Line 26 gets the page source of the website. Line 27 searches the source for the bad login string; if it isn't there, the password is cracked. That's all it took to code such a potent tool!

Researchers at SCADA Strangelove presented at the recent Digital Bond SCADA Security Scientific Symposium (S4) a new offline brute force password cracker for S7 PLCs, along with proof of concept code.