During an internal assessment of a water treatment facility, you gain unauthenticated TCP access to a legacy PLC that controls the plant's chemical-dosing pumps. An Nmap scan reports port 502 open, and packet inspection confirms Modbus/TCP traffic. To overwrite the chlorine set-point stored in a single holding register, which Modbus function code should you transmit to the device?
On Modbus/TCP, port 502 is used for command traffic to PLCs and RTUs. Holding registers (addresses 40001-4xxxx) store 16-bit numerical values such as analog set-points. Function code 0x06, Write Single Register, is specifically designed to modify the contents of exactly one holding register without affecting adjacent memory. Function code 0x03 is read-only, so it cannot change values. Function code 0x05 writes a single coil, which represents a single discrete (on/off) output, not an analog register value. Function code 0x10 writes multiple holding registers and is unnecessary-and more conspicuous-when only one register needs alteration. Therefore, 0x06 is the appropriate choice for changing a single process set-point in an OT attack against Modbus-based PLCs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Modbus/TCP, and how does it work?
Open an interactive chat with Bash
What is a holding register in a PLC, and how is it typically used?
Open an interactive chat with Bash
Why is the 0x06 function code ideal for writing to a single holding register?
Open an interactive chat with Bash
What is Modbus/TCP, and why is port 502 significant?
Open an interactive chat with Bash
What are holding registers in Modbus, and how are they structured?
Open an interactive chat with Bash
Why does function code 0x06 work for modifying a single register, and how does it differ from other codes?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Mobile Platform, IoT, and OT Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .