Telnet 3270 / tn3270 – port 23

Used by Mainframe / MVS.

• TN3270 (Wireshark)
• Telnet 3270 (Wikipedia)
• Customer Information Control System (CICS)

Ports: 23 (TCP) for remote login, 20 (TCP) for FTP (instead of 21)

Nmap scripts

Official Documentation

ls -la /usr/share/nmap/scripts/tn3270*

nmap -Pn -p 23 --script tn3270-screen $IP

Telnet 3270 (TN3270 protocol) in Kali Linux

IBM 3270 terminal emulator

Installation

sudo apt install c3270

Help

man c3270

Connection

Will use default user.

IP=x.x.x.x
c3270 $IP -connecttimeout 5

Login – for configurations by admins

Authenticating CICS users by a CICS user ID and password (IBM)

[Ctrl+C, will clear the screen...]
CESN
[username: test]
[password: test]
[F3 to exit]

[Ctrl+C, will clear the screen...]
CESL
[userid: 123]
[password: test]
[F3 to exit]

Login – by users

[Ctrl+C, will clear the screen...]
VSCF
[username: test]
[password: test]
[F3 to exit]

Automation

Adapt to specific application menu. Tested.

#!/usr/bin/python3
#------------------------------------------------------------------------------
# Author      : Lisandre.com
# Prereq      : py3270 (Python interface to x3270): https://github.com/py3270/py3270
#               pip3 install py3270
#               sudo apt install x3270
#               sudo apt install s3270
# IMPORTANT   : DO NOT USE em.send_string(), it works on Kali but not on RedHat :(
#                          em.send_clear(), does not work on Kali and RedHat
#------------------------------------------------------------------------------
from py3270 import Emulator
import time

server="x.x.x.x"

em = Emulator(visible=True) # visible=True: Use x3270 so you can see what is going on
#em = Emulator() # visible=False (default): Use s3270 for script mode (silent)

print("INFO: Connecting to " + server + "...")
em.connect(server)  # Connect to mainframe
em.wait_for_field() # Unlocks the keyboard

em.fill_field(10, 2, 'OPTION1', 1) # y,x of cursor (in status bar at bottom of terminal), string, string length
em.send_enter()
em.wait_for_field() # Unlocks the keyboard
time.sleep(2)       # REQUIRED! Wait to get server response, under 2 seconds = unreliable results

em.exec_command(b'Clear') # Ctrl + C to clear the screen, DO NOT WAIT FOR FIELD AFTER THIS! (no fields!)
time.sleep(2)             # REQUIRED! Wait to get server response, under 2 seconds = unreliable results

em.fill_field(10, 2, "VALUE1", 6) # some fields have a max of 8 characters (rest is truncated)
em.send_enter()
time.sleep(2) # REQUIRED! Wait to get server response, under 2 seconds = unreliable results

message = em.string_get(20 2, 10) # y,x of cursor (in status bar at bottom of terminal), string length
print("INFO: " + message)

# Look for a status message
if "SOME MESSAGE" in str(message):
    print("INFO: String found.\n")
else:
    print("ERROR: Unexpected behavior.")
    break

em.terminate() # Disconnect from host and kill subprocess