100 bugs in 100 days: An analysis of ICS (SCADA) software

DerbyCon 1 - 2011

Presented by: Terry McCorkle, Billy Rios
Date: Saturday October 01, 2011
Time: 16:00 - 16:50
Location: Track 3

Please join us as we present the results of our research into vulnerabilities in Industrial Control System (SCADA) software. Our goal was to identify as many ICS software vulnerabilities as possible within 100 days. The results exceeded our expectations and include among other things: remote code execution, local privilege escalation, and web exploits. Using examples from our findings along with working PoC exploit code and a scanner capable of identifying Industrial Control Systems that we are releasing, we will teach you how to research and find ICS software vulnerabilities yourself.

Terry McCorkle

No BIO provided. He is elite. :)

Billy Rios

No BIO provided. He is elite. :)


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats