
| revision: 16.1
| status: 0x3160
| state: 0xff
|_ deviceIp: 0.0.0.0
Desktop (please complete the following information):
Inside that function "def setup( **kwds ):" is called. The description of "setup" says "Create the required CIP device Objects" but the object was not created and passed as an argument.
Describe the bug I have deployed Conpot using the default template to analyze EtherNet/IP, but when I try to scan the machine (in which i deploy the honeypot) using some nmap script like enip-info (nmap --script enip-info -sU -p 44818) it always returns the same values. It doesn't matter what values you write at templates/default/enip/enip.xml because those values are no picked to create an object (that part was not implemented).
To Reproduce Steps to reproduce the behavior:
Solution I have modified the code of Conpot to update this functionality and now it works as expected. I create an object using the values the user provide in enip.xml and I pass that object as an argument to the correct function, so the response is created with the values the user wants. Here is the commit: https://github.com/mushorg/conpot/commit/aec74ee76b062bdd0fccc6d718d3e047502ede72
Expected behavior When you update the code, you can change some values in enip.xml and you will see a new output if you scan the honeypot again: PORT STATE SERVICE 44818/tcp open EtherNet-IP-2 | enip-info: | type: DC Power Generator (31) | vendor: Eaton Electrical (68) | productName: CustomThisName | serialNumber: 0x000abfc2 | productCode: 70 | revision: 16.1 | status: 0x3160 | state: 0xff |_ deviceIp: 0.0.0.0
Desktop (please complete the following information):
Additional context Workflow: