isf's Introduction

Industrial Security Exploitation Framework

一、Overview

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python. It's based on NSA Equation Group Fuzzbunch toolkit which is realsed by Shadow Broker. It's developed by the ICSMASTER Security Team. Please use them only for researching purposes.

Read this in other languages: English, 简体中文

二、Requirements

Python 2.7
Works on Linux, Windows, Mac OSX, BSD

三、Modules

Name	Desc
Schneider_CPU_Command	Control Schneider PLC CPU start or stop
Siemens_300_400_CPU_Control	Control Siemens PLC-300 and PLC-400 CPU start or stop
Siemens_1200_CPU_Control	Control Siemens PLC-1200 CPU start or stop
Modbus_PLC_Injecter	Modbus PLC injecter tools
plcscan	Modbus and S7 PLC scanner tools
lantronix_telnet_password	Recover lantronix telnet password
Siemens_1200_Control	Control Siemens PLC

四、Usage

C:\Users\w.hhh>python D:/isf/isf/isf.py
[*] Loading Plugins

                                   ???
                             ???????????????
                          ?????           ?????
                       ????                   ????
                     ????                       ????
                    ???                           ???
                   ???             ??              ???
                  ???           ????????            ???
                 ???           ???????????           ???
                 ???          ?????????????          ???
                 ??          ???????????????          ??
                 ??         ?????????????????         ??
                 ??        ??????       ?????         ??
                 ??            ???????????            ??
                 ??            ???????????            ??
                 ??             ?????????             ??
                 ???             ???????             ???
                 ???              ?????              ???
                  ???          ???????????          ???
                   ???      ?????????????????      ???
                    ???   ????????????????????    ???
                      ?????????????????????????????
                       ???????????????????????????
                          ?????????????????????
                             ---ICSMASTER---

+ - - - - - + [ Version 1.1.1                           ] + - - - - - +
+ - - - - - + [ 6 Touches                               ] + - - - - - +
+ - - - - - + [ 10 Exploits                             ] + - - - - - +
+ - - - - - + [ 15 Payloads                             ] + - - - - - +
+ - - - - - + [ 2 Specials                              ] + - - - - - +
+ - - - - - + [ MADE BY ICSMASTER. HTTP://ICSMASTER.COM ] + - - - - - +

show

Display module:

isf > show

Plugin Categories
=================

  Category     Active Plugin
  --------     -------------
  Exploit      None
  Payload      None
  Special      None
  Touch        None

isf > show Exploit

Plugin Category: Exploit
========================

  Name                            Version
  ----                            -------
  ABB_CPU_Command                 1.1.0
  Beckhoff_CX9020_CPU_Control     1.1.0
  Schneider_CPU_Command           1.1.0
  Siemens_1200_CPU_Control        1.1.0
  Siemens_300_400_CPU_Control     1.1.0

isf >

use

Pick the module:

isf > use Siemens_300_400_CPU_Control

[!] Entering Plugin Context :: Siemens_300_400_CPU_Control
[*] Applying Global Variables

[*] Applying Session Parameters
[*] Running Exploit Touches


[!] Enter Prompt Mode :: Siemens_300_400_CPU_Control

Module: Siemens_300_400_CPU_Control
===================================

  Name            Value
  ----            -----
  TargetIp
  TargetPort      102
  Slot            3
  Command         stop

[!] plugin variables are valid
[?] Prompt For Variable Settings? [Yes] :

info

Display information about exploit:

isf Exploit (Siemens_300_400_CPU_Control) > info

Information
===========

    Name: Siemens_300_400_CPU_Control
 Version: 1.1.0
  Author: w3h
    Type: Exploit


Parameters
==========

  Name            Value      Description
  ----            -----      -----------
  TargetIp                   Target IP Address
  TargetPort      102        Target Port
  Slot            3          The number of slot
  Command         stop       The control command of cpu

set

isf Exploit (Siemens_300_400_CPU_Control) > set TargetIp 127.0.0.1
[+] Set TargetIp => 127.0.0.1

run/execute

Execute the module:

isf Exploit (Siemens_300_400_CPU_Control) > run

[!] Preparing to Execute Siemens_300_400_CPU_Control

Module: Siemens_300_400_CPU_Control
===================================

  Name            Value
  ----            -----
  TargetIp        127.0.0.1
  TargetPort      102
  Slot            3
  Command         stop

[?] Execute Plugin? [Yes] :

五、POC

docs/USAGE.md

六、Installation

Requirements

gnureadline (OSX only)
pywin32 (Windows only)

Installation on OSX

git clone https://github.com/w3h/isf
cd isf
sudo easy_install pip
sudo pip install -r requirements.txt
./isf.py

Installation on Ubuntu 16.04

sudo apt-get install python-dev python-pip libncurses5-dev git
git clone https://github.com/w3h/isf
cd isf
sudo pip install -r requirements.txt
./isf.py

Installation on Centos 7

sudo yum install python-devel python2-pip ncurses-devel git
git clone https://github.com/w3h/isf
cd isf
pip install -r requirements.txt
./isf.py

Installation on Windows

install pywin32 (./dependencies/pywin32-221.win32-py2.7.exe)
download isf (https://github.com/w3h/isf)
start (python isf.py)

isf's Issues

为什么没有Siemens_1200_Proxy模块？

我从一篇文章看到这个项目的，但是点进来并没有文章里的Siemens_1200_Proxy模块

python3 支持

大佬考虑支持python3吗

dnet Dependency problem

The following error always appears during installation

ERROR: Could not find a version that satisfies the requirement dnet==1.12 (from -r requirements.txt (line 4)) (from versions: none)
ERROR: No matching distribution found for dnet==1.12 (from -r requirements.txt (line 4))

System or dependence problem

Hi Bro, I have some trouble in installing isf,can you help me? I install it on kali and there are something wrong with it .My problem is just as follow :
Traceback (most recent call last):
File "/home/kali/Desktop/isf-master/isf.py", line 10, in
from core.fuzzbunch import Fuzzbunch
File "/home/kali/Desktop/isf-master/core/fuzzbunch.py", line 11, in
from command import FbCmd
File "/home/kali/Desktop/isf-master/core/command.py", line 22, in
import pyreadline as readline
File "/home/kali/Desktop/isf-master/lib/thirdparty/pyreadline/init.py", line 14, in
raise RuntimeError('pyreadline is for Windows only, not {}.'.format(_S))
RuntimeError: pyreadline is for Windows only, not Linux.

关于Dockerfile

尝试在kali2021系统中部署Docker时发现Dockerfile中的pip会因为国内网络问题报错
我尝试修改了Dockerfile文件如下，通过pip换源并指定版本的方式能够成功部署Docker

OM ubuntu:16.04
MAINTAINER kira "[email protected]"
RUN apt-get update
RUN apt-get install -y python-dev python-pip libncurses5-dev git net-tools inetutils-ping nmap
RUN git clone https://github.com/w3h/isf.git /root/isf
RUN chmod +x /root/isf/isf.py
RUN python -m pip install --upgrade pip==20.2.4 -i https://pypi.douban.com/simple
RUN pip install gnureadline -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
RUN pip install pycrypto -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
RUN pip install butterfly -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
RUN echo "root:123456" | chpasswd

其他步骤与说明中没有差异
Tips: 个人的一点小建议是我觉得可以通过修改docker配置文件来解决端口映射的问题，这样就不需要用命令来指定映射的端口了
最终实现效果如下：

ImportError: No module named pyreadline

Hi Bro, I have some trouble in installing isf,can you help me? I install it on ubuntu 14.04 and there are something wrong with it .My problem is just as follow :
young@ubuntu:~/ISF/isf$ python isf.py
Traceback (most recent call last):
File "isf.py", line 9, in
from core.fuzzbunch import Fuzzbunch
File "/home/young/ISF/isf/core/fuzzbunch.py", line 11, in
from command import FbCmd
File "/home/young/ISF/isf/core/command.py", line 22, in
import pyreadline as readline
ImportError: No module named pyreadline

Recommend Projects