First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

LOGO!8_tcp_stream

I am currently busy with researching the ethernet communication options of a logo8 PLC. But with a network scan using Wireshark I see a communication that is more or less a TCP stream when followed you can see elements of the written program but also a lot of blank spaces does anyone know which higher protocol is used for this is it similar as a Tia portal to PLC connection?

Down below a few sentences out the TCP stream

K...........GetHWType....'..K..`.............K...........GetHWId......'..K .`..............K...........CheckState...'..K..`.............K...........CheckState...'..K..`.............K...........GetVersion...'..K .`..............K...........GetPrgHead...'..K..`..................}...J.....Uihu...\Uihu...\Uihu...\Uihu...\K...........CheckState...'..K..`.............K...........HasHoursCnt..'..K..`.............K...........GetAiCnt.....'..K..`.............K...........CheckMS......'..KP.`.................KP..........StartDown....'......];._.K..`............K.0.........InDown.......'................;.E.2LUihu...\Uihu...\Uihu...\Uihu...\...................................                ..
........................................................................................................off                             .............aantal werks                    .............tukken                          .............                                .............                                .............                                .............ON start                        .............feed in                         .............                                .............                                .............                                .............                                ...K@.`................K.0.........InDown.......'................feed                            .............                                .............                                .............                                .............                                .............                                .............Return                          .............                                .............                                .............                                .............                                .............                                .............cooling down                    .............off in                          .............                                .............                                .............      K@.`................K.0.........InDown.......'......                          .............                                .............trip                            .............no fault?                       .............press reset                     .............                                .............                                .............                                ...........................................................................................................................................................................................................................................................................................................................................................................................................K@.`................K.0.........InDown.......'......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................K@.`................K.0.........InDown.......'...............................................................................................................................................................................................................................................................................................................................................
sybren6's avatar
1
sybren6
asked 2022-04-14 14:31:03 +0000
Jaap's avatar
13.7k
Jaap
updated 2022-04-15 06:47:08 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

does anyone know which higher protocol is used for this

A Web search I did for

logo 8 plc protocol

found https://www.promotic.eu/en/pmdoc/Subs..., which indicates that they use a Siemens-designed protocol named "S7".

Wireshark supports dissecting that, but it might not automatically recognize it. It originally ran on top of the OSI Connection-Oriented Transport Protocol (ISO 8073), but it can also run on top of TCP, using the RFC 1006protocol, which encapsulates ISO 8073 inside TCP. That's what https://www.promotic.eu/en/pmdoc/Subs... says it uses.

Wireshark also supports RFC 1006, but you may have to use "Decode As" to dissect that TCP stream as RFC 1006.

Guy Harris's avatar
19.9k
Guy Harris
answered 2022-04-17 03:08:36 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer