During your reconnaissance, you have determined that your client has devices used to send remote control signals to industrial assets used by their critical infrastructure utilities connected to their corporate network. Which of the following methods would MOST likely be the best method for exploiting these systems?
A.Identify a jailbroken device for easy exploitation
B.Use Metasploit modules designed to target the SCADA systems
C.Use social engineering to trick a user into opening a malicious APK
D.Use a spearphishing campaign to trick a user into installing a RAT
A
B.Use Metasploit modules designed to target the SCADA systems
Explanation:
OBJ-2.5: A penetration tester can exploit supervisory control and data acquisition (SCADA) systems if they are within the engagement's scope. While Metasploit was initially designed for engagements against workstations and servers, Metasploit has several modules in the exploit/ windows/scada category that target vendor-specific SCADA components running Windows. Many of these trigger a buffer overflow, though, so be careful when using them and ensure you have permission to exploit these devices in your written authorization.