Author: Karn Ganeshen

security advisory

[ICS] LAquis SCADA Advisory published

ICS-CERT published an advisory on one of my reports recently –
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA Access Control Vulnerability

Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
Equipment: LAquis SCADA
Vulnerability: Improper Access Control

security advisory

PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code Execution

This vulnerability can allow attackers to execute arbitrary code on vulnerable installations of pgAdmin4 software. pgAdmin4 is a GUI application for database server administration, and comes packaged with PostgreSQL package.

User interaction is required to exploit this vulnerability in that the malicious dll file(s) should be saved in any of the DLL search paths.

Confirmed on products
pgAdmin4 v1.1: Current version packaged with PostgreSQL v9.6.1.1 (Windows x86 Current version)

security advisory

[ICS] Carlo Gavazzi VMUC-EM Energy Meter – Multiple Vulnerabilities

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-012-03

CVE-IDs
CVE-2017-5144
CVE-2017-5145
CVE-2017-5146

AV Evasion, Tools

New Powershell Mass Encrypt and Decrypt modules

PowerSploit’s Out-Encrypted.ps1 handles / encrypts one script at a time; encrypted file needs to be decrypted manually and then executed.

Wrote up new Powershell Mass Encrypt and Decrypt modules to handle your favorite set of powershell scripts easily.

Using PS-MassEncScript.ps1, encrypt multiple scripts with a password and a salt value, in one go. Use PS-DecScript.ps1 to decrypt & execute any of these encrypted files.

security advisory

[ICS] BINOM3 Electric Power Quality Meter – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

AV Evasion, Tools

Powersploit – AV Evasion

[Quick Notes] Powersploit – AV Evasion

On my pentest engagements, I primarily use Powershell (PS) & PS based exploitation tools & frameworks like CME, Empire, Powersploit, Nishang, Veil, etc, along with Metasploit & other tools.

This short writeup is one of the AV evasion scenarios. Posting here for reference.

security advisory

[ICS] ELNet Energy meter & Electrical powermeter – multiple vulnerabilities

ELNet Energy meter & Electrical Powermeter vulnerabilities – another case of poor software security practices.