SCADA StrangeLove 2

We already know

If you suspend your transcription on, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
SCADA StrangeLove team will present their research on ICS systems for the second time on CCC. Last year we showed current situation with security of industrial world and disclosed a big number of vulnerabilities found in Siemens ICS solutions. Part of vulnerabilities, we can say most notable one, wasn’t disclosed due to Responsible Disclosure. This time we already know. We will speak about several industrial protocols and their weaknesses. During this year we played with new industrial hardware and software – this patitially brings new “We don’t know yet” vulnerability details. Moreover, we’ll mention creepiest bugs undisclosed from last year, tell you about new ones and build attack vectors from them. At last, we will share our experience in pentesting ICS enviroments.

Speakers: Gleb Gritsai and Sergey Gordeychik

1. Introduction
1.a. About SCADA StrangLove
1.b. We were here before
c. Why we eat what we eat
2. ICS in internet – piece of cake
2.a. Massscan, zmap, sonar, etc.
2.b. One time scan isn’t sexy today – Continuous monitoring
2.c. Pizza Owens on the internets now
3. More protocols – more fun
3.a. Profinet/DCP
3.b. IEC104 – the bad and the bad
3.c. MMS – from reflash to tag
3.d. S7 saga continued
3.e. Every self-respecting ICS vendor must have own buggy protocol
4. “Darwin” bugs in ICS
4.a. Statistic and detailed analysis of vulnerabilities discovered by SCADASL team
5. Don’t try it at home - Pentesting ICS environment
5.a. Listen to the turbines
5.b. Sit in hardened rooms
5.c. Remember the exit paths
6. What we already know. Fixes and releases in 2013
7. Things we don’t know yet
7.a. Old friends: Siemens
7.a.i. New S7-1500 PLC
7.a.ii. Cookie monster to own all PLC’s
7.b. New friends
7.b.i. Invensys vulnerabilities
7.b.ii. ABB vulnerabilities and exploit demo
7.b.iii. Emerson vulnerabilities
8. Special 30C3 releases

Talk ID
Saal 2
11 p.m.
Security & Safety
Type of
Sergey Gordeychik
Talk Slug & media link
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%

Work on this video on Amara!

English: Transcribed until

Last revision: 2 years, 1 month ago