| Protocol | S7comm |
|---|---|
| Name | S7comm |
| Aliases | S7, S7commPlus |
| Description | Communication protocol for Siemens S7 PLCs |
| Port(s) | 102/tcp |
| Nmap script(s) | s7-info.nse, s7-enumerate.nse |
| Wireshark dissector | packet-s7comm.c |
| Example Pcap(s) | ICS-pcap S7 |
| Related CVE | CVE-2018-4850, CVE-2019-10929, CVE-2021-40368 |
- The Siemens S7 Communication - Part 1 General Structure - On GyM's Personal Blog (2016)
- The Siemens S7 Communication - Part 2 Job Requests and Ack Data - On GyM's Personal Blog (2017)
- #HITB2021AMS COMMSEC D2 - Breaking Siemens SIMATIC S7 PLC Protection Mechanism - Gao Jian - @ Hack In The Box (2021)
- A Decade After Stuxnet: How Siemens S7 is Still an Attacker's Heaven - @ Black Hat (2024)
- Fuzzing and Breaking Security Functions of SIMATIC PLCs - Gao Jian @ Black Hat Europe (2022)
- PLC-Blaster: A worm Living Solely In The PLC - Ralf Spenneberg, Maik Brueggemann & Hendrik Schwartke @ Black Hat Asia (2016)
- Rogue7: Rogue Engineering-Station Attacks on S7 Simatic PLCs - Uriel Malin, Sara Bitan, Avishai Wool and Eli Biham @ Black Hat USA (2019)
- The spear to break the security wall of S7CommPlus - Cheng Lei @ DEF CON 25 (2017)
- python-snap7 - A Python wrapper for the snap7 PLC communication library
- s7-pcaps - Traffic captures between STEP7/WinCC and S7-300/S7-400 PLCs
- s7scan - Scan networks to gather basic information about Siemens PLCs
- Snap7 - Step7 Open Source Ethernet Communication Suite