Attacking ICS Plant #2
Discover and attack ICS plants using modbus protocol (Modicon / Schneider Electric).
medium
75 min
To access material, start machines and answer questions login.
The room Attacking ICS Plant #1 is a prerequisite. You should complete it and download scripts from there. The same scripts can be used to complete this room.
Before attacking the plant, identify the following registries:
open/close the feed pump (PLC_FEED_PUMP);
tank level sensor (PLC_TANK_LEVEL);
open/close the outlet valve (PLC_OUTLET_VALVE);
open/close the separator vessel valve (PLC_SEP_VALVE);
wasted oil counter (PLC_OIL_SPILL);
processed oil counter (PLC_OIL_PROCESSED);
open/close waste water valve (PLC_WASTE_VALVE).
VirtuaPlant can be downloaded from GitHub.
Let the oil overflow the tank for at least 60 seconds. Then connect and get the flag1: http://MACHINE_IP/flag1.txt.
Mind that the simulation should be reset before starting by pressing the ESC button. If the flag cannot be obtained, try to reset the room and start the attack again.
Let the oil flow through the waste water valve only. Wait until the counter reaches 2000. Then connect and get the flag2: http://MACHINE_IP/flag2.txt.
Mind that the simulation should be reset before starting by pressing the ESC button. If the flag cannot be obtained, try to reset the room and start the attack again.
Created by
Room Type
Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!
Users in Room
3,231
Created
1616 days ago
Ready to learn Cyber Security? Create your free account today!
TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.
Already have an account? Log in