Skip to content

annapinchuk/Otorio_task

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
pcaps
pcaps
 
 
pics
pics
 
 
README.md
README.md
 
 
malicious.py
malicious.py
 
 

Repository files navigation

Logo Pic

👨‍💻 Modbus Protocol Data Injection Project 💻

Exploiting Modbus protocol vulnerabilities with a focus on data integrity and ethical principles

Table of Contents

Introduction

This README provides an overview of the Modbus Protocol Data Exfiltration Project. The project focuses on successfully injecting information to a demo critical facility while avoiding suspicion and notifications in the Human-Machine Interface (HMI).

Project Overview

  • Modbus TCP is a widely used communication protocol in industrial automation and control systems, facilitating seamless data exchange over Ethernet networks.
  • The project explores the Modbus communication protocol, which involves query/response (master/slave) and broadcast methods.
  • Injection techniques are employed to manipulate Modbus packets while maintaining data integrity and avoiding errors.

System architecture

System architecture
arch

Modbus Protocol

  • Modbus communication involves query/response frames, comprising recipient addresses, commands, and data.
  • The master-slave technique is used, with the master initiating queries and slaves responding.
  • Slaves are external devices processing and sending data to the master.

Injection Techniques

"Rocks otorio" (50 times)

  • This task involves modifying Modbus packets to inject data while avoiding errors.
  • Adjustments are made to the fields' length and byte count to align with updated data.

Leaking a Cat Picture

  • This task involves modifying packets to inject an image.
  • The image is segmented into portions matching the protocol's prescribed length and byte count fields.
  • Fields' length and byte count are precisely adjusted to match the updated data.
  • Smart fragmentation techniques are employed for image injection.

Project Objectives

The primary objectives of this project include:

  • Demonstrating successful data injection to a critical facility.
  • Evading suspicion and alerts in the Human-Machine Interface (HMI).
  • Maintaining data integrity while skillfully manipulating Modbus packets.

Getting Started

Before getting started, please ensure that you have met the following prerequisites:

  • Otorio has generously provided all the necessary virtual machines for the Human-Machine Interface (HMI) and Programmable Logic Controller (PLC). Additionally, the view has been configured on the Supervisory Control and Data Acquisition (SCADA) system.
  • It's essential to acknowledge that all rights and privileges related to these resources are reserved for the Otorio company.

Usage

Link for the project's presentation

Investigating the Protocol

Modbus query packet fragments
query
Modbus response packet fragments
res

Demonstration Video

Watch the project in action by viewing our demonstration video.

License

All rights and privileges related to these resources are reserved for the Otorio company.

About

Modbus protocol injection

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages