YoVDO

Rogue7 - Rogue Engineering-Station Attacks on S7 Simatic PLCs

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Cryptography Courses Reverse Engineering Courses Industrial Control Systems Security Courses

Course Description

Overview

Explore a comprehensive analysis of security vulnerabilities in Siemens industrial control systems, focusing on Simatic S7 PLCs and their communication with engineering stations and SCADA HMIs. Delve into the architecture's claimed security measures against sophisticated attacks, and uncover how even the latest versions remain susceptible to exploitation. Examine the S7 protocol, program cycle objects, and cryptographic primitives used in these systems. Learn about reverse engineering techniques, runtime type information, and witness a demonstration of potential attack vectors. Gain insights into the implications of these vulnerabilities for industrial cybersecurity and the ongoing challenges in securing critical infrastructure against evolving threats.

Syllabus

Intro
Overview
The PLC
Stuxnet
Engineering Workstation
S7 1500
S7 1200
S7 Protocol
S7 Ring
Program Cycle Object
Two Simple Programs
Malicious Program
Legal Flow
Description
Setup Phase
Raw Engineering Station
Conclusion
Cryptographic Primitive
PLC Public Key
PLC Ring
Reverse Engineering Tips
Runtime Type Information
Demonstration


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube