hacktricks/network-services-pentesting/44818-ethernetip.md
Carlos Polop dc1a2bea04 b
2024-07-19 01:16:27 +02:00

3 KiB

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

Protocol Information

EtherNet/IP is an industrial Ethernet networking protocol commonly used in industrial automation control systems. It was developed by Rockwell Automation in the late 1990s and is managed by ODVA. The protocol ensures multi-vendor system interoperability and is utilized in various applications such as water processing plants, manufacturing facilities, and utilities. To identify an EtherNet/IP device, a query is sent to TCP/44818 with a list Identities Message (0x63).

Default port: 44818 UDP/TCP

PORT      STATE SERVICE
44818/tcp open  EtherNet/IP

Enumeration

nmap -n -sV --script enip-info -p 44818 <IP>
pip3 install cpppo
python3 -m cpppo.server.enip.list_services [--udp] [--broadcast] --list-identity -a <IP>

Shodan

  • port:44818 "product name"

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}