Breaking the IIoT - Hacking Industrial Control Gateways

Explore the security vulnerabilities of industrial control gateways in this Black Hat conference presentation. Delve into attacking communication protocols, reverse engineering proprietary firmwares, and fuzzing protocols. Witness a live demonstration of vulnerabilities on real devices, revealing significant security shortcomings in industrial control gateways from major vendors. Learn about the potential risks these vulnerabilities pose to critical infrastructure and gain insights into finding and exploiting weaknesses in various gateway models, including Moxa W2150A, Advantech EKI-1522, Lantronix EDS2100, and Schneider PowerLogic EGX100. Understand the implications of these security flaws and the importance of addressing them in industrial control systems.

Intro
Before we start...
Previous work
Industrial systems are used as weapons
Traditional ICS networks
Industrial Things?
Industrial Control Gateways
Industrial gateways on the internet
Low barrier of access
Network segmentation
Equipment needed
Finding potential targets...
Moxa W2150A - Firmware
Moxa W2150A: libupgrade Firmware
Moxa W2150A - Hardware
Moxa W2150A - Finding vulnerabilities
Moxa W2150A - Custom protocol
Fuzzing
Fixing vulnerabilities...
Advantech EKI-1522: edgserver
Advantech EKI-1522: Hardware
EKI-1522: Finding vulnerabilities
Lantronix EDS2100: Firmware
EDS2100: Finding vulnerabilities
EDS2100: Webinterface
Schneider PowerLogic EGX100
VPN vulnerabilities
Some other devices are even worse
Summary