mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
32 lines
985 B
Markdown
32 lines
985 B
Markdown
# 44818 Pentesting EtherNet/IP
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
## **Protocol Information**
|
|
|
|
EtherNet/IP is an **industrial Ethernet networking protocol** commonly used in **industrial automation control systems**. It was developed by Rockwell Automation in the late 1990s and is managed by ODVA. The protocol ensures **multi-vendor system interoperability** and is utilized in various applications such as **water processing plants**, **manufacturing facilities**, and **utilities**. To identify an EtherNet/IP device, a query is sent to **TCP/44818** with a **list Identities Message (0x63)**.
|
|
|
|
**Default port:** 44818 UDP/TCP
|
|
|
|
```
|
|
PORT STATE SERVICE
|
|
44818/tcp open EtherNet/IP
|
|
```
|
|
|
|
## **Enumeration**
|
|
|
|
```bash
|
|
nmap -n -sV --script enip-info -p 44818 <IP>
|
|
pip3 install cpppo
|
|
python3 -m cpppo.server.enip.list_services [--udp] [--broadcast] --list-identity -a <IP>
|
|
```
|
|
|
|
## Shodan
|
|
|
|
- `port:44818 "product name"`
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
|
|
|