v1.0.34 - SAFEMODE global + semantica clara simulate/destructive
Execution Mode Redesign
Mode matrix (now clearly defined and enforced):
SAFEMODE | simulate | destructive | Result
true | any | any | check() + SIMULATED output [SAFE default]
false | true | any | check() + SIMULATED output [SAFE]
false | false | false | Real reads, writes BLOCKED [READ-ONLY]
false | false | true | Real reads + writes [DESTRUCTIVE]
New: SAFEMODE global option
- Default: true (blocks ALL real reads/writes globally)
- setg SAFEMODE false -- unlock real operations
- setg SAFEMODE true -- restore protection
- Shown first in 'show global'
- 'help safemode' -- full explanation with Modbus FC table
simulate=true behavior (improved)
- Lightweight TCP check
- If VULNERABLE: shows SIMULATED realistic values (synthetic registers/coils)
- Output clearly labeled [SIMULATE]
simulate=false + destructive=false behavior (fixed)
- Now correctly executes REAL reads (FC1/2/3/4/17/43)
- Write operations (FC5/6/15/16) explicitly blocked
- Previously fell back to check() only -- now returns real device data
simulate=false + destructive=true (enhanced)
- Full read + write operations
- Modbus: FC5 (write coil), FC6 (write register)
- Set WRITE_VALUE option to specify value
- Requires explicit typed confirmation
Internal flags on BaseExploit
- _simulate_mode: bool -- set by interpreter before run()
- _destructive_mode: bool -- set by interpreter before run()
- _safemode: bool -- set by interpreter before run()