Going Deeper Into Schneider Modicon PAC Security

Going Deeper Into Schneider Modicon PAC Security

Hack In The Box Security Conference via YouTube Direct link

Ox29 RCE attack demo

31 of 32

31 of 32

Ox29 RCE attack demo

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Going Deeper Into Schneider Modicon PAC Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 About GEWU Lab
  3. 3 About Modicon PAC
  4. 4 Scenarios and Network PAC concept Top to bottom standard Ethernet network & Open architecture with direct Ethernet connection on backplane
  5. 5 Architecture & Functions
  6. 6 Enhanced cyber security Cybersecure-ready
  7. 7 Attack surface of PAC
  8. 8 What we focus on Weak private protocols are often the best way to breaking
  9. 9 Research setup
  10. 10 What is UMAS?
  11. 11 UMAS message format
  12. 12 UMAS function code
  13. 13 FUZZ UMAS Protocol
  14. 14 Select FUZZ samples
  15. 15 How to build FUZZ
  16. 16 UMAS FUZZ demo
  17. 17 Modicon PAC Application Password
  18. 18 How to bypass application passwor
  19. 19 How the password is stored Reverse UnityEncrypter.dll, the password hash algorithm is SHA-256
  20. 20 Authorization algorithm analysis
  21. 21 Leaked password hash in traffic
  22. 22 UMAS security function code 0x38
  23. 23 0x38 integrity check
  24. 24 0x38 message format
  25. 25 Summary the Authentication Bypas
  26. 26 Replay attack bypassing authorizat
  27. 27 Ransomware attack targeting level 1
  28. 28 Ransomware attack for M580?
  29. 29 Bypass authorization to replace ap
  30. 30 0x29 function code RCE
  31. 31 Ox29 RCE attack demo
  32. 32 How to protect

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.