Pentesting SCADA with Metasploit:Modbus

Рет қаралды 4,607

David Tancredi

Күн бұрын

Пікірлер: 18

@alim.hosseini4638 2 жыл бұрын

Great tutorial.

@davidtancredi5658 Жыл бұрын

Thank you brother I appreciate the support

@gentlerebel5069 5 ай бұрын

When I scan with nmap the port 502 shows close. Do you have any suggestion on how to open it? Thanks.

@davidtancredi5658 5 ай бұрын

If the port is close there aint much you can do unless you have access to the firewall

@gentlerebel5069 5 ай бұрын

@@davidtancredi5658 I used ufw and iptables to give access to the port it still remains close. But when I use nc it shows open and when I run the metasploit it won't execute

@jamiroquai188 Жыл бұрын

Is there a way to trigger discrete inputs?

@davidtancredi5658 Жыл бұрын

By discrete input you mean a specific coil?

@jamiroquai188 Жыл бұрын

@@davidtancredi5658 as you can see on the output of show actions commands. There is read_discrete_inputs commands but not write_discrete_inputs. I'm just wondering if there is a way to manipulate input too?

@davidtancredi5658 Жыл бұрын

As far as I know this particular metasploit module only allows to write values to either coils or registers, you could possibly modify the module or write a custom exploit.

@salaheldineghennai7743 10 ай бұрын

hello, but why you didn't samply use modbus Poll which can can acess to modbus server usually with a lot of options

@davidtancredi5658 10 ай бұрын

Modbus poll is another awesome simulator, might do another vid on the topic down the road

@bayou__ 9 ай бұрын

This cool bro

@marinagarcia7206 11 ай бұрын

Great tutorial!! I have a problem with metasploit and every time I set an address data it says that is an illegal data address, do you know why this could be??

@davidtancredi5658 11 ай бұрын

If the address Is flagged as illegal it might be due to specific configurations in the target PLC