Explore the intricacies of hacking Mitsubishi PLCs without firmware access in this 39-minute conference talk from Nullcon Goa 2023. Delve into the challenges faced when analyzing undocumented proprietary network protocols and discover innovative techniques for reconstructing protocols and finding vulnerabilities. Learn how documentation of similar protocols, error codes, vendor utilities, PLC simulators, and brute force methods can be leveraged to piece together crucial information. Gain insights into the discovery of multiple CVEs, with a detailed focus on CVE-2022-25161 and CVE-2022-25162. Understand the potential impact of these vulnerabilities on industrial systems and broaden your knowledge of firmware analysis, Mitsubishi PLCs, and industrial cybersecurity.
Overview
Syllabus
Hacking Mitsubishi PLC Without Access To Firmware by Anton Dorfman | Nullcon Goa 2023
Taught by
nullcon
Related Courses
-
Hacking Mitsubishi PLC Without Access To Firmware
-
Process Control through Counterfeit Comms
-
Hacking Automatically - Applying Program Analysis to IoT
-
Process Control Through Counterfeit Comms - Using and Abusing Built-In Functionality to Own a PLC
4.0 -
PLC-Blaster - A Worm Living Solely in the PLC
-
Detecting & Exploiting XSS Vulnerabilities
