工具分享 工控安全 技术分享

分享那些移动平台下的PLC数据远程监控调试软件(移动端PLC通讯解决方案)

0x1、简介

说起安卓平台的下的渗透测试工具可算是比较丰富的,有用于劫持攻击的dsploit,也有用于端口扫描的Port Scanner,在安卓市场上也有多种SCADA、PLC通讯的解决方案。而针对工控网络以及它的特性,我们可以从安全的角度假设一个场景,当你在某些生产环境下使用无线连入了该网络,然后可以通过端口扫描来探测工控系统中常见的通讯端口,然后使用对应软件连接进行调试。那么这样极有可能完成一次廉价的攻击,当然这一切使用的只是一个手机。
经典的攻击案例可参考如下图虚拟实例(图片来自绿盟科技-2013工业控制系统及其安全性研究报告
NSFOCUS_ICS_Security_Report_20130624_1

0x2、软件及使用介绍

Modbus-Droid

Modbus-Droid是一款Modbus客户端软件,支持常见的01,02,03,04等常见功能码,支持数据写入。
使用tips:安装app后在settings-IP Adress中填入modbus server(子站)的IP,在主界面设置扫描显示的个数长度即可,点击地址即可修改数据。
截图:
Modbus-Droid_1Modbus-Droid_2

 

Modbus-Droid_3

使用tips:安装app后在settings-IP Adress中填入modbus server(子站)的IP,在主界面设置扫描显示的个数长度即可,点击地址即可修改数据。
下载连接:
Google Play

S7 PLC HMI Lite

S7 PLC HMI Lite是一款可与西门子S7-300、S7-400、S7-1200系列PLC通讯的app,该APP能完成简单的HMI制作。
使用tips:在PLC Setings中设置西门子PLC的IP地址即可,如果通讯失败需要注意槽号(Slot)和机架号(Rack)是否匹配。
截图:
S7-PLC-HMI -Lite_1S7-PLC-HMI -Lite_2S7-PLC-HMI -Lite_3
下载连接:
Google Play

TeslaMultiSCADA

TeslaMultiSCADA是安卓下一款成熟的HMI/SCADA组态监控软件,TeslaMultiSCADA是TeslaSCADA下的多驱动版本,TeslaMultiSCADA支持与多个设备通讯,如S7-300、S7-400、S7-1200、AB ControlLogix、AB CompactLogix以及标准Modbus、OPC UA。
截图:

TeslaMultiSCADA_1TeslaMultiSCADA_2TeslaMultiSCADA_3
下载连接:
Google Play

PLC-5 HMI Express

PLC-5 HMI Express是一款可以与AB(罗克韦尔)PLC-5系列PLC通信的app。
使用tips:在connection settings中填入PLC设备IP即可。
截图:

PLC-5-HMI Express_1PLC-5-HMI Express_2PLC-5-HMI Express_3
下载连接:
Google Play

Delta Smart VIEWER

Delta Smart VIEWer是台达官方发布的基于安卓的PLC监控软件,主要可用于读取台达PLC的基本信息、参数,监控台达PLC运行情况以及支持通用Modbus协议,同时可对监控数据进行修改。
使用tips:安装app后在”连接对象设定”中填入设备IP,可选设备型号即可。
截图:

Smart-VIEWer_3Smart-VIEWer_1Smart-VIEWer_2
下载连接:
Link

0x3、软件全家福(其他版本)

Mobile-SCADA

About Z-0ne

Leave a Reply

Your email address will not be published. Required fields are marked *

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据

最新工业控制系统漏洞

ICS-CERT Advisory Feed
Fujifilm FCR Capsula X/Carbon X

This medical advisory includes mitigations for uncontrolled resource consumption and improper access control vulnerabilities reported in Fujifilm’s. . . read more Tue, 23 Apr 2019 12:05:43 EDT

Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers

This advisory includes mitigations for an open redirect vulnerability reported in Rockwell Automation’s MicroLogix 1400 and CompactLogix 5370 contro. . . read more Tue, 23 Apr 2019 12:00:33 EDT

Delta Industrial Automation CNCSoft

This advisory includes mitigations for heap-based buffer overflow, out-of-bounds read, and stack-based buffer overflow vulnerabilities reported in Del. . . read more Tue, 16 Apr 2019 10:10:11 EDT

WAGO Series 750-88x and 750-87x

This advisory includes mitigations for a use of hard-coded credentials vulnerability reported in WAGO's 750-88x and 750-87x programmable logic co. . . read more Tue, 16 Apr 2019 10:05:55 EDT

PLC Cycle Time Influences

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in ABB, Phoenix Contact, Schneider Electric, Siemen. . . read more Tue, 16 Apr 2019 10:00:24 EDT

Siemens SIMOCODE pro V EIP

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in Siemens' SIMOCODE pro V EIP low-voltage mot. . . read more Tue, 09 Apr 2019 10:25:33 EDT

Siemens Spectrum Power 4.7

This advisory includes mitigations for a command injection vulnerability reported in Siemens' Spectrum Power 4.7 system.. . . read more Tue, 09 Apr 2019 10:20:24 EDT

Siemens Industrial Products with OPC UA

This advisory includes mitigations for an uncaught exception vulnerability in Siemens' Industrial Products using OPS UA communications protocol.. . . read more Tue, 09 Apr 2019 10:15:11 EDT

Siemens SINEMA Remote Connect

This advisory includes mitigations for incorrect calculation of buffer size, out-of-bounds read, stack-based buffer overflow, and improper handling of. . . read more Tue, 09 Apr 2019 10:10:11 EDT

Siemens RUGGEDCOM ROX II

This advisory includes mitigations for double free, out-of-bounds read, and uncontrolled resource consumption vulnerabilities reported in Siemens'. . . read more Tue, 09 Apr 2019 10:05:16 EDT

Siemens CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM

This advisory includes mitigations for an out-of-bounds read vulnerability reported in Siemens' CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM p. . . read more Tue, 09 Apr 2019 10:00:56 EDT

Omron CX-Programmer

This advisory includes mitigations for a use after free vulnerability reported in Omron's CX-Programmer PLC software.. . . read more Thu, 04 Apr 2019 10:15:11 EDT

Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700

This advisory includes mitigations for an uncontrolled resource consumption vulnerability reported in Rockwell Automation's Stratix and ArmorStra. . . read more Thu, 04 Apr 2019 10:10:11 EDT

Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700

This advisory includes mitigations for resource management errors and improper input validation vulnerabilities reported in Rockwell Automation's. . . read more Thu, 04 Apr 2019 10:05:19 EDT

Rockwell Automation Stratix 5950

This advisory includes mitigations for an improper input validation vulnerability reported in Rockwell Automation's Stratix 5950 security applian. . . read more Thu, 04 Apr 2019 10:00:23 EDT

Advantech WebAccess/SCADA

This advisory includes mitigations for command injection, stack-based buffer overflow, and improper access control vulnerabilities reported in Advante. . . read more Tue, 02 Apr 2019 10:00:11 EDT

Rockwell Automation PowerFlex 525 AC Drives

This advisory includes mitigations for a resource exhaustion vulnerability reported in Rockwell Automation's PowerFlex 525 AC drive.. . . read more Thu, 28 Mar 2019 10:00:11 EDT

Siemens SCALANCE X

This advisory includes mitigations for an expected behavior violation vulnerability reported in the Siemens SCALANCE X products.. . . read more Tue, 26 Mar 2019 10:15:18 EDT

PHOENIX CONTACT RAD-80211-XD

This advisory includes mitigations for a command injection vulnerability reported in Phoenix Contact's RAD-80211-XD WLAN wireless transceiver.. . . read more Tue, 26 Mar 2019 10:10:11 EDT

ENTTEC Lighting Controllers

This advisory includes mitigations for a missing authentication for critical function vulnerability reported in ENTTEC’s lighting controllers.. . . read more Tue, 26 Mar 2019 10:00:23 EDT