knxmap: KNXnet/IP scanning and auditing tool for KNX home automation installations
KNXmap
A tool for scanning and auditing KNXnet/IP gateways on IP driven networks. KNXnet/IP defines Ethernet as physical communication media for KNX (EN 50090, ISO/IEC 14543). KNXmap also allows scanning for devices on the KNX bus via KNXnet/IP gateways. In addition to scanning, KNXmap supports other modes to interact with KNX gateways like monitor bus messages or write arbitrary values to group addresses.
Compatibility
KNXmap heavily relies on the asyncio module and therefore requires Python 3.4 or newer. There are just a few optional dependencies that are required for some special features.
Install
git clone https://github.com/takeshixx/knxmap.git
python setup.py install
Usage
python setup.py install
knxmap -h
Scanning Modes
KNXmap supports three different scanning modes:
- Identifying KNX gateways via unicast discovery messages (default scan mode)
- Scan for bus devices attached to KNX gateways (with optional device fingerprinting)
- Searching KNX gateways via multicast messages (with –search)
Discovery Mode
This is the default mode of KNXmap. It sends KNX description request to the supplied targets in order to check if they are KNXnet/IP gateways.
knxmap scan 192.168.1.100
KNXmap supports to scan multiple targets at once by supplying multiple IP addresses separated by a space. Targets can also be defined as networks in CIDR notation:
knxmap scan 192.168.1.100 192.168.1.110 192.168.2.0/24
Bus Mode
In addition to the discovery mode, KNXmap also supports to scan for devices on the KNX bus.
knxmap scan 192.168.1.100 1.1.5
KNXmap also supports bus address ranges:
knxmap scan 192.168.1.100 1.0.0-1.1.255
The default mode is to only check if sending messages to an address returns an error or not. This helps to identify potential devices and alive targets.
Bus Device Fingerprinting
In addition to the default bus scanning KNXmap can also extract basic information from devices for further identification by supplying the –bus-info argument:
knxmap scan 192.168.1.100 1.1.5 –bus-info
Search Mode
KNX supports finding devices by sending multicast packets that should be answered by any KNXnet/IP gateway. KNXmap supports gateway searching via the –search flag. It requires the -i/–interface and superuser privileges:
sudo knxmap –interface eth1 search
Note: Packet filtering rules might block the response packets. If there are no KNXnet/IP gateways answering their packets might be dropped by Netfilter/iptables rules.
Hacking
Enable full debugging and verbosity for development:
PYTHONASYNCIODEBUG=1 knxmap -v scan 192.168.178.20 1.1.0-1.1.6 –bus-info
knxmap Copyright (C) 2016 takeshixx
Source: https://github.com/takeshixx/
