Termineter – Smart Meter Security Testing Framework

Use Netsparker


Termineter is a Python Smart Meter Security Testing framework which allows authorised individuals to test Smart Meters for vulnerabilities such as energy consumption fraud, network hijacking, and more.

Termineter - Smart Meter Security Testing Framework

Many of these vulnerabilities have been highlighted by the media and advisories have been sent out by law enforcement agencies. The goal of a public release for this utility is to promote security awareness for Smart Meters and provide a tool that brings basic testing capabilities to the community and meter manufacturers so that security can be improved.

Power companies can use the framework to identify and validate internal flaws that leave them susceptible to fraud and significant vulnerabilities.


How it Works

Terminter utilises the C1218 and C1219 protocols for communication over an optical interface. Currently supported are Meters using C1219-2007 with 7-bit character sets.

This is the most common configuration found in North America. Termineter communicates with Smart Meters via a connection using an ANSI type-2 optical probe with a serial interface.

Users must have general knowledge of the meter’s internal workings in order to use Termineter proficiently.

Usage

Modules

  • brute_force_login – Brute Force Credentials
  • dump_tables – Dump Readable C12.19 Tables From The Device To A CSV File
  • enum_tables – Enumerate Readable C12.19 Tables From The Device
  • get_info – Get Basic Meter Information By Reading Tables
  • get_log_info – Get Information About The Meter’s Logs
  • get_modem_info – Get Information About The Integrated Modem
  • get_security_info – Get Information About The Meter’s Access Control
  • read_table – Read Data From A C12.19 Table
  • run_procedure – Initiate A Custom Procedure
  • set_meter_id – Set The Meter’s I.D.
  • set_meter_mode – Change the Meter’s Operating Mode
  • write_table – Write Data To A C12.19 Table

You can download Termineter here:

termineter-v0.2.6.zip

Or you can read more here.

Posted in: Hacking Tools, Hardware Hacking, Networking Hacking


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


2 Responses to Termineter – Smart Meter Security Testing Framework

  1. Mike March 6, 2017 at 6:36 pm #

    This has been around since July 2012. Why profile it now? Has anything changed significantly with the tool?

    • Darknet March 6, 2017 at 9:31 pm #

      Never written about it before.