Monday, May 27, 2013

SCADA StrangeLove @Positive Hack Days

At PHDays we has released two talks:
“How to build your own Stuxnet” by SCADA StrangeLove team
“Industrial protocols for pentesters” by Alexander Timorin and Dmitry Efanov.  You can find slides for second one below.
To play with PROFINET DCP Alexander released two tools:


-   profinet_scanner.py
-   profinet_set_fuzzer.py

You can guess by name…
Tool s7_password_hashes_extractor.py  to extract SHA-1 hashes from S7 1200 PLC firmware to simplify brute force or pass-the-hash attack published also.



 In addition, Gleb Gritsai, Ilya Karpov, Dmitry Efanov, Alexander Timorin and Roman Ilin
 manage awesome Choo Choo PWN challenge. Short video (Russian only, sorry).



 
 
 See you at PHDays 2014!
Few photos: https://vk.com/album8849651_174874651
+Windows File Uploading Outof the Box[post exploitation]. Vyacheslav Yegoshin

10 comments:

  1. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    ReplyDelete