PenTestIT RSS Feed
This framework is based on RouterSploit, which has already been covered on this blog. Infact, that’s how I got to know about it - I was checking the source for updates and I found a reference for this Industrial Control System (ICS) exploitation framework -ICSSPLOIT. ICS security for long has been a pain as systems haven’t been updated in a while. There are a few which run the End-Of-Life Windows XP operating system too! I hope it changes for good soon.
ICSSPLOIT is an open source industrial control systems exploitation framework in Python, that is based on the router exploitation framework - RouterSploit. It helps you test vulnerabilities with multiple programmable logic controller (PLC) and ICS software. It also sports a Metasploit like command structure.
ICSSPLOIT supports the following ICS protocols:
Modbus that listens on TCP port 502 by default.
WdbRPC Version 2 (VxWorks) that listens on TCP port 17185 by default.
Likewise, it has Profinet DCP scanner & Vxworks 6.x scanner modules implemented for scanning.
In addition to this, ICS protocol modules for Profinet DCP, Modbus TCP and WDB RPC version 2 protocols are also included.
ICSSPLOIT 0.1.0 can work out of the box on Kali Linux systems as it includes the necessary python packages already. Otherwise, the following packages are necessary: gnureadline, requests, paramiko, beautifulsoup4, pysnmp, python-nmap, scapy. They have been included in the requirements file which can be used with pip in the following manner:
pip install -r requirements
Check out the GIT repository of this industrial control systems exploitation framework here.
The post ICSSPLOIT: A Industrial Control System Exploitation Framework appeared first on PenTestIT.