OT Pentesting
Project for pentesting OT Industrial PLC's - a Wind Turnbine in this case.
Installing VirtualBox and Setting Up VMs on Ubuntu
This guide will walk you through the process of installing Oracle VirtualBox on your Ubuntu system and creating virtual machines (VMs) for Kali Linux and Ubuntu Server.
Prerequisites
Before you begin, ensure that you have the following for the simulated environment:
- A Ubuntu host system with administrative privileges.
- Sufficient system resources (RAM, CPU, and disk space) to run the VMs effectively.
- Downloaded ISO files for Kali Linux and Ubuntu Server.
Step 1: Install VirtualBox
-
Open a terminal on your Ubuntu host.
-
Update your system's package list and upgrade any existing packages:
```bash sudo apt update sudo apt upgrade
```
- Install virtualbox:
sudo apt install virtualbox
NOTE : Or visit the Virtual Box website and follow the instructions.
Step 2: Setting Up a Kali Linux VM
Launch VirtualBox and click "New" to create a new VM.
Name your VM "Kali Linux" and choose "Linux" and "Debian (64-bit)" from the dropdown menus.
Allocate RAM and CPU resources according to your system's capabilities.
Create a virtual hard disk. Choose "VDI (VirtualBox Disk Image)" and allocate at least 20 GB of space. Set it as dynamically allocated for efficient space use.
Once the VM is created, select it and click "Settings".
Under "Storage", click on the empty optical drive, then the disk icon, and choose "Choose a disk file". Select the downloaded Kali Linux ISO.
Click "OK" to close settings.
Start the VM and follow the on-screen instructions to install Kali Linux.
Step 3: Setting Up Ubuntu-server VM
Step 4: Setting Up an Ubuntu Server VM Repeat the steps for creating a new VM, naming it "Ubuntu Server".
Choose "Linux" and "Ubuntu (64-bit)" from the dropdown menus.
Allocate RAM and CPU resources.
Follow similar steps for creating a virtual hard disk, recommending at least 20 GB of space.
In "Settings", under "Storage", mount the downloaded Ubuntu Server ISO file.
Start the VM and follow the on-screen instructions to install Ubuntu Server.
You can basically go for the suggested steps and not add any other toolings. We donĀ“t need it for our lab. Name the user etc however you like, but suggest to make it something recognizable for yourself, like projectX with PLC for the server itself.
Remember to regularly snapshot your VMs to save their states and back up important data.
Step 4: Configuring Ubuntu Server VM
After setting up your Ubuntu Server VM, you'll need to install Python3, Pip, and the 'honeypots' package for the pentesting project.
Install Python3
Connect to your Ubuntu Server VM.
Update the package list and install Python3:
sudo apt update
sudo apt install python3
verify the python version with python3 --version
Install Pip
sudo apt install python3-pip
and once more verify.
Install Honeypots and conpots
A honeypot will capture (unusual) traffic and log it, which we need.
sudo pip install honeypots
and
pip install conpot
Conpot is an industrial honeypot
Install Snap7
sudo pip install python-snap7
Disable firewall
deactivate the firewall with sudo ufw disable
Add PATH
open .profile with sudo nano .profile
add all the way to the bottom:
PATH=$HOME./local/bin:$PATH
This concludes setting up the Ubuntu Server.
Step 5: Configuring kali-Linux
This will be our pentesting machine, the attacker so to say.
initial config
Make sure, just like the Ubuntu Server that network settings are set to Bridged Adapter and select the adapter that connects your machine to the internet.
Start the VM and log in with the default credentials: both the login and password are kali.
Open the terminal and execute the foolowing command:
sudo dpkg-configure locales, to select UTF-8 form the list (and local nl-NL). Next is en_US.UTF-8 provided in the following screen. Press enter. You will exit and see a Generation completemessage.
reboot the system with the reboot command.
Installing the (OS) toolings
Open Firefox (the default browser) and navigate to PLC scan on GitHub
and clone the repository with:
sudo git clone https://github.com/meeas/plcscan.git
do the same for :
sudo git clone https://github.com/tijldeneut/ICSSecurityScripts
and:
sudo git clone https://github.com/digitalbond/Redpoint.git
The last tooling for this project is Modbus. Install the CLI with:
sudo gem install modbus-cli
Installing modbus can take a while. With no feedback (joy).
Nmap scripts for Industrial Control Systems
Navigate to your Redpoint directory, copy all nmap scripts and copy them to /usr/share/nmap with the following command in the Redpoint driectory: sudo mv *.nse /usr/share/nmap/.
ModbusPal
Go to the ModbusPal website and download it to your home directory. We will use it later.