Hi there. At PHDays III SCADA StrageLove will celebrate our anniversary! Yep, year ago we had started our mission.
70+ 0-days, 5+ talks, 10+ releases... Not bad for a one year plan.
We preparing a lot of awesome stuff!
SCADA Strangelove: How to Build Your Own Stuxnet
A lot of time has passed since the Stuxnet incident. While one is looking for lacking elements of the cyberweapon evolution, Positive Technologies experts want to get a glimpse of the future. The near future where to create a full-fledged SCADA worm one will only need up-to-date Metasploit and a little skill of VBScript programming.
Based on the research regarding the security of Siemens SIMATIC (TIA Portal/ WinCC /S7 PLC) series, the talk will cover the vulnerabilities which can be used to hack into ICS. The speakers will also demonstrate the ways of the worm propagation and its malicious impact on the system, ranging from the network level (S7/Profinet) to the web control interfaces, to the WinCC project files.
Information on new vulnerabilities in Siemens SIMATIC series will be presented, as well as tools which can be used to analyze security and to find new vulnerabilities in ICSs.
You can get fantastic T-shirts if you can answer our questions!
Industrial Protocols for Pentesters by Alexander Timorin, Dmitry Yefanov
The report includes a general overview of the current situation with SCADA — the largest vendors, vulnerability statistics. The analysis of the main industrial protocols (Modbus, DNP3, S7, PROFINET) is described in details. Some interesting features and vulnerabilities of the protocols are analyzed from the point of view of a pentester. The authors of the report will speak about a protocol analysis technology and about used tools. They will also demonstrate software, developed in the course of their researches.
ICS Security – an Oxymoron or the Task of the Decade?
Correct answer: Potato Bicycle.
XML Out-Of-Band by Alexey Osipov, Timur Yunusov
This talk covers a brand new technique for out-of-band data retrieval. It allows accessing files and resources from a victim’s machine and internal network, even when normal output is impossible from the vulnerable application that handles XML data.
Awesome workshop and challenge
The competition challenges the participants' skills in exploiting various vulnerabilities in industrial equipment which provides automation and control of technological processes. The contestants will be offered to choose from access to communication systems of industrial equipment or HMI systems access. The goal is to independently obtain access to a model of a system which controls a railroad and cargo loading by exploiting vulnerable industrial protocols or bypassing authentication of SCADA systems or industrial equipment web interfaces. The Industrial Control System (ISC) of the railroad will include video surveillance, and, as an additional task, the competitors will be offered to disable the surveillance system.
Moreover, reports of our guests
DIY Industrial IPS, Dmitry Dudov
Find Them, Bind Them – Industrial Control Systems (ICS) on the Internet, Johannes Klick, Daniel Marzin
How to Straighten up a Car's "Brains", Kirill Ermakov, Dmitry Sklyarov
Are ICS Models Needed to Ensure Information Security of Industrial Systems? Ruslan Stefanov
See you there!
PS. Anybody can join PHDays via online translation or at PHDays Everywhere spot.