API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 1st, 2012
2,063
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.93 KB | None | 0 0
raw download clone embed print report
  1. Hacking SCADA Systems
  2.  
  3. With the discovery of stuxnet and all the subsequent interest in industrial control systems it's worthwhile to learn a bit on how to exploit these for our own purposes. For now it's a copypaste of various information on ICS products. Eventually I will rewrite it as a fluent tutorial, but until then you can use this article as a starting point in your own research.
  4.  
  5.  
  6. Contents
  7. [hide]
  8.  
  9. 1 Terminology
  10. 2 Default Passwords
  11. 3 Google Dorks
  12. 4 Vulnerabilities and Other Resources
  13.  
  14. Terminology
  15.  
  16. PLC: Programmable Logic Controller
  17.  
  18. RTU: Remote Terminal Unit
  19.  
  20. HMI: Human-Machine Interface
  21.  
  22.  
  23. Default Passwords
  24.  
  25. These should always be your first try if you come across an HMI listed. Due to the fact that the amount of attention these systems have received has only been true recently many of these HMIs still have their defaults. These can be accessed using a web panel, telnet, or VNC. Links to support documents have been provided to familiarize yourself with these systems.
  26.  
  27. Schneider Electrics
  28.  
  29. pcfactory:pcfactory
  30. loader:fwdownload
  31. ntpupdate:ntpupdate
  32. sysdiag:factorycast@schneider
  33. test:testingpw
  34. USER:USER
  35. USER:USERUSER
  36. webserver:webpages
  37. fdrusers:sresurdf
  38. nic2212:poiuypoiuy
  39. nimrohs2212:qwertyqwerty
  40. nip2212:fcsdfcsd
  41. ftpuser:ftpuser
  42. noe77111_v500:RcSyyebczS
  43. AUTCSE:RybQRceeSd
  44. AUT_CSE:cQdd9debez
  45. target:RcQbRbzRyc
  46.  
  47. [1]
  48.  
  49.  
  50. Siemens Simatic
  51.  
  52. Administrator:100
  53.  
  54. [2]
  55.  
  56.  
  57. Siemens WinCC
  58.  
  59. WinCCConnect:2WSXcder
  60. WinCCAdmin:2WSXcder
  61.  
  62. [3]
  63.  
  64.  
  65. WAGO
  66.  
  67. admin:wago
  68.  
  69. [4]
  70.  
  71.  
  72. Google Dorks
  73.  
  74. These will be added to as I go along, but are just a couple you can try out to search for HMIs.
  75.  
  76. inurl:/plc/webvisu.htm
  77. "Miniweb on" "Control Functions" -filetype:pdf
  78.  
  79.  
  80. Vulnerabilities and Other Resources
  81.  
  82. Vulnerabilities in some SCADA server softwares
  83. Metasploit Modules for SCADA-related Vulnerabilities
  84. SIMATIC HMI panels - some default Simatic HMIs you can play around with
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!