SlideShare a Scribd company logo

Lets get started with car hacking - Ankit Joshi

NSConclave, profile picture
NSConclave

This document discusses car hacking, emphasizing the vulnerabilities within modern vehicles' electronic control units (ECUs) and the CAN (Controller Area Network) protocol that connects them. Key security issues identified include hard-coded Bluetooth pins, weak WPA2 passwords, and insecure firmware updates. The document also provides resources for further learning about car hacking techniques and protocols.

Technology
1 of 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Let’s Get Started With Car Hacking By Ankit Joshi
#WhoAmI Ankit Joshi aka BH4 Security Analyst with Net-square Pvt. Ltd. Red Teamer
➢ Understanding Threat Models ➢ CAN Protocol ➢ Other Protocol ➢ ECU ➢ Play With Can Bus ➢ From Where You Can Start Content
Understanding Threat Models In 2017, 50%+ Model are vulnerable to 8 or more than 8 remote attack surface from different mackers.
Lets get started with car hacking - Ankit Joshi
List Of Car Component’s
General Vulnerability Found in Car Hard Coded or Non-existence of Bluetooth Pin. Can Packet Injection. Weak Wpa2 Passwords. Admin Consoles Open For Internet. Insecure Firmware Updates And Downloads.
CAN (Controlled Area Network) CAN is the central nervous system that enables communication between all/some parts of the car. CAN was originally developed by BOSCH in 1985 as an intra-vehicular communication system. The main motive of proposing CAN was that it allowed multiple ECU to be communicated with only a single wire. A modern car can have as much as 70 ECUs
Lets get started with car hacking - Ankit Joshi
Working Of CAN Frame A CAN frame has 3 major parts ● Arbitration Identifier ● Data Length Code ● Data field CAN runs on two wires: CAN high (CANH) and CAN low (CANL).
Can Bus Frame
CAN pins cable view on the OBD-II connector OBD (Onboard Diagnostics)
CAN Bus Waveforms
Other Protocol The CANopen Protocol. The GMLAN Bus. The ISO-TP Protocol. The SAE J1850 Protocol. The PWM Protocol. The VPW Protocol.
ECU (Electronic Control Unit) IC Embedded Circuits Reads Data From Sensors ❖ Temperature ❖ Tyre Pressure ❖ Engine Fluids ❖ Many more
Lets get started with car hacking - Ankit Joshi
Types Of ECU Main ECU ❖ ECM -> Engine Control Module. ❖ EBCM -> Electronic Brake Control Module. ❖ PCM -> Power Control Module. 32- Bit 40 Mhz Processor With Code Size of 1 mb Max .
From Where You Can Start http://opengarages.org/handbook/ebook/#calibre_link-382 https://www.slideshare.net/getcarloop/car-hacking-101 https://medium.com/supplyframe-hardware/def-con-27-car-hacking-village-eb 471a02b93a https://medium.com/@tbruno25/car-hacking-the-can-bus-tutorial-i-wish-i-had- 783d7e0a2046 And Google
Lets get started with car hacking - Ankit Joshi
Lets get started with car hacking - Ankit Joshi

More Related Content

PDF
202_camera ready_RTEICT_16_prasanth (1)
Prasanth R
 
DOC
Voice operated home appliance control
Ecwayt
 
PPT
Ethernet sniffer project
Radostin Natan
 
PPTX
CAN Bus and OBD-II
roadster43
 
PDF
IP PHONES - *astTECS
Salman Muhammed Ashraf
 
DOC
Pap2 T Sip 3
akbar2266778899
 
PDF
What Is Obd Scan Tool Presentation Mp3 Car Afk Fest 2009
mp3Car
 
PPTX
UGM CAN PXI
Interlatin
 
202_camera ready_RTEICT_16_prasanth (1)
Prasanth R
 
Voice operated home appliance control
Ecwayt
 
Ethernet sniffer project
Radostin Natan
 
CAN Bus and OBD-II
roadster43
 
IP PHONES - *astTECS
Salman Muhammed Ashraf
 
Pap2 T Sip 3
akbar2266778899
 
What Is Obd Scan Tool Presentation Mp3 Car Afk Fest 2009
mp3Car
 
UGM CAN PXI
Interlatin
 

Similar to Lets get started with car hacking - Ankit Joshi (20)

PDF
Embedded One.pdf
Sezzar
 
PPTX
Overview of automotive network protocol
poojashinde212
 
PPTX
Controller Area Network (CAN) Different Types
FebinShaji9
 
PDF
7hj
Toleef Yesus
 
PDF
How to Hack Your Mini Cooper. Reverse Engineering CAN Messages on Passenger A...
Guy Boulianne
 
PPTX
Controller area network (can bus)
nassim unused
 
PDF
Current state of automotive network security
FFRI, Inc.
 
DOCX
11.chapters
Bhanuprakash K
 
DOCX
VineeshKumar_Resume
Vineesh Kumar K P M
 
DOCX
16.An Intelligent Data-Driven Model to Secure Intravehicle Communications Bas...
spub1985
 
PDF
Edmunds presentation
Alison Chaiken
 
PDF
Can Protocol For Automobiles
Sofcon India Pvt Ltd.
 
PDF
Automotive Linux, Cybersecurity and Transparency
Alison Chaiken
 
PDF
Next-Gen In-Vehicle Software Opportunities
Alison Chaiken
 
DOCX
Smart home automation system
Pawan Kumar Ganjhu
 
PDF
Epma 013
Lecturer
 
PDF
The next frontier: open source in the car
Alison Chaiken
 
DOCX
Bluetooth Controlled Robot Project Report
Simarjot Singh Kalsi
 
PDF
OSGi Technology in the Vehicle - H U Michel
mfrancis
 
PDF
Tesla Hacking to FreedomEV
Jasper Nuyens
 
Embedded One.pdf
Sezzar
 
Overview of automotive network protocol
poojashinde212
 
Controller Area Network (CAN) Different Types
FebinShaji9
 
7hj
Toleef Yesus
 
How to Hack Your Mini Cooper. Reverse Engineering CAN Messages on Passenger A...
Guy Boulianne
 
Controller area network (can bus)
nassim unused
 
Current state of automotive network security
FFRI, Inc.
 
11.chapters
Bhanuprakash K
 
VineeshKumar_Resume
Vineesh Kumar K P M
 
16.An Intelligent Data-Driven Model to Secure Intravehicle Communications Bas...
spub1985
 
Edmunds presentation
Alison Chaiken
 
Can Protocol For Automobiles
Sofcon India Pvt Ltd.
 
Automotive Linux, Cybersecurity and Transparency
Alison Chaiken
 
Next-Gen In-Vehicle Software Opportunities
Alison Chaiken
 
Smart home automation system
Pawan Kumar Ganjhu
 
Epma 013
Lecturer
 
The next frontier: open source in the car
Alison Chaiken
 
Bluetooth Controlled Robot Project Report
Simarjot Singh Kalsi
 
OSGi Technology in the Vehicle - H U Michel
mfrancis
 
Tesla Hacking to FreedomEV
Jasper Nuyens
 

More from NSConclave (20)

PDF
RED-TEAM_Conclave
NSConclave
 
PPTX
Create a Custom Plugin in Burp Suite using the Extension
NSConclave
 
PPTX
IOT SECURITY ASSESSMENT Pentester's Approach
NSConclave
 
PPTX
Debugging Android Native Library
NSConclave
 
PPTX
Burp Suite Extension Development
NSConclave
 
PDF
Log Analysis
NSConclave
 
PDF
Regular Expression Injection
NSConclave
 
PDF
HTML5 Messaging (Post Message)
NSConclave
 
PDF
Node.js Deserialization
NSConclave
 
PDF
RIA Cross Domain Policy
NSConclave
 
PDF
LDAP Injection
NSConclave
 
PDF
Python Deserialization Attacks
NSConclave
 
PDF
Sandboxing
NSConclave
 
PDF
NoSql Injection
NSConclave
 
PDF
Thick Client Testing Advanced
NSConclave
 
PDF
Thick Client Testing Basics
NSConclave
 
PDF
Markdown
NSConclave
 
PDF
Docker 101
NSConclave
 
PDF
Security Architecture Consulting - Hiren Shah
NSConclave
 
PDF
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 
RED-TEAM_Conclave
NSConclave
 
Create a Custom Plugin in Burp Suite using the Extension
NSConclave
 
IOT SECURITY ASSESSMENT Pentester's Approach
NSConclave
 
Debugging Android Native Library
NSConclave
 
Burp Suite Extension Development
NSConclave
 
Log Analysis
NSConclave
 
Regular Expression Injection
NSConclave
 
HTML5 Messaging (Post Message)
NSConclave
 
Node.js Deserialization
NSConclave
 
RIA Cross Domain Policy
NSConclave
 
LDAP Injection
NSConclave
 
Python Deserialization Attacks
NSConclave
 
Sandboxing
NSConclave
 
NoSql Injection
NSConclave
 
Thick Client Testing Advanced
NSConclave
 
Thick Client Testing Basics
NSConclave
 
Markdown
NSConclave
 
Docker 101
NSConclave
 
Security Architecture Consulting - Hiren Shah
NSConclave
 
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 

Recently uploaded (20)

PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Teaching material agriculture food technology
LiaRayya
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Approach and Philosophy of On baking technology
30anthuong17
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 

Lets get started with car hacking - Ankit Joshi

  • 1. Let’s Get Started With Car Hacking By Ankit Joshi
  • 2. #WhoAmI Ankit Joshi aka BH4 Security Analyst with Net-square Pvt. Ltd. Red Teamer
  • 3. ➢ Understanding Threat Models ➢ CAN Protocol ➢ Other Protocol ➢ ECU ➢ Play With Can Bus ➢ From Where You Can Start Content
  • 4. Understanding Threat Models In 2017, 50%+ Model are vulnerable to 8 or more than 8 remote attack surface from different mackers.
  • 6. List Of Car Component’s
  • 7. General Vulnerability Found in Car Hard Coded or Non-existence of Bluetooth Pin. Can Packet Injection. Weak Wpa2 Passwords. Admin Consoles Open For Internet. Insecure Firmware Updates And Downloads.
  • 8. CAN (Controlled Area Network) CAN is the central nervous system that enables communication between all/some parts of the car. CAN was originally developed by BOSCH in 1985 as an intra-vehicular communication system. The main motive of proposing CAN was that it allowed multiple ECU to be communicated with only a single wire. A modern car can have as much as 70 ECUs
  • 10. Working Of CAN Frame A CAN frame has 3 major parts ● Arbitration Identifier ● Data Length Code ● Data field CAN runs on two wires: CAN high (CANH) and CAN low (CANL).
  • 12. CAN pins cable view on the OBD-II connector OBD (Onboard Diagnostics)
  • 14. Other Protocol The CANopen Protocol. The GMLAN Bus. The ISO-TP Protocol. The SAE J1850 Protocol. The PWM Protocol. The VPW Protocol.
  • 15. ECU (Electronic Control Unit) IC Embedded Circuits Reads Data From Sensors ❖ Temperature ❖ Tyre Pressure ❖ Engine Fluids ❖ Many more
  • 17. Types Of ECU Main ECU ❖ ECM -> Engine Control Module. ❖ EBCM -> Electronic Brake Control Module. ❖ PCM -> Power Control Module. 32- Bit 40 Mhz Processor With Code Size of 1 mb Max .
  • 18. From Where You Can Start http://opengarages.org/handbook/ebook/#calibre_link-382 https://www.slideshare.net/getcarloop/car-hacking-101 https://medium.com/supplyframe-hardware/def-con-27-car-hacking-village-eb 471a02b93a https://medium.com/@tbruno25/car-hacking-the-can-bus-tutorial-i-wish-i-had- 783d7e0a2046 And Google