2

I've got a time clock with proprietary software that polls swipe punches from it, the software sits on a server and connects to the time clock over ethernet. I want to try and write my own script that polls this clock as the software can't do it more then once an hour.

I installed wireshark on the server and polled a time clock, I then followed the tcp stream so I could see all the data that was sent back and forth, I see it issues: .00P. on port 3001 of the time clock, the time clock then replies with all of the punches.

I tried using putty and connecting on port 3001 and copying and pasting that command however nothing was returned, I then realized the periods in the command are because my editor can't display the actual data, which in notepad looks like backwards L's.

Any how, what's the best process for attempting to send that command as it is in the binary file I saved from wireshark, is there a way to send a packet containing the data from a file to the timeclock and somehow record the results?

user177916
  • 33

2 Answers2

1

It's hard to tell anything from 1 single packet - a rather fast-forward way might be:

... to replace the clock once at night-time:

e.g. setup Linux with the same IP as the clock (while taking the clock temporary down),

Then just run netcat, let it listen to :3001, piped to file - and wait until the poll happens.

(I use it for TCP polling, so I'd assume one can capture with it in listening mode)

Also, you could connect the clock with it - once knowing how the server polls.

Martin Zeitler
  • 171
0

If you've saved the binary file from the WireShark capture, a good next step would be to look more closely at that file. As you've discovered, notepad probably won't do the job. Use a hex editor such as frhed to understand exactly what bytes are being sent.

Having identified the command, you can then write a script to make a TCP connection and send the command accurately. You could use PowerShell or Python for this purpose.

Mox
  • 415
  • 1
  • 3
  • 8