dark-lbp / isf Goto Github PK
View Code? Open in Web Editor NEWISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
License: BSD 2-Clause "Simplified" License
ISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
License: BSD 2-Clause "Simplified" License
I tried read write coils/registers with modbuspal 1.6b version simulator with icssploit modbus client and metasploit module, ics give this errors and it can not read or write anything but msf succesfully did. (Tried on manjaro linux with python 2)
i saw this example from this blogpost: https://medium.com/@lucideus/industrial-control-system-exploitation-framework-lucideus-research-643cf563c42d
Can this tool be used for communication attacks on mirco 850 PLC?
I'm trying to stop my plc (CPU1212C V4.2.1) or run with the exploit command but I receiv this error:
error: [Errno 104] Connextion reset by peer
My PLC isnt protected.
For packing isf
for distribution it would easier if there are source tarballs available. Can you please create one? Thanks,
/dev/fd/12:18: command not found: compdef
chikkachun@chikdeMBP ~ % git clone https://github.com/dark-lbp/isf/
cd isf
python isf.py
fatal: destination path 'isf' already exists and is not an empty directory.
zsh: command not found: python
chikkachun@chikdeMBP isf % ls
README-ZH.md docs lib
README.md ics.cnvd logs
core isf.gif module
dependencies isf.py requirements.txt
docker isf.xml
chikkachun@chikdeMBP isf % isf.py
zsh: command not found: isf.py
chikkachun@chikdeMBP isf %
when I try to learn the source code. I find "checksum()" in ./icssploit/protocol/wdbrpc2.py undefined. Where can I import the package.
Please Help me, thanks!
I am trying to run it, but I get this:
python isf.py
Traceback (most recent call last):
File "isf.py", line 9, in
from icssploit.interpreter import IcssploitInterpreter
File "/root/isf/icssploit/init.py", line 1, in
from icssploit.utils import (
File "/root/isf/icssploit/utils/init.py", line 21, in
import requests
File "/usr/lib/python2.7/dist-packages/requests/init.py", line 84, in
from urllib3.contrib import pyopenssl
File "/usr/lib/python2.7/dist-packages/urllib3/contrib/pyopenssl.py", line 46, in
import OpenSSL.SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/init.py", line 8, in
from OpenSSL import crypto, SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/crypto.py", line 12, in
from cryptography import x509
File "/usr/lib/python2.7/dist-packages/cryptography/x509/init.py", line 8, in
from cryptography.x509.base import (
File "/usr/lib/python2.7/dist-packages/cryptography/x509/base.py", line 16, in
from cryptography.x509.extensions import Extension, ExtensionType
File "/usr/lib/python2.7/dist-packages/cryptography/x509/extensions.py", line 24, in
from cryptography.x509.general_name import GeneralName, IPAddress, OtherName
File "/usr/lib/python2.7/dist-packages/cryptography/x509/general_name.py", line 18, in
from cryptography.x509.name import Name
File "/usr/lib/python2.7/dist-packages/cryptography/x509/name.py", line 28, in
_ASN1_TYPE_TO_ENUM = dict((i.value, i) for i in _ASN1Type)
TypeError: 'type' object is not iterable
nm = nmap.PortScanner()
AttributeError: 'module' object has no attribute 'PortScanner'
Testing the S7-1200 PLC Control
module against a real S7-1200 (1212C), when sending the stop command, get:
isf (S7-1200 PLC Control) > set target 192.168.1.190
[+] {'target': '192.168.1.190'}
isf (S7-1200 PLC Control) > set command 2
[+] {'command': '2'}
isf (S7-1200 PLC Control) > run
[*] Running module...
[+] Target is alive
[*] Sending packet to target
[*] reset plc
[-] Traceback (most recent call last):
File "/root/isf/icssploit/interpreter.py", line 337, in command_run
self.current_module.run()
File "/root/isf/icssploit/modules/exploits/plcs/siemens/s7_1200_plc_control.py", line 122, in run
self.exploit()
File "/root/isf/icssploit/modules/exploits/plcs/siemens/s7_1200_plc_control.py", line 107, in exploit
self.start_ctrl(stop_cpu_packet)
File "/root/isf/icssploit/modules/exploits/plcs/siemens/s7_1200_plc_control.py", line 95, in start_ctrl
s.recv(1024)
error: [Errno 104] Connection reset by peer
There are some issues with scanner module:No module named nmap
isf > use scanners/vxworks_6_scan
[-] Error during loading 'icssploit/modules/scanners/vxworks_6_scan'
Error: No module named nmap
It should be valid path to the module. Use key multiple times for completion.
Traceback (most recent call last):
File "isf.py", line 9, in
from icssploit.interpreter import IcssploitInterpreter
File "/root/Desktop/isf/icssploit/init.py", line 1, in
from icssploit.utils import (
File "/root/Desktop/isf/icssploit/utils/init.py", line 15, in
import nmap
ImportError: No module named nmap
I hate to be that guy, but python2 EOL'd back in april.
That was after it originally EOL'd in January.
That was after it was originally planned to EOL in 2015.
That was after python3 was released in 2006.
This was a very very very long time coming and there was numerous warnings.
I just saw this mentioned in a talk in August 2020 in the blackhat briefings.
Using an unsupported interpreter is a massive security issue and the irony is dully noted.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.