Overview
Explore the world of automotive hacking through a comprehensive examination of the Controller Area Network (CAN) bus. Learn about the fundamentals of CAN, including its message structure and functionality. Discover various attack vectors, from simple Denial of Service (DoS) to more complex injection techniques. Gain insights into accessing the CAN bus using both hardware and software tools, including SocketCAN and Wireshark. Delve into CANard, a Python toolkit designed for CAN manipulation, and understand its hardware abstraction capabilities. Investigate diagnostic protocols such as OBD-II and Unified Diagnostic Services (UDS), learning how to leverage CANard for UDS security access and fuzzing diagnostics. This talk equips you with the knowledge to understand and potentially exploit vulnerabilities in modern vehicle networks.
Syllabus
Intro
What is CAN?
Easy Attack - Dos
How CAN Works Message Structure
Easy Attacks - Injection
Getting on the Bus
CAN Hardware
CAN Software
SocketCAN
Wireshark
CANard A Python Toolkit for CAN
Hardware Abstraction
Diagnostics Protocols
OBD-11
Unified Diagnostic Services
UDS With CANard
UDS Security Access
Fuzzing Diagnostics
Conclusions
Taught by
NorthSec