In the Metasploit hackerstoolkit is a number of exploits for programmable logic controllers added. Allows industri lwa le systems being cracked. The Metasploit developers hope that the bugs are fixed.
During a conference, discovered six researchers vulnerabilities in different plc’s. It comes to systems of Schneider Electric, General Electric, and Koyo. Some plc’s contain backdoors; at other servers was fuzzing possible or could the web interface be abused.
Exploits for the bugs in the General Electric-plc have now been added to the Metasploit framework, which is designed to reduce security vulnerabilities to detect. This is also abuse of this vulnerability lurking. The developers of Metasploit, however, say that the developers of the plcs are too lax and that the inclusion in the framework should be to ensure that the bugs are fixed. There are plans to also exploits to add that abuse of other plc’s.
With plcs, industrial control systems controlled. Plc programs are often part of a scada system, which can be used for industrial systems to control remotely. Many of such systems are, however, poorly protected and are sometimes even directly to the internet, such as the Dutch beveiligingsonderzoeker @ntisec demonstrated. He discovered with relatively little effort, a large number of scada systems that direct approach was.
The discovered vulnerabilities: a red cross for an easy-to-exploit vulnerability, an exclamation mark means that there is, in theory, abuse is possible, and with a green check mark, there is nothing on the hand