![]() ![]() All the functions used in our tool are written in Python and based on powerful libraries such as Python-Snap7 and Scapy. replay and control hijacking attacks against the compromised controller. Our tool also shows that once an adversary reaches the target, he is capable of carrying out severe attacks e.g. Authentication Bypass to check whether the PLC is password protected, and compromise the PLC. Inner Scanner to collect critical data about the target PLC’s software blocks. IHP-Attack consists of many functionalities as follows: PNIO Scanner to Scan the industrial network and detect any available PLCs/CPs, etc. For real world experimental scenarios, our tool is implemented on real hardware/software used in industrial settings (water level control system). In this work, we build up our tool to carry out a series of attacks based on the existing reported vulnerabilities of S7-300 PLCs in the research community. Thus, they were exposed to various kind of cyber-attacks over the last years such as reply, bypass authentication and access control attacks. Due to the lack of integrity checks in S7-300 PLCs, such controllers execute commands whether or not they are delivered from a legitimate user. This paper presents a series of attacks against Siemens S7-300 programmable logic controllers (PLCs), using our remote IHP-Attack tool.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |