Skip to content

Bacnet not working properly #572

Description

@bestrocker221

Default template, when scanning with nmap bacnet-info (for example) in debug mode, it throws an error saying its unable to read vendor ID.
Seems like bacnet connections just start, then end.

To Reproduce
Steps to reproduce the behavior:

  1. Run conpot default template
  2. sudo nmap --script bacnet-info -sU -p 47808 127.0.0.1 -d

Expected behavior
Something like this

47808/udp open  bacnet
| bacnet-discover:
|   Vendor ID: BACnet Stack at SourceForge (260)
|   Vendor Name: BACnet Stack at SourceForge
|   Instance Number: 260001
|   Firmware: 0.8.2
|   Application Software: 1.0
|   Object Name: SimpleServer
|   Model Name: GNU
|   Description: server
|_  Location: USA

Result

New bacnet session from 127.0.0.1 (e88d8afd-0024-40ce-83b1-8d683fd121cc)
New Bacnet connection from 127.0.0.1:58919. (e88d8afd-0024-40ce-83b1-8d683fd121cc)
Bacnet PDU received from 127.0.0.1:58919. (ComplexAckPDU)
Bacnet client disconnected 127.0.0.1:58919. (e88d8afd-0024-40ce-83b1-8d683fd121cc)
New Bacnet connection from 127.0.0.1:58921. (e88d8afd-0024-40ce-83b1-8d683fd121cc)
Bacnet PDU received from 127.0.0.1:58921. (ComplexAckPDU)
Bacnet client disconnected 127.0.0.1:58921. (e88d8afd-0024-40ce-83b1-8d683fd121cc)
Session timed out: 089f4c44-a6ba-431e-bde3-bc470e380a85
Session timed out: e88d8afd-0024-40ce-83b1-8d683fd121cc
NSE: Starting bacnet-info against 127.0.0.1:47808.                                                                          
Discovered open port 47808/udp on 127.0.0.1                   
NSE: [bacnet-info 127.0.0.1:47808] Error receiving Vendor ID: Invalid BACNet packet                                         
NSE: bacnet-info against 127.0.0.1:47808 threw an error!                                                                    
/usr/bin/../share/nmap/scripts/bacnet-info.nse:1297: attempt to perform arithmetic on a nil value (local 'value')
stack traceback:                              
        /usr/bin/../share/nmap/scripts/bacnet-info.nse:1297: in function </usr/bin/../share/nmap/scripts/bacnet-info.nse:129
2>                                            
        (...tail calls...)           
        /usr/bin/../share/nmap/scripts/bacnet-info.nse:1533: in function </usr/bin/../share/nmap/scripts/bacnet-info.nse:147
7>                                                                                           
        (...tail calls...)                                                                   
                                                                                             
Completed NSE at 14:05, 0.00s elapsed 
..
..
PORT      STATE SERVICE REASON                                
47808/udp open  bacnet  script-set  
..
..

Wireshark
Screenshot from 2022-04-23 14-13-43

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions