Skip to content

Siemens LOGO!8 PLC Password Hacking Proof-of-Concept-Tool

Notifications You must be signed in to change notification settings

SySS-Research/slig

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

Siemens LOGO!8 Information Gatherer (SLIG)

This script allows viewing the user profile setting which contains further access details and associated passwords as well as the program password. The author is Manuel Stotz (SySS GmbH).

You can find further details about those security issues in our SySS security advisories SYSS-2019-012, SYSS-2019-013, SYSS-2019-014 [1-3], and the Siemens Security Advisory SSA-542701[4].

[1] SySS Security Advisory SYSS-2019-012 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-012.txt

[2] SySS Security Advisory SYSS-2019-013 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-013.txt

[3] SySS Security Advisory SYSS-2019-014 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-014.txt

[4] Siemens Security Advisory SSA-542701 https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf

Usage

Run it like this:

nmap --script slig.nse -p 10005 <IP|Host>

Demo

Watch the demo here: https://youtu.be/TpH4EABGYCs

Requirements

  • nmap
  • key (see slig.nse)

Disclaimer

Use at your own risk. Do not use without full consent of everyone involved. For educational purposes only.

Releases

No releases published

Packages

No packages published

Languages