-
Notifications
You must be signed in to change notification settings - Fork 0
jusafing/ModbusParserLite
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Modbus parser lite v0.1.0
-------------------------
README File
-------------------------
DESCRIPTION
This script is a simple Modbus Parser. It uses Argus binary data to extract
the TCP streams in order to parse the Modbus Headers.
It creates an output plain-text file with all the Modbus headers for every
single TCP stream. It is possible to define three operation modes:
1 - Parse requests only
2 - Parse responses only
3 - Parse full TCP streams
It also creates a file with all single Modbus Headers as well as a general
log file.
-------------------------
REQUIREMENTS
- Argus server
- Ra client
Perl Modules:
- File::Touch
-------------------------
USAGE
First you need to configure the execution parameters within ParseConfig.pm
Then you can use it with the following syntax:
$ ./modbus_parser.pl <PCAP_FILE> [LOGFILE]
** NOTE **:
It will create the output files on the same path of PCAP_FILE.
The log file defined as an argument overwrites the one on ParseConfig.pm
-------------------------
TODO
- Arguments validation
- Use exec instead of direct shell call ``
- Use output directory variable
- Improve the performance skipping LogMsgT calls or to improme LogUtils.pm
-------------------------
AUTHOR
By Javier S.A.
[email protected]
(2014)
You can use git to get a copy of this parser from
git://repository.jusanet.org/ModbusParserLite
and you can see the ChangeLog on
http://repository.jusanet.org
About
ICS/Modbus protocol parser for sequence analysis
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published