Use any Ubuntu VM of your choice and install the package openjdk-17-jre. Make sure it is reachable by Kali Linux (suggested both in the same internal network).Capture a screenshot for every step...

1 answer below »

can you do this assignment







Use any Ubuntu VM of your choice and install the package openjdk-17-jre. Make sure it is reachable by Kali Linux (suggested both in the same internal network). Capture a screenshot for every step and answer all questions. Modbus tutorial: https://san3ncrypt3d.com/2021/05/02/OT/ Part A: Preparing the ICS simulator You will interact with a project created with ModbusPal, a simulator for ICS (Industrial Control Systems). This project has two thermostats with 3 registers each (current, minimum and maximum temperature), as well as a coil or boolean value, representing an on/off switch. 1. Copy the provided files ModbusPal.jar and factory.xmpp in your home in Ubuntu. Then, execute the command below to open the simulator. java -jar ModbusPal.jar -loadFile=/home/ubuntu/factory.xmpp 2. The two IP addresses represent thermostats in a factory that are controlled from the centralized server. However, there is no such devices in this lab. Find out the port on which the server is listening to. 3. In Kali, start Metasploit and search for all modules related to modbus. 4. Use the module #4. Remember to set the values for RHOST and RPORT. Then, run the exploit. In your screenshot, make sure you show the values of all options as well as the module’s output. This will not work, though, because the IP of Kali is not listed as a client, so every time you want to interact with a thermostat, you will need to change Kali’s IP from the command-line, so you are only changing it temporarily. https://san3ncrypt3d.com/2021/05/02/OT/ Part B: Reading the thermostats’ values 1. Quit MSF and change Kali’s IP using the command “ifconfig” from the terminal. Set it to the IP address listed first in ModBusPal, that is, the thermostat on top. You will need to add the a route to 192.168.0.0/24 through the internal interface. 2. Try again the same MSF module. You will need to set again all required options. 3. Use the module modbusclient. In addition to the remote host and port, you will need to set the value of DATA_ADDRESS to 0, because the registers / coils are always counted from 0, independently of their ID. What is the default action, read or write? What is going to be read / written? How many registers / coils? Find out in “show options”. 4. Execute the exploit and compare the output with the actual value of the register in the thermostat by clicking on the eye. What this value represents? 5. Set the necessary options to read the 3 registers of this thermostat at once and run the exploit. 6. Now read the only coil the thermostat has. You will need to execute “show actions” to choose the right one. Part C: Modifying the thermostats’ values 1. Quit MSF, change again Kali’s IP address, for the one of the other thermostat. Then, back in MSF, use the module modbusclient to switch it off (coil’s value to 1). Show the options you set before running the exploit. 2. Run the exploit, showing it was successful. 3. Check the changes in the thermostat in ModBusPal. 4. Open Wireshark to capture the traffic and execute again the exploit (you do not need to set the parameters if you did not leave MSF). Are the communications encrypted? Check it out in the request sent to the ModBusPal server right after the 3-way handshake. Part D: Reasoning 1. A server that controls several ICS devices needs to be accessed by the administrator from home. Opening the port to Internet is too risky. What solution would you propose? 2. The manager assistant’s workstation of a manufacturing plant got infected by malware, which scanned the network for ICS devices and managed to interact with them. An antivirus and other security measures would have certainly prevented the endpoint from getting infected. Nevertheless, what would you propose to avoid the malware interacting with the ICS devices in case a new infection happened? 3. Research on Stuxnet. This worm was intended to attack programmable logic controller (PLC) operated from PCs. What specific software run on the PCs to communicate with PLCs?
Answered 3 days AfterNov 08, 2022

Answer To: Use any Ubuntu VM of your choice and install the package openjdk-17-jre. Make sure it is reachable...

Deepak answered on Nov 11 2022
55 Votes
1.
By adding shared folder, I have shared that jar and xmpp file with ubuntu.
2.
PORT -- 5678
3.

Using msfconsole, search command to find exploits related to Modbus.
Msf-- search modbus
4.
PART B:
1.
2.
3.
MODBUSCLIENT default action is read registers.
read and written as "registers" which are 16-bit pieces of data using modbus protocol.
Number of coil/register is 1.
4.
5.
6.
PART C:
1.
2.
3.
4.
PART D:
1.
· Scan regularly for open ports.
· Closed or secure unused...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here