Today I’m releasing a project I’ve been working on for the past week which I called VirtuaPlant (yeah I now, I suck at giving names).

From the project page:

VirtuaPlant is a Industrial Control Systems simulator which adds a “similar to real-world control logic” to the basic “read/write tags” feature of most PLC simulators. Paired with a game library and 2d physics engine, VirtuaPlant is able to present a GUI simulating the “world view” behind the control system allowing the user to have a vision of the would-be actions behind the control systems.

This first version features a dead simple single process of filling bottles with small pellets (It was supposed to be liquid but I still haven’t figured out how to deal with liquids on the engine) but the fun is guaranteed!

Motivation

The idea came after receiving the billionth email asking for recommendations for a PLC simulator, since I dislike the idea of simply recommending one of the soft PLCs with no logic inside which simply allows the user to read and write stuff, I’ve decided to write something more which contained some logic and also allowed the user to see the effects of their actions.

Then while doing my daily readings I’ve stumbled upon this technical article and thought that it could easily be reproducible over software. Enter VirtuaPlant!

Just shut up, show me the goodies!

The main screen is the “game screen” or “world view” which simulates the real world being controlled by the PLC. This uses the physics engine to render the actions and also features a modbus server “connected” to it.

I’ve also made a poor-man’s HMI to get the field-feel, give feedback on the TAGs status and provide minimum control (Start/Stop). This has a modbus client connected over TCP the modbus server (PLC) on the World View.

And the cherry on top, some attack scripts to make everything a mess! Make the nozzle open all the time flooding everything, or the motor on all the time making all the bottles empty or stopping the whole process.

Demo

Here’s a video of VirtuaPlant in action:

I wanna get it! Gimme!

Rush to the project page to find out more about the project, get the download links and instructions.

Help wanted

If you know pybox2d or are a talented designer, your help is needed in order to make VirtuaPlant even better!

The following improvements are to be made:

• Better UI for World View and HMI
• Move from Chipmunk to Box2d
• Create more plant scenarios

Contact me if you feel like you could help on these matters!

Recently I’ve discovered that GoldenEye got his first signature from a big vendor.

That’s funny since the main GoldenEye objective is to be signature-proof due its randomness. I’ve done a quick search on the internet and found the signature update link for their products, downloaded, located that one mentioned above.

It was a very crude signature, as expected:

Mostly are the only static texts GoldenEye had (since this update ;)). These are mostly leftovers from Barry’s HULK, which GoldenEye was spawned from.

Changelog

No worries, this new patch include the following changes:

• Referer strings from search engines now only domain part hardcoded (rest is generated)
• Referer generation function now generates even more random referers.
• NO MORE HARDCODED USER AGENTS. I admit, hardcoded user agents were lame. There’s now a User-Agent Generator function that will generate RFC-2616 compliant user-agent strings.
• External User-Agent List Support: As the generator function may generate UAs for inexistent browser version + plugin version combinations, you can now supply your own list of User-Agents (one per line – text file) via the -u flag.
• Besides no-cache I’ve added the directive max-age=0 that does basically the same thing. GoldenEye will chose one of them during the strike request.
• More random keepalive values: They’re 110-120 (legacy), now they’re random 1-1000
• User-Agent lists: I’ve added a res directory for external resources. Multiple text files were placed there with user agents from different platforms.
• Utilities! Now the getuas.py scrapes (requires BeautifulSoup) http://www.useragentstring.com/ URLs.

About the User-Agent generation algorithm

The user-agent string follows the following format: Mozilla/[version] ([system and browser information]) [platform] ([platform details]) [extensions]

I have a python dictionary with OS-specific values and Platform-specific (Webkit, Gecko, Internet Explorer) values. There are many options for each one. Mostly generated on the fly thanks to python’s dynamic lists generation.

Here’s an example of the property generation

Upon program start, it will generate N random values and populate the python list. As lists can be easily joined with the + operator, this makes dynamic list generation a charm. The same goes to OS-specific values

Any effort now to block our user-agents will block legitimate traffic also :)

About referer generation

In the previous GoldenEye versions, referers were crude and simple, like search engine search urls with some random parameter. Now referers are generated like request urls:

• Random PATH (/Hiad727ja)
• Random QueryString key and value names
• Random QueryString key and value quantity
• Random QueryString presence

As it was before, referer presence is also random.

I think that covers all the changes for this version.

Download, test (please, not on other people’s servers) and report!