Tinker: "Ugh... I want to give an update about the #SANS #…" - Infosec Exchange

Tinker is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Tinker @tinker

Ugh... I want to give an update about the #SANS #ICS exploitation and #hacking course I’m taking...

But my brain is fried.

I’m loving it!

We were given a Programmable Logic Controller (PLC) that we’re reverse engineering, analyzing, and hacking!

We’re doing network packet inspection, protocol reverse engineering, RF inspection, etc!

We’re writing hacking tools in python to exploit this device.

It’s just so fucking cool.

Think I’ll move into ICS Device Security Research.

Mar 23, 2018, 01:08 · ◆ Tootdon ◆ · 1 · 13

@tinker sounds pretty awesome

@jerry - Oh, it is! I’m giddy! 😄

@tinker which course are you taking?

@ian_infosec - This one: https://www.sans.org/event/ics-security-summit-2018/course/pentesting-smartgrid-scada

@tinker man that sounds like a lot of fun that’s awesome

@tinker that looks like so much fun !

@NeuroWinter - It is! I’m going to try to do a full write up at the end of it!

@tinker I'd love to read that.

@tinker which PLC? Brand/Model?

@chidgey - A Velocio Ace - https://velocio.net/ace/

@tinker Aww it’s so cute! Have fun :)

@chidgey - Hahahaha! It is :D - It’s $50 new. But is a production ready PLC. Understands modbus and a proprietary protocol. Free programming and HMI software. Pretty neat!

@tinker True. No serious industrial outfit I’ve ever worked for would use one. Councils might, where budget is king, so there’s a market there for sure.