Anatomy of a SCADA Exploit: Part 1 – From Overflow to EIP...

[Teddy Rogers]

Anatomy of a SCADA Exploit: Part 1 – From Overflow to EIP

On November 29, 2011, Luigi Auriemma published a security advisory containing multiple vulnerabilities in the 3S CoDeSys Automation Suite. Like much of the other software Auriemma has researched in past months, CoDeSys is SCADA software. For those who aren’t familiar with the term, SCADA stands for “Supervisory Control and Data Acquisition,” which is just a fancy way of saying “the code that runs big machines, assembly lines, and the utilities we rely on every day (water, electricity, etc.).” To put it more bluntly, things that should never fail and should never be messed with.

/>http://www.poppopret.org/?p=40

Ted.