Connect with us

Hi, what are you looking for?



Rapid7’s Metasploit to get SCADA Exploits

On Thursday, Rapid7 announced that a new Metasploit module, designed to target the GE D20 PLC, was ready for use. The SCADA focused addition is part of Project Basecamp, which seeks to prove the flexibility of the Metasploit framework.

On Thursday, Rapid7 announced that a new Metasploit module, designed to target the GE D20 PLC, was ready for use. The SCADA focused addition is part of Project Basecamp, which seeks to prove the flexibility of the Metasploit framework.

Rapid7 Programmable Logic Controllers (PLCs) are devices in SCADA networks used to control critical infrastructure, including power plants, pipelines, chemical manufacturing, water treatment facilities, etc.

“The Basecamp modules show the flexibility of the Metasploit Framework,” said HD Moore, Metasploit Chief Architect and CSO of Rapid7.

“While most Metasploit modules exploit traditional workstations and servers, these modules are exploiting special purpose devices and will even demonstrate the ability to provide interactive control of a critical system, turning things on and off.”

The Project Basecamp news and module for exploiting the GE D20 PLC were announced at the S4 Conference in Miami.

It was there that a team of six researchers from Rapid7 and SCADA security consulting firm Digital Bond, assessed the security of six widely used PLCs in critical infrastructure in front of an audience of leading SCADA security researchers from around the world.

In addition to GE’s D20 PLC offering, there are other SCADA exploits in the works. Additional GE D20 modules are already in QA, and there are plans to move the Basecamp exploits of Rockwell Automation, Schneider Modicon, and Koyo/Direct LOGIC exploits into Metasploit modules as well.

“We felt it was important to provide tools that showed critical infrastructure owners how easy it is for an attacker to take control of their system with potentially catastrophic results. These attacks have existed in theory for a while, but were difficult to demonstrate to a Plant Manager,” explained Digital Bond’s founder Dale Peterson.

Advertisement. Scroll to continue reading.

“By creating exploit modules for the most widely used exploit framework – Metasploit – we hope that security professionals in critical infrastructure companies, consultants, and penetration testers will prod vendors to add basic security measures to PLCs after decades of neglect.”

In an interview with Wired, Peterson added that he hoped the research and S4 presentation would serve as a “Firesheep moment” for the SCADA community. Additional information on the SCADA vulnerabilities themselves can be found in Wired’s interview with Peterson.

It’s interesting to note that from a security perspective, the Department of Homeland Security isn’t pleased about the SCADA research. In their view, the Basecamp project is only going to cause more harm than good.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.