Raj
hi guys wassup today i will tell you about SCADA hacking
some other reosurces
so first what is SCADA ? its abbreviated as Supervisory
Control and Data Acquisition so basically there are lots of hardwares in it ans
used in power grids, Dams and many other industires. they use primitive
softwares that are easy to exploit. remember Stuxnet that exploited Iran`s
windows computer to exploit iran`s nuclear facility which was of Siemens. same
way there are lots of companies who make SCADA and for ease of use and to
control them from remote places they have internet connection
so basically there are PLC (programmable logic contoller) which are exploited mostly. the I/O cycles are controlled by RISC (Reduced instruction set computing) processor
PLCs use RISC processors to run continuous, cyclical programs and they take time in their I/O cycle to talk to the SCADA unit and receive instructions from the SCADA to modify its instruction sets or operating parameters. SCADA typically operates by evaluating the input data and determine if it is within an allowable set of parameters
1st how to find vulnerable SCADA devices
you must know what an HTTP header does and also that we can know that what software or authentication a server is running. with the use of that we will find vulnerable SCADA devices. A website called Shodanhq does and makes our work easy
from that a specific code(something like dorks) we can get lots of SCADA
2nd exploits
SCADA exploits are hard to get coz no one shares that sometimes you need to make your own but you can get some from exploit Db or there is are modules by metasploit to exploit some of them are here or here
RESOURCES
1. shodanhq.com
2. scadahacker.com
3. SCADA dorks list
4.SCADA security research and tools
warning SCADA hacking is a very very dangerous it can get people killed and lot of property damage... and end up in your life in jail for longer time and
this article is for education purposes only
so basically there are PLC (programmable logic contoller) which are exploited mostly. the I/O cycles are controlled by RISC (Reduced instruction set computing) processor
PLCs use RISC processors to run continuous, cyclical programs and they take time in their I/O cycle to talk to the SCADA unit and receive instructions from the SCADA to modify its instruction sets or operating parameters. SCADA typically operates by evaluating the input data and determine if it is within an allowable set of parameters
1st how to find vulnerable SCADA devices
you must know what an HTTP header does and also that we can know that what software or authentication a server is running. with the use of that we will find vulnerable SCADA devices. A website called Shodanhq does and makes our work easy
from that a specific code(something like dorks) we can get lots of SCADA
2nd exploits
SCADA exploits are hard to get coz no one shares that sometimes you need to make your own but you can get some from exploit Db or there is are modules by metasploit to exploit some of them are here or here
RESOURCES
1. shodanhq.com
2. scadahacker.com
3. SCADA dorks list
4.SCADA security research and tools
warning SCADA hacking is a very very dangerous it can get people killed and lot of property damage... and end up in your life in jail for longer time and
this article is for education purposes only
Posted in: 
0 comments:
Post a Comment