Room Banner

Attacking ICS Plant #2

Discover and attack ICS plants using modbus protocol (Modicon / Schneider Electric).

medium

75 min

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Discovery

The room Attacking ICS Plant #1 is a prerequisite. You should complete it and download scripts from there. The same scripts can be used to complete this room.

Before attacking the plant, identify the following registries:

  • open/close the feed pump (PLC_FEED_PUMP);

  • tank level sensor (PLC_TANK_LEVEL);

  • open/close the outlet valve (PLC_OUTLET_VALVE);

  • open/close the separator vessel valve (PLC_SEP_VALVE);

  • wasted oil counter (PLC_OIL_SPILL);

  • processed oil counter (PLC_OIL_PROCESSED);

  • open/close waste water valve (PLC_WASTE_VALVE).

VirtuaPlant can be downloaded from GitHub.

Answer the questions below
No answer needed

Let the oil overflow the tank for at least 60 seconds. Then connect and get the flag1: http://MACHINE_IP/flag1.txt.

Mind that the simulation should be reset before starting by pressing the ESC button. If the flag cannot be obtained, try to reset the room and start the attack again.

Answer the questions below
Read flag1.txt

Let the oil flow through the waste water valve only. Wait until the counter reaches 2000. Then connect and get the flag2: http://MACHINE_IP/flag2.txt.

Mind that the simulation should be reset before starting by pressing the ESC button. If the flag cannot be obtained, try to reset the room and start the attack again.

Answer the questions below
Read flag2.txt

Created by

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

3,231

Created

1616 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information contact us.

Read more