Overview
Explore the intricacies of hacking Mitsubishi PLCs without firmware access in this illuminating conference talk by Anton Dorfman at Nullcon Goa 2023. Delve into the challenges of reverse engineering proprietary network protocols, from initial research to vulnerability discovery. Learn about innovative techniques used to reconstruct the protocol, including documentation analysis, error code examination, vendor utility exploration, and PLC simulation. Gain insights into the discovered vulnerabilities, with a focus on CVE-2022-25161 and CVE-2022-25162. Witness a live demonstration showcasing the potential impact of these vulnerabilities on industrial systems. Perfect for security researchers and professionals interested in industrial control system security and firmware analysis.
Syllabus
Speaker and Talk Introduction
Pre-Research
Welcome To Hell The World Of Bytes And Bits
Reverse Engineering Eye-Gineering
M Protocol
M Protocol vs PCAP
PCAP vs Manual
M Protocol vs Manual
Preliminary results
Research
Results
Vulnerabilities
Do's & Demo
Conclusion
Taught by
nullcon