You used to be able to get some access through tire pressure sensors as well, not sure if that's still the case. Anything that can send CAN Bus messages can potentially take over a modern car.
I'm not sure about obtaining access remotely, but with access to the inside of the car, you can easily control the things on the bus with one of these: https://www.microchip.com/wwwproducts/en/en010406
I found a few talks after I posted that talk about Open Source hardware and software tools, and go over some basic things that can be done. A junkyard might be an interesting place to pick up some hardware... not sure why they're risking their own vehicles.
...assuming you don't have time to watch these (i listened/watched them on 2x)
https://www.youtube.com/watch?v=WjncMlpX85I - the interesting parts would probably be the beginning and the end: early he covers previous high profile work on hacking cars but they might be things you're aware of. The middle gives some technical details on an introduction to how to go about working on these systems and pulling off the basic attacks he demo's at the end. Towards the end he gives a demonstration of an attack on the speedometer at 36:00 (vehicle at rest), right after an attack on the odometer (modifying it while at rest), and provides a good summary of how bad car sec sucks at the end.
https://www.youtube.com/watch?v=U1yecKUmnFo - good for the list of a lot of free utilities that allow you to work on the hardware at the beginning. The info in the middle and towards the end is also fairly interesting if you want to get an idea of how "secure" (or insecure) these systems are. Pretty decent slides. Really basic attacks but talks about some important info on the device security, how to crack the key, etc. At the end there's a Q&A that was good with some useful warnings, particularly how you could potentially really fuck a car if you were to fuzz it and override essential variables.
For now though I just need to verify that I've hardware disabled XM, BT, OnStar, my speakers, and any other TXRX that might be there.
Know any sites with free schematic/mechanic manual pdf dumps? Everywhere I've found wants to charge.
view the rest of the comments →
TheFaggotMuhammad ago
Disconnect your OnStar unit!
ioillusion ago
You used to be able to get some access through tire pressure sensors as well, not sure if that's still the case. Anything that can send CAN Bus messages can potentially take over a modern car.
fluhthreeex ago
https://www.youtube.com/watch?v=oqFpg7jS3ro ...yeah, that looks like fun.
Have you seen anyone demoing a hijack of the CAN Bus?
ioillusion ago
I'm not sure about obtaining access remotely, but with access to the inside of the car, you can easily control the things on the bus with one of these: https://www.microchip.com/wwwproducts/en/en010406
fluhthreeex ago
Sweet. Thanks for the link.
I found a few talks after I posted that talk about Open Source hardware and software tools, and go over some basic things that can be done. A junkyard might be an interesting place to pick up some hardware... not sure why they're risking their own vehicles.
...assuming you don't have time to watch these (i listened/watched them on 2x)
https://www.youtube.com/watch?v=WjncMlpX85I - the interesting parts would probably be the beginning and the end: early he covers previous high profile work on hacking cars but they might be things you're aware of. The middle gives some technical details on an introduction to how to go about working on these systems and pulling off the basic attacks he demo's at the end. Towards the end he gives a demonstration of an attack on the speedometer at 36:00 (vehicle at rest), right after an attack on the odometer (modifying it while at rest), and provides a good summary of how bad car sec sucks at the end.
https://www.youtube.com/watch?v=U1yecKUmnFo - good for the list of a lot of free utilities that allow you to work on the hardware at the beginning. The info in the middle and towards the end is also fairly interesting if you want to get an idea of how "secure" (or insecure) these systems are. Pretty decent slides. Really basic attacks but talks about some important info on the device security, how to crack the key, etc. At the end there's a Q&A that was good with some useful warnings, particularly how you could potentially really fuck a car if you were to fuzz it and override essential variables.
For now though I just need to verify that I've hardware disabled XM, BT, OnStar, my speakers, and any other TXRX that might be there.
Know any sites with free schematic/mechanic manual pdf dumps? Everywhere I've found wants to charge.