Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: Firmware ExtractionIn this article we delve into the process of extracting and analyzing the firmware of an IX2400 device using flashrom, binwalk and…Jun 23Jun 23
Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: Root AccessA ten-byte-long piece of information, hidden deep in the device’s memory, allowed me to login as root.May 16May 16
Marcel Rick-CenProtecting Siemens PLCs: Upgrading the FirmwareUnlike IT environments, where systems are frequently patched, updating firmware in OT devices can be daunting due to the potential for…May 5May 5
Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: USB Port TamperingIn our last article, we accessed the bootloader shell of the IX2400 device but were unsuccessful in spawning a system shell using modified…Apr 30Apr 30
Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: Bootloader AccessIn the previous article, we discovered that the IX2400 device has an UART interface, which is critical for debugging and administrative…Apr 27Apr 27
Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: Reconnaissance Part IIIn the previous article, we revealed that the IX2400, operates on a MediaTek MT7621 System on Chip and utilizes the Linux-based OpenWRT as…Apr 25Apr 25
Marcel Rick-CenSecurity Analysis of an IX2400 VPN Gateway: Reconnaissance Part IRemote access devices allow operators and engineers to manage, monitor, and troubleshoot equipment remotely, which is crucial for…Apr 23Apr 23
Marcel Rick-CenICS/OT Penetration Testing of Schneider Modicon TM221: A Beginner’s GuideOccupy the Web (OTW) demonstrated how attackers could exploit vulnerabilities in Modicon devices by directly interfacing with them using…Apr 16Apr 16
Marcel Rick-CenCreating Independent Community-Driven ICS/OT Security Courses: An Unveiling of Dual PerspectivesIn the landscape of industries and infrastructures, Industrial Control Systems (ICS) stand as the brain, orchestrating operations ranging…Apr 11Apr 11