Thursday, November 06, 2008

As Sarah Palin would say: Thanks but No Thanks (for the GE Fanuc Exploit)



Although I thought about the feasibility of SCADA metasploit modules for the ICCP vulns (VU#190617 and others) I discovered back in 2006 but I didn't write the GE Fanuc Exploit on milw0rm.com

And truth be told (hanging my head in shame) I've never actually written an exploit for any of the vulns I've discovered and I don't do vuln work anymore.

I've been clean for almost 2 years now.

But these are amusing. Must have struck a nerve.


proxy.writeFile('franzshell.jsp', Rex::Text.encode_base64(jspshell,''),false)
sock.put("GET /infoAgentSrv/franzshell.jsp?cmd=c:\\blogfranz.exe HTTP/1.0\r\n\r\n")

This module exploits an API flaw in GE Fanuc SCADA software

'Author'         => [ 'Matthew Franz ' ],
'Version'        => '$Revision: 20081031 $',
'References'     =>
['CVE', '2008-0175'],
['URL', 'http://support.gefanuc.com/support/index?page=kbchannel&id=KB12460'],
['URL', 'http://www.tenablesecurity.com/training/'],
['URL', 'http://blogfranz.blogspot.com/'],

I was wondering why I saw an increase in referrals from milw0rm.com and why someone asked me if I wrote an exploit. But of course I was too busy worrying about the election to care.
Posted by at
Labels: , ,

4 comments:

Richard Bejtlich said...

Hi Matt,

Thanks for posting this. I imagine some naive people may search for your name regarding this exploit. I'm glad you said this over-the-top reference to your name is obviously not your work.

9:25 PM
Anonymous said...

I think we know who it is :)

1:31 PM
Anonymous said...

reminiscent of happy times...

[Dshield] Fwd from NANOG: CiSCO IOS 12.* source code stolen

http://lists.sans.org/pipermail/list/2004-May/016376.html

6:57 PM
Matt Franz said...

As Dick Cheney would say, "Big Time!"

8:23 PM

Post a Comment

Subscribe to: Post Comments (Atom)