Car Hacking Demo: How to Hack an ECU, Automotive Penetration Testing (2019)
HTML-код
- Опубликовано: 4 июн 2019
- ==========================================
FREE WEBINAR - ISO/SAE 21434 - AUTOMOTIVE CYBERSECURITY
www.lordsofcarhackers.com/web...
==========================================
In this episode, we will show a demo on car hacking aka, automotive penetration testing. A team of automotive engineers and cybersecurity engineers from Matrickz GmbH (www.matrickz.de) will show how to hack an ECU.
#carhacking #automotivepenetrationtesting #ecuhacking #security #cybersecurity - Наука
FREE WEBINAR - ISO/SAE 21434 - AUTOMOTIVE CYBERSECURITY
www.lordsofcarhackers.com/webinar
You probably dont give a damn but does any of you know a tool to get back into an instagram account?
I was stupid lost the login password. I would love any assistance you can give me
very nice explanation thank you very much. i wonder if you could show the movement from ecu to another ecu after getting inside the system
Amazing I learned many things in this video.. I agree this.. Thank you so much matrickz am also trying to work this project any many more.. Car start with a single key remote button I have simple idea..
Very great effort
I totally waiting for more videos just from you.
Thank you very much. We are working hard to give you more information in this topic.
Watched this video with lot of expectation .. But this was covering only very basics ...Anyway , i appreciate for the effort for making the video and clearly explain the fundamentals..
yes a waste of time
@@rexjames0015 If you got something better, make a video.
@@MR-nl8xr To share with who......you?
Very Good explanation and effort. It would be more innovative and challenge if hack the car via GPRS or RF communication (Key less entry).
Very nicely explained.
If possible would like to know more on how encrypted sniffed data can be decrypted.
Dont think its encrypted just has a CRC. You have to take samples and reverse engineer which alg the manufacturer is using, search for "CRC RevEng"
We have a gateway ECU which acts as a bridge between all the different ECUs.. Would be better if u consider this also while explaining..
Hi
I don’t know much about computer programming but I have a project that I need your help, I have a lincoln continental 2020 and I wanna swap its V6 engine to V8 or V12 engine and I was thinking if is possible to reprogramming its ECU for run the new engine?
Great presentation.
Does it apply to HEV such as GWM Haval H6 HEV?....to a
Enable/disable/calibrate ADAS...Also, to extend the battery time from 60% to 90% utilization....
very good lecture i understood everything about this but i want to do practical is it possible
Very good Praveen and team.
Just wondering, if you remove CRC safeguard as a watch dog of the CAN protocol, would it make sense in terms of hacking efficiency ? Thanks for the clarification
If we understand correctly, you are referring to CRC safeguard as a watchdog technique for the CAN protocol and you are wondering what would be the difference in terms of hacking efficiency when this is removed.
Keeping the above understanding in mind, removing the CRC safeguard will make the reverse engineering (analysis) of CAN messages effortless. Although we would like to stress on the fact that CRC is not a very sophisticated method to protect a CAN message, but still there is a level protection that CRC provides which make the life of a hacker a bit difficult. And with this CRC safeguard feature, the easiest type of attack that a hacker would go to is for DoS (Denial of Service) attack as performing the targeted attack would require a bit of effort to analyze and reverse engineer the CAN messages with a huge CAN dump along with the task of identifying the CRC polynomial. But without this CRC safeguard, the hacker can directly jump into targeted attacks which is far more dangerous than the DoS (Denial of Service) attack.
good video! Thanks for giving a good insight!!
here is a question I have :- as mentioned, this requires a physical acecss to car network to hack! in a real scenario that wouldn't be a possibility; I mean I wouldnt let a hacker to come and let him connect to my car. How does this apply in actual scenario? or in ither words how an actual hacking of a car can happen?
Thanks in advance!
Dear Akhilesh, great question. First of all, to get a detailed answer to your question, I would recommend you to see our video: ruclips.net/video/eKd67vk8dq4/видео.html
Here is a short answer. In order for you to hack a car, 1) you need to penetrate the vehicle (remote or physical) 2) take control of the vehicle, in most of the cases manipulating the can BUS. So, your question is, if you need physical access, how would it be possible to hack the vehicle? Now in real scenarios we have seen malware being injected as we take our vehicle to the garage and they plugin to OBD II port to examine your vehicle. Here is an example such cases happening in real life: www.researchgate.net/publication/340038115_Hacking_cars_in_the_style_of_Stuxnet. And essentially the malware does the work that we are showing in this demo. Moreover, even if we look at tradition IT hacking scenarios, we know that 80% of the attacks have something to do with social engineering, i.e., the attacker ask you to do something, like clicking on a link or reveal some kind of information. Such scenarios are also not to be discarded in car hacking.
And if you want to know even more, please check out our car hacking training program: www.lordsofcarhacking.com
Since now commonly telematics is integrated into CANbus with a cellular modem, it opens up a world of vulnerabilities
Awesome 👏
If I have a TPMS system Tire pressure monitoring system that has an out of date battery in one of the 4 wheel sensors, would there be a way to just disable the TPMS on the vehicle?
Yeah, open your fuse box in your vehicle and pull the TPMS fuse and viola all TPMS lights off
Thank you so much for great video 😊👍
Thanks for watching!
brother! the lead speakers hair cut looks like a Lego man's hair like interchangeable lol it's hard to watch lolol
who cares.
Lmao
Hey I think some one did something simalar to my car can you help
Without key provision for the sniffing ECU(raspberry pi) CAN will not allow you to participate the communication. Then how will you monitor the message 🤔
It is one of the methods ,there are many protocols where you can easily access can communications by ota methods ...some modern day cars have this system pre installed for wireless Can updates
CRC is used for data integrity not encryption
Yup, at least someone here gets it
good comment.
It can also be encrypted, but yes CRC itself it’s not an encryption protocol.
I need to delete the emissions sensors most important the dpf filter. Let me know I’ll send u the ecu help me pls.
In order to help you with our best possible advice, we need more details. Can you please write an email to info@matrickz.de?
No offense but no one cares who is on the team. Put it in the footnotes, don't waste 5 minutes saying "I'm a person and I did work on this" like just show the work lmao if it's interesting, people will look in the footnotes
Very good feedback….. we’ll definitely consider this in the future
I want to be part of this family am from Ghana
It would be a hacker team that made a more free vehicle lol.
am car electrician
As you mentioned " the Message would be enrypted " in 23:41 , what are the encryption method that is used ??
Same for the 23.49 You mentioned about Securred session , what are those secured sessions??
Very basic..
Bullshit exercise in banality. It’s not really hacking unless someone is able to accomplish the same remotely - which is actually happening. Need a way to prevent remote hacking of a car’s ECU. That would be a useful activity and research focus.
wrong.
Good luck.
This all process should have been done more precisely with the help of a hack rf device to receive and send RF signals, instead nobody gives you authorization to plug cable in the the car, so where is the lean hacking ???