Lab setup for practicing Industrial Control System Pentesting.

Based on the course: Practical Industrial Control System Penetration Testing

VirtualBox

Minimum:

• 12GB RAM (Kali: 8GB, Ubuntu Server: 1GB)
• 4 Cores (Kali: 2-4 Cores, Ubuntu Server: 1 Core)

You can use anything you'd like

• Clone the installation script kali-setup.sh
• chmod +x kali-setup.sh
• ./kali-setup.sh

Ubuntu Server 23.04

• Install the minimal setup to use less resources
• Clone the installation script ics-setup.sh
• chmod +x ics-setup.sh
• ./ics-setup.sh

1. File -> Tools -> Network Manager -> NAT Networks
2. Right Click in the blank space and click create (or Ctrl + Shift + C)
3. Name it ICSNetwork
4. Use any subnet (I Used 192.168.10.0/24)
5. Enable DHCP

Do this for your lab server to allow the installation of updates and applications

• Settings -> Network -> Adapter 2 -> NAT Network & Select ICSNetwork

After running the install script, switch the adapter to Internal Network.Make sure to have the same name for the lab and your pentesting system. Do the same for the attacker machine on a seperate adapter (e.g. Adapter 2).

Check the Scripts Directory:

• change-mac.sh changes your MAC Address to fit the device you're attacking
• honeypots.sh allows you to select which scenario you'd like to test
• s7.py starts an S7 server to test the Siemens PLC