mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-11 13:56:22 +00:00
76 lines
3.9 KiB
Markdown
76 lines
3.9 KiB
Markdown
{% hint style="success" %}
|
|
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
|
|
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
|
|
|
|
<details>
|
|
|
|
<summary>Ondersteun HackTricks</summary>
|
|
|
|
* Kyk na die [**subskripsie planne**](https://github.com/sponsors/carlospolop)!
|
|
* **Sluit aan by die** 💬 [**Discord groep**](https://discord.gg/hRep4RUj7f) of die [**telegram groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
|
|
* **Deel hacking truuks deur PRs in te dien na die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
|
|
|
</details>
|
|
{% endhint %}
|
|
|
|
|
|
# Protokol Inligting
|
|
|
|
**BACnet** is 'n **kommunikasieprotokol** vir Gebou Automatisering en Beheer (BAC) netwerke wat die **ASHRAE**, **ANSI**, en **ISO 16484-5 standaard** protokol benut. Dit fasiliteer kommunikasie tussen gebou automatisering en beheerstelsels, wat toepassings soos HVAC-beheer, beligtingbeheer, toegangbeheer, en branddetectiestelsels in staat stel om inligting uit te ruil. BACnet verseker interoperabiliteit en laat gecomputeriseerde gebou automatisering toestelle toe om te kommunikeer, ongeag die spesifieke dienste wat hulle bied.
|
|
|
|
**Standaard poort:** 47808
|
|
```text
|
|
PORT STATE SERVICE
|
|
47808/udp open BACNet -- Building Automation and Control NetworksEnumerate
|
|
```
|
|
# Opname
|
|
|
|
## Handmatig
|
|
```bash
|
|
pip3 install BAC0
|
|
pip3 install netifaces
|
|
|
|
import BAC0
|
|
import time
|
|
|
|
myIP = '<Your IP>/<MASK>' #You need to be on the same subnet as the bacnet device. Example: '192.168.1.4/24'
|
|
bacnet = BAC0.connect(ip=myIP)
|
|
bacnet.whois() #Broadcast request of bacnet devices
|
|
time.sleep(5) #Wait for devices to respond
|
|
for i, (deviceId, companyId, devIp, numDeviceId) in enumerate(bacnet.devices):
|
|
print(f"-------- Device #{numDeviceId} --------")
|
|
print(f"Device: {deviceId}")
|
|
print(f"IP: {devIp}")
|
|
print(f"Company: {companyId}")
|
|
readDevice = bacnet.readMultiple(f"{devIp} device {numDeviceId} all")
|
|
print(f"Model Name: {readDevice[11]}")
|
|
print(f"Version: {readDevice[2]}")
|
|
# print(readDevice) #List all available info about the device
|
|
```
|
|
## Outomaties
|
|
```bash
|
|
nmap --script bacnet-info --script-args full=yes -sU -n -sV -p 47808 <IP>
|
|
```
|
|
This script doen nie poging om 'n BACnet-netwerk as 'n buitelandse toestel te sluit nie, dit stuur eenvoudig BACnet versoeke direk na 'n IP-adresbare toestel.
|
|
|
|
## Shodan
|
|
|
|
* `port:47808 instance`
|
|
* `"Instance ID" "Vendor Name"`
|
|
|
|
|
|
|
|
{% hint style="success" %}
|
|
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
|
|
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
|
|
|
|
<details>
|
|
|
|
<summary>Support HackTricks</summary>
|
|
|
|
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
|
|
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
|
|
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
|
|
|
</details>
|
|
{% endhint %}
|