bobsmith
Hi. I'd like to be able to upload several different programs to OpenPLC at different stages of a demo. Please could you let me know whether this is possible programmatically, e.g. using cURL? Is there a RESTful API that I could use?
Thanks.
Quote 0 0
thiagoralves
OpenPLC runtime does not have any API to control it programmatically. It might be possible to do it using cURL simulating browser requests. You will have to login first and save the session cookies to be able to perform the requests. Check https://stackoverflow.com/questions/12399087/curl-to-access-a-page-that-requires-a-login-from-a-different-page
Quote 0 0
bobsmith
Thanks. I tried using curl with -F and a cookie created immediately before the transaction. I can't get the /programs page to respond to a post in the uploadForm part of the page. I've tried everything I can think of along the following lines:
curl --cookie my.cookie -v -L -F id=uploadForm -F action=upload-program -F file= @myfile.st -F submit=Upload+Program <my ip>:8080/programs
Any ideas? Or should I give up?
Quote 0 0
thiagoralves
Instead of actually uploading the program, why don't you just activate a program that has been previously uploaded? This will be a lot easier. I don't remember the details on the html, but I think it involves some hidden fields with the program id that you might need to populate using curl
Quote 0 0
bobsmith
That's a great suggestion. However, what I'm trying to do means that's not an option. As part of an ICS cyber security demo, I am trying to show how a cyber attacker can be caught remotely compromising a PLC by nefariously changing it's runtime program. The demo will start by detecting port scans on port 502, and potentially the code upload too.
Quote 0 0
thiagoralves
Ah, so this will be a lot more complicated because uploading a program involves 2 or 3 steps after actually uploading the file. Perhaps the best way for you to accomplish that would be to upload a program on the browser with F12 (developer tools) turned on. Then you will see all the calls that are made and all the parameters that are sent. Step 2 is try to mimic that with curl or whatever tool you have available
Quote 1 0
bobsmith
The multipart form-data is encoded. Any idea how to read this please? Here's the header:
POST /upload-program HTTP/1.1 Host: <my ip>:8080 Connection: keep-alive Content-Length: 821 Cache-Control: max-age=0 Origin: http://<my ip>:8080 Upgrade-Insecure-Requests: 1 Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycCRnCpmWr0ZRKfjF User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer: http://192.168.0.150:8080/programs Accept-Encoding: gzip, deflate Accept-Language: en-GB,en;q=0.9 Cookie: <cookie text>
Quote 0 0