Fixes for Siemens S7 1500 PLC are published.
Thanks to Yury Goltsev https://twitter.com/ygoltsev, Ilya Karpov, Alexey
Osipov https://twitter.com/GiftsUngiven, Dmitry
Serebryannikovhttps://twitter.com/dsrbrand Alex
Timorin https://twitter.com/atimorin.
There are a lot of, but Authentication bypass
Hi list.
Just a collection of our 30C3 releases in one post.
ICS/SCADA/PLC Google/Shodan Cheat Sheet
THC Hydra with Siemens S7-300 support
Slides and video from SCADA Strangelove 2
talkhttps://events.ccc.de/congress/2013/Fahrplan/events/5582.html
.
A Hacker Disneyland by @ygoltsev and
Special release of ICS/SCADA toolkit for our speech and Choo Choo PWN
PHDays workshop at Power of Community
conferencehttp://www.powerofcommunity.net/in Seoul.
Lets play with industrial protocols!
New releases:
S7 for 1500 PLC offline password brute force toolkit.
IEC-60870-5-104 fingerprint tool
New version of modules/auxiliary/admin/scada/simatic_wincc_harvester.rb is
released.
It's still in unstable but I hope it will be fixed in the nearest future
Details:
http://scadastrangelove.blogspot.com/2013/08/wincc-harvester-metasploit-module-is.html
Siemens updates WinCC SCADA and TIA Portal to fix two minor issues in HMI
panels discovered by our team:
CVE-2013-4911: CSRF (Cross-site request forgery) attacks, compromising
integrity and availability of the system
CVE-2013-4912: URL redirection to untrusted websites
Thanks for Timur Yunusov
Few days ago Siemens published update for WinCC 7.2 SCADA to fix several
vulnerabilities discovered by SCADA StrangeLove team.
CVE-2013-3957 – most dangers one. Simple SQL Injection because some
configuration and architectural issues an attacker can execute arbitrary
code in context of SQL server.
New tools and special PHDays releases.
Tools:
- profinet_scanner.py
- profinet_set_fuzzer.py
- s7_password_hashes_extractor.py
Slides:
“How to build your own Stuxnet” by SCADA StrangeLove team
“Industrial protocols for pentesters” by Alexander Timorin and Dmitry Efanov
Hi List,
New vulnerabilities/fixes in Siemens WinCC 7.0 SP3 Update 1 and WinCC
Flexible in TIA Portal V11.
Details:
http://scadastrangelove.blogspot.com/2013/03/wincc-vulnerabilities-fresh-meat.html
Cheers,
SCADA StrangeLove team
___
Full-Disclosure