# 仿真通讯靶场搭建

  • 基于Modbus协议与KingView实现Openplc仿真通讯 - 通讯靶场网络示意图如下

assets-network-show.png

# OpenPLC on Linux

$ mkdir ICWR && cd ICWR
$ git clone https://github.com/thiagoralves/OpenPLC_v3.git
$ cd OpenPLC_v3
$ ./install.sh linux
···
···
···
Compiling for Linux
Generating object files...
Generating glueVars...
Compiling main program...
Compilation finished successfully!

运行:nohup ./start_openplc.sh &

  • OpenPLC_Editor on Linux

作用为本地PLC程序调试使用,无需求可跳过

$ git clone https://github.com/thiagoralves/OpenPLC_Editor.git
$ cd OpenPLC_Editor
$ ./install.sh
$ ./openplc_editor.sh

# OpenPLC Programs

$ curl -o openplc_test.st https://raw.githubusercontent.com/sxd0216/openplc_test.st/master/openplc_test.st

OpenPLC_TODO1.png

# Kingview on Windows

  • 设备驱动 -> PLC -> 莫迪康 -> ModBUS TCP -> TCP -> 下一步:

KingView_OPENPLC_TODO.png

  • 文件 -> 画面 添加组件(可参考动图添加组件)

  • 数据库 -> 数据字典 -> 新建…

    • KingView_OPENPLC_TODO2.png

选中自定义画面 -> make -> view (GIF动画有点大,loading…):

KingView_OPENPLC_success.gif

# 靶场攻击流量分析

# WireShark流量分析

网上已经有大佬上传wireshark流量文件,就不重复造轮子去流量了,直接下载下来对照poc代码分析看看:

wireshark_tcp_show.png

# 模拟攻击启停

OpenPLC_attack_success.gif