Fooling the Master: Exploiting Weaknesses in the Modbus Protocol
Christopher Parian, Terry Guldimann, Sajal Bhatia
Abstract
Modbus is a commonly used protocol in SCADA (Supervisory Control And Data Acquisition) environments for remote monitoring, control, and data acquisition. Since its arrival in 1979, the Modbus protocol has lacked security with no confidentiality and data integrity. The rise of insecure network protocols such as Modbus are often accompanied with the unprecedented dangers associated with its application in the real-world systems, especially the ones which are critical in nature. The paper outlines some of the insecurities of this protocol and makes use of Scapy to exploit weaknesses in the Modbus over TCP/IP in simulated endpoints running on in a virtualized environment. The paper presents two attacks on the Modbus protocol - infecting the master with a malware and man-in-the-middle attack.