- Originally created by Art Wachowski and ported to Python3 by James Brine.
- A python3 port of DNP3Crafter has been bundled with this repo for testing purposes, original is here by David Olano.
- IP and PORT are for your rsyslog server, original author had this connected to Splunk instance. Bogus settings can be provided here or rsyslog settings commented out from installation script if preferred.
# Assuming brew is installed
brew install python3 python3-pip git
git clone https://github.com/referefref/dnp3pot-python3.git
cd dnp3pot-python3
pip3 install -r requirements.txt
# Update installme.sh to your requirements
./installme.sh <IP> <PORT>
sudo python3 DNP3pot.py # sudo is needed by python3 sockets to get current ip
apt-get install python3 python3-pip git
git clone https://github.com/referefref/dnp3pot-python3.git
cd dnp3pot-python3
pip3 install -r requirements.txt
# Update installme.sh to your requirements
./installme.sh <IP> <PORT>
sudo python3 DNP3pot.py # sudo is needed by python3 sockets to get current ip
This tool allows for execution of simple dnp3 checks and attacks for testing the honeypot - updated to python3
Logs can be read localy with a command "tail -f /var/log/dnp3pot.log &"
2024-05-06 15:06:16,258 - __main__ - INFO - New connection from ('192.168.1.193', 51231)
2024-05-06 15:06:16,267 - __main__ - INFO - Raw data received from ('192.168.1.193', 51231) rawdata: b'' encoding: None
2024-05-06 15:10:50,075 - __main__ - INFO - New connection from ('192.168.1.193', 52882)
2024-05-06 15:10:50,080 - __main__ - INFO - Raw data received from ('192.168.1.193', 52882) rawdata: b'\x05d\x05\xc3\x80\x01\x00\x00\x04\xc3\xa9!' encoding: utf-8