Members of SCADA StrangeLove Gleb Gritsai and Alexander Tlyapov gave a talk at Zeronights conference @Moscow. New slides were splitted into two parts:
- Industrial protocols (MMS and IEC 104) and how to act during a penetration testing of ICS enviroment with this protocols
- Patched WinCC vulnerabilities discovered by SCADA SL group including Alexander's results of deep reverse engineering of solution
We'd like to thank attendees for their questions and interest in topic. This year showed there is a room for organizational improvements, but the conference talks and the community compensate any negative impressions. Kudos to the organizers of the Zeronights conference for bringing up this international security event and giving us a chance to speak there.
Last week four guys of the SCADA StrangeLove team took part in Power of Community conference in Seoul, South Korea. Alexander Timorin, Yuri Goltsev and Ilya Karpov run Choo Choo PWN challenge and workshop, and Sergey Gordeychik spoke on automatic exploit generation.
Choo Choo PWN challenge was built for PHDays III and it was the first time it was presented in Korea.
Alexander Timorin and Alexander Tlyapov from SCADA StrangeLove team will speak @ ZeroNights conference in Moscow, Russia. We will release protocol security analysis for IEC 61850-8-1 (MMS), IEC 61870-5-101/104, security features of “new another S7” for latest TIA Portal and S7-1500 PLC. Following tradition, we will release information about new (but fixed) bugs in WinCC.
PS. Seems Alexander Timorin will be at Seoul/Power of Community at moment, so Gleb Gritsai will fix this issue and give a lecture @ ZN.
'Choo Choo Pwn' challenges the participants' skills in exploiting various vulnerabilities in industrial equipment which provides automation and control of technological processes. The contestants will be offered to choose from access to communication systems of industrial equipment or HMI systems access. The goal is to independently obtain access to a model of a system which controls a railroad and cargo loading by exploiting vulnerable industrial protocols or bypassing authentication of SCADA systems or industrial equipment web interfaces. The Industrial Control System (ISC) of the railroad will include video surveillance, and, as an additional task, the competitors will be offered to disable the surveillance system.