Главная
Study mode:
on
1
Intro
2
Before we start...
3
Previous work
4
Industrial systems are used as weapons
5
Traditional ICS networks
6
Industrial Things?
7
Industrial Control Gateways
8
Industrial gateways on the internet
9
Low barrier of access
10
Network segmentation
11
Equipment needed
12
Finding potential targets...
13
Moxa W2150A - Firmware
14
Moxa W2150A: libupgrade Firmware
15
Moxa W2150A - Hardware
16
Moxa W2150A - Finding vulnerabilities
17
Moxa W2150A - Custom protocol
18
Fuzzing
19
Fixing vulnerabilities...
20
Advantech EKI-1522: edgserver
21
Advantech EKI-1522: Hardware
22
EKI-1522: Finding vulnerabilities
23
Lantronix EDS2100: Firmware
24
EDS2100: Finding vulnerabilities
25
EDS2100: Webinterface
26
Schneider PowerLogic EGX100
27
VPN vulnerabilities
28
Some other devices are even worse
29
Summary
Description:
Explore the security vulnerabilities of industrial control gateways in this Black Hat conference presentation. Delve into attacking communication protocols, reverse engineering proprietary firmwares, and fuzzing protocols. Witness a live demonstration of vulnerabilities on real devices, revealing significant security shortcomings in industrial control gateways from major vendors. Learn about the potential risks these vulnerabilities pose to critical infrastructure and gain insights into finding and exploiting weaknesses in various gateway models, including Moxa W2150A, Advantech EKI-1522, Lantronix EDS2100, and Schneider PowerLogic EGX100. Understand the implications of these security flaws and the importance of addressing them in industrial control systems.

Breaking the IIoT - Hacking Industrial Control Gateways

Black Hat
Add to list
#Conference Talks #Black Hat #Information Security (InfoSec) #Cybersecurity #Reverse Engineering #IoT security #Engineering #Manufacturing #Industrial Automation #Industrial Control Systems
0:00 / 0:00
1 of 29

Intro