Overview
Explore a comprehensive conference talk on remote exploitation of unaltered passenger vehicles. Delve into the reality of car hacking as experts demonstrate a step-by-step remote attack on a factory vehicle. Learn about pivoting through various hardware components to send CAN bus messages to critical electronic control units. Discover the process of chaining multiple elements to affect physical systems, and understand the true capabilities and limitations of remote car attacks. Gain insights into topics such as remote attack paradigms, Wi-Fi vulnerabilities, password guessing, D-Bus command line injection, GPS tracking, radio volume manipulation, long-distance communications, firmware updates, security unlocks, and checksum codes. Conclude with a discussion on the implications and potential solutions for automotive cybersecurity.
Syllabus
Intro
Remote Attack Paradigm
2014 Jeep Cherokee
Problems with attacks over Wi-Fi
WPA2 password
Password guessing
Setting the time
D-Bus Overview
D-Bus Command Line Injection
GPS Tracker 3000
Radio Volume
Netstat Review
Femto-Cell Comms
Long Distance Communications (Sprint)
Updating the V850: Firmware
WITECH: Security Unlocks
PAM: Checksum Code
The patch...
Conclusions
Taught by
Black Hat