GradeZero Music Band

Sunday, June 8, 2014

Positive Hack Days IV

At Positive Hack Days IV ( we have a lot of fun.
First of all we released more details about new vulnerabilities in Siemens WinCC OA, S7 1200 and S7 1500 PLC, ABB, SmartGrid and SCADA In the cloud.

Please check out slides.

In Critical Infrastructure Attack (CIA) challenge everybody tried to hack up-to-date SCADA/PLC systems and get own ICS 0-day to fix it via responsible disclosure process (direct/ZDI/iDefence/whatever).
Results: several RCE in Indusoft Web Studio, remote DoS in ICP DAS RTU PET-7000, and XSS in Simatic S7-1200. Waiting for fixes. Details:

For everybody who know the Power of Tin Foil Hat we did Crazy Smart House challenge where you should hack (guess what) – Crazy Smart House. More details coming.

And Too Drunk Too Hack was awesome as usual!

Thanks everybody and see you next year at PHDays!

No comments:

Post a Comment