Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Hacking: Modbus & PLC
#1
PLC Injector

Modbus stager in assembly and some scripts to upload/download data to the holding register of a PLC.

https://github.com/BorjaMerino/PlcInjector

https://www.youtube.com/watch?v=hJ0HiR8uIWg
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#2
Jos malo detalja: http://www.shelliscoming.com/2016/12/mod...s.html?m=1
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#3
Modbus je trivijalan protokol. Sve moze da se odradi i preko hyperterm-inala. Za koji PLC je ovo vezano?
Reply
#4
Koliko vidim nije objavljena tacna verzija ali iz slika moze da se vidi "schneider electric ...".
Modbus je mozda trivijalan protokol ali je svakako i jako zastupljen.

Internet + Trivijaln protokol = Katastrofa Smile
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#5
Scheider PLC-ove nisam nikada smatrao za ozbiljne. Svi PLC-ovi podrzavaju Modbus, ali za razmenu podataka sa senzora i izvrsnim organima. Za visi nivo se koriste iskljucivo profibus i profinet. Bas me takodje interesure i koja fabrika ima izlaz ka internetu sa strane pogona. Ja nisam cuo. Ovo je vise za igranje varijanta.
Reply
#6
Koristeci alate poput https://nmap.org/ ili https://github.com/robertdavidgraham/masscan mozes jako brzo da nadjes fabrike koje imaju izlaz ka internetu. A ako te mrzi da skeniras mozes i da koristis ovaj servis: https://www.shodan.io/search?query=modbus Smile
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)