Functionality has been added to the John the Ripper password cracking tool that allows security testers to target password hashes in the Siemens S7 protocol.
The protocol allowed password-protected communication between SCADA, engineering stations and human machine interfaces and Programmable Logic Controllers (PLCs).
The plugin functionality builds on a tool created by Positive Technologies researcher Sergey Gordeychik that could collect credentials from PLCs by launching brute-force attacks against challenge-response data from TCP/IP traffic.
That functionality was improved with its integration with John the Ripper, one of the most popular password cracking tools.
A researcher at Digital Bond posted steps to get the plugin running.
_(33).jpg&h=140&w=231&c=1&s=0)
_(36).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
The 2026 iAwards
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
