Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Over-the-Air - How We Remotely Compromised the Gateway, BCM, and Autopilot ECUs of Tesla Cars

Black Hat via YouTube

Overview

Explore the intricacies of remotely compromising Tesla car systems in this Black Hat conference presentation. Delve into the technical details of exploiting multiple zero-day vulnerabilities across various in-vehicle components, including the Gateway, BCM, and Autopilot ECUs. Learn about the inner workings of over-the-air technology and the new attack chain developed during Tesla hacking in 2017. Examine topics such as memory manipulation, kernel exploration, AppArmor rules, firmware deployment processes, and the exploitation of Easter egg functionalities. Gain insights into the presenters' methods for achieving root access, patching different ECUs, and fully compromising Tesla vehicles. Understand Tesla's response to these findings and subsequent security enhancements implemented to address the vulnerabilities.

Syllabus

Intro
Source view
Memory view
Fill with ArrayStorage
Refill with Uint32Array
Explore Kernel
QtCarBrowser AppArmor rules
Fix solution in V2
Gateway file operation protocol
Gateway diagnostic protocol
Gateway update
Filesystem of the gateway
OTA Overview
Cloud - Car: Firmware Deploy
Ethernet Connected ECUs - Step 1
Traditional ECUs: In Bundle
Traditional ECUs: Firmware Info
Traditional ECUS: Create and Send Files
How Easter egg works?
Triggers on CID
Start on BCCEN
Easter egg start
How we patch
Patch in CID
Reverse of ECUS
Patch of BCCEN
Patch of BCFRONT
Autopilot ECU
Ape-updater
Commands for update
m3_factory_deploy
Exploit
Get Root
Fixed by Tesla
Fully Compromised
Tesla's Response
Security Enhancement

Taught by

Black Hat

Reviews

Start your review of Over-the-Air - How We Remotely Compromised the Gateway, BCM, and Autopilot ECUs of Tesla Cars

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.