Termineter – Smart Meter Security Testing Framework

Use Netsparker


Termineter is a Python Smart Meter Security Testing framework which allows authorised individuals to test Smart Meters for vulnerabilities such as energy consumption fraud, network hijacking, and more.

Termineter - Smart Meter Security Testing Framework

Many of these vulnerabilities have been highlighted by the media and advisories have been sent out by law enforcement agencies. The goal of a public release for this utility is to promote security awareness for Smart Meters and provide a tool that brings basic testing capabilities to the community and meter manufacturers so that security can be improved.

Power companies can use the framework to identify and validate internal flaws that leave them susceptible to fraud and significant vulnerabilities.


How it Works

Terminter utilises the C1218 and C1219 protocols for communication over an optical interface. Currently supported are Meters using C1219-2007 with 7-bit character sets.

This is the most common configuration found in North America. Termineter communicates with Smart Meters via a connection using an ANSI type-2 optical probe with a serial interface.

Users must have general knowledge of the meter’s internal workings in order to use Termineter proficiently.

Usage

Modules

  • brute_force_login – Brute Force Credentials
  • dump_tables – Dump Readable C12.19 Tables From The Device To A CSV File
  • enum_tables – Enumerate Readable C12.19 Tables From The Device
  • get_info – Get Basic Meter Information By Reading Tables
  • get_log_info – Get Information About The Meter’s Logs
  • get_modem_info – Get Information About The Integrated Modem
  • get_security_info – Get Information About The Meter’s Access Control
  • read_table – Read Data From A C12.19 Table
  • run_procedure – Initiate A Custom Procedure
  • set_meter_id – Set The Meter’s I.D.
  • set_meter_mode – Change the Meter’s Operating Mode
  • write_table – Write Data To A C12.19 Table

You can download Termineter here:

termineter-v0.2.6.zip

Or you can read more here.

Posted in: Hacking Tools, Hardware Hacking, Networking Hacking


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


2 Responses to Termineter – Smart Meter Security Testing Framework

  1. Mike March 6, 2017 at 6:36 pm #

    This has been around since July 2012. Why profile it now? Has anything changed significantly with the tool?

    • Darknet March 6, 2017 at 9:31 pm #

      Never written about it before.