Warning! This is how cars are hacked. Just like in Mr Robot.

The Mr Robot series with OTW (Occupy the Web) continues. OTW explains how hacks shown in the Mr Robot TV Series actually work (and if they are actually realistic). He compares real world car hacking vs what is shown in the TV series.
// MENU //
00:00 - On This Episode of Hack Like Mr Robot!
00:30 - Welcome Back//OTW
00:45 - The Mr Robot Hack We're Doing
02:05 - Cars Becoming Like Computers
02:43 - Software Defined Radio Is Everywhere!
04:11 - Hardware Used//RTL-SDR
04:31 - Software Used//HDSDR
06:17 - Mr Robot//Car Hacking Strategies
08:21 - SDR//Ukraine Conflict
10:00 - Next Step//Signal Jamming
11:14 - Different SDR Software
12:01 - Osmocom//Generate Jamming Signal
14:26 - Sending Out Jamming Signal
15:03 - Signal Jamming Used to Protect Politicians
17:22 - Which Interface to Use?
18:17 - The HackRF//Pros & Cons
19:54 - Signal Generator Waveform Flags
20:37 - Next Step//Capturing the Signal
22:13 - Next Step//Sending the Signal//Replay Attack
25:45 - Next Step//Connecting to ODB2 Port
27:09 - ODB2 Protocols
28:00 - Car Hacking Research//can-utils
29:10 - Car Simulator//ICSim
30:53 - Starting Simulator
32:10 - Capturing Commands to Start the Car//cansniffer
33:56 - Logging//candump
35:06 - Searching log file for commands
35:42 - Sending command//cansend
37:05 - Mr Robot Hack//Realistic?
39:08 - Metasploit Car Hacking Modules
41:08 - Comment!//Which Hack Next?
// DEVICES //
RTL-SDR: amzn.to/3cag953
HackRF One: greatscottgadgets.com/hackrf/one/
// Previous Videos in the Series //
Mr Robot Ep 1: ruclips.net/video/3yiT_WMlosg/видео.html
Mr Robot Ep 2: ruclips.net/video/7V9_x97s4g8/видео.html
// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: ruclips.net/user/davidbombal
// Occupy The Web social //
Twitter: twitter.com/three_cube
// Occupy The Web books //
Linux Basics for Hackers: amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh
// Other books //
The Linux Command Line: amzn.to/3ihGP3j
How Linux Works: amzn.to/3qeCHoY
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Personally I am glad these are still 40 minutes long and extra informative. Please do not condense them into 20 second shorts like all the other channels are suddenly doing. I hate shorts so much

very nice to see this. Well done.
I am a senior cyber security consultant with 25+ years experience. Despite your channel having a beginners focus, it's still enjoyable for us veterans.
Nice thing you are doing here David. The best of luck to you mate.

I love this Mr. Robot series! Thanks for making more of these videos David.

Love the serie, David! Keep them going. I think this is so important in terms of educational purpose and for awareness around the world to let people know how relatively easy it can be with some IT knowledge to hack something, just with the use of a single receiver and a linux distro.

OTW's voice is soo soothing, calm and gentle. A master indeed. Thanks David for continuing this series. YOu should have included OTW in the video title tho

I am becoming more and more fan of this RUclips channel , the time they spend is awesome .. so inspirational

I bought the RTL-SDR when I saw the video this morning and just got it in the mail. This is easily the coolest thing I've ever done (still a beginner in cs/networking). Thanks for the video, will be purchasing the HackRF One next!

The only series I've been waiting...
It's just amazing....
Respect bombal🤗

Mercedes use two freqs for their keyfobs. The jam portion is tough because the HackRF or other SDRs do not have the power output necessary unless you are literally standing next to the target. The roll + jam method will work but it is a proximity based method. I prefer to use URH to record and analyze signals + replay. As always David another great video.

You're my role model as a jnr software engineer, Big Love from Ghana. God bless you.

THANK YOU DAVID! for another Mr. Robot series and I love this stuff. one thing to mention your show more section is a full of information that is a great thing to get information keep it up!

One of my senior projects in college was to create a wireless ECU device.
I had so much fun accidentally DoSing the CAN in my car. Your engine sounds really funky when the sensors can’t communicate.

Best series on RUclips, educational and very entertaining. Thank you, Mr. Bombal.

I'm so glad I just found your channel, this free information is top notch. Amazing! Thank you David!

My favorite series on RUclips. Thanks so much!

These interviews with Ocupy the Web are amazing! His insight to all the differing techniques and history of technologies are just incredible.

We been waiting eagerly sir the robot. 🤖 keep posting David

Firstly thanks David and OTW (Occupy the Web) for this wonderful series, it was so informative and got to know and learn so many thing form this video it's just amazing eagerly waiting for further videos. Love Form INDIA..

Commands to figure out what devices are in firmware: dmesg; lsusb -v; lspci -v; ls -lart /dev | tail
If you know that the device is a character device that gives a bit more info. You can also do a deep query on a particular device by id.
On Sparc Solaris there is a dedicated firmware layer that you can enter and depending on the device (if not a laptop) there may be dedicated means of controlling or configuring firmware

To filter lsusb results to show only SDRs you could pipe grep (-iF = case insensitive), if "SDR" is included in the product title.
Example: lsusb | grep -iF "sdr"

This is just a white collar version of kia boys lmao. Love the content and the editing is top notch!

Tak!

Very much interesting! Your interviews with OTW is a gold mine of valuable informations! Thank you so much!

Connector name is OBD2 (OBDII) and network is CAN-BUS, which is network on which any modern car's ecus communicate between each other.

some times I just feel so overwhelemed with the amount of things we need to learn to be good hackers that is crazy. I want to read about so many things but I just don't have the time for it. this particular field(radio) is one I had always liked but I just don't have the time because of all the many things I had been trying to do at the same time. i want to learn about API for hacking, radio, binary exploration, web exploration, debugging, coding, malware analysis, reverse engineering and much more. and each of these things take years to really get a good understanding of it

Awesome, this is actually exactly the hack I was hoping to see explained on here! Sounds a lot like the radio jamming The Weatherman (from Negativland) does.

Love these, I’ve watched each one as soon as they come out. Please keep this series going, I don’t even watch Mr Robot, this is better than the real show.

I work at a car dealership. I told everyone I wanted to learn how to hack cars now everyone thinks I am going to steal one.

Great video guys. I hope you go over hacking the ESP32 soon

I’m learning so much valuable information from your videos! Fantastic quality, great learning tool, and better yet, it helps to make these things make sense in the real world. Cannot thank you enough for your incredible work!!!

Amaziiiing, so informative as always. Thank you

David + OTW = Best way to learn hacking

I started to watch your show daily. Amazing learning experience 👌

Things didn't end well for Mobley, & Romero from what I remember. Thanks, David, & OtW. I enjoyed this.

Im new to the cyber security world, but come from the automotive field (nearly a decade as a certified mechanic). Super interesting to see how this was carried out as I actually understand the automotive side of things. I would be curious to see how this works on newer vehicles with SDGM (Serial data gateway) modules or the newer "K-line" that is primarily dedicated to prevent cyber attacks on EVs. Id be willing to teach some automotive electrical/data communication knowledge to anyone wanting to network!

Valeu!

This was an awesome episode as I don't know much about car hacking, but it seems very interesting.

Awesome video, I especially liked the DragonOS part!

This is right up my alley! I've theorized how to do some of this stuff. It's a dream of mine to hack Voice over LTE on the LG V20 smartphone so we can use open sourced ROMs. Thanks for teaching me about some of the tools.

best content available for learning practical hacking techniques

Your channel has gotten me so interested in cybersec. Love this content!!!

Wow, that was a great talk. I really enjoyed this one. Cheers!

You both are great humans ! learning and sharing. absolutely appreciated!

I love Mr. Robot!! Thank you for the video!! Plus I have the first book you mentioned and love it!!!

The best hacking series. I am loving this even more than the mr. robot itself.

Man OTW is the OG in hacking. Have been following him since the null byte era.

It was amazing sir, next will be related Traffic signal hacking

Fun fact about signal jamming to counter radio controlled IEDs in Afghanistan…our jammers in our trucks actually block the satcom signal we sit on for higher command. We were using that frequency over sat to call in medevacs and one time, we took a casualty and we had to call in a medevac right away. But our ground force commander was getting no dice with the sat comm. comes right up to my truck, flips the switch on the jammer, and finally got higher on the radio. Now, I didn’t know this at the time but everyone around me assumed I did so I got yelled at for having the jammer on when it should have been off. But - the Taliban are very, very, very, smart. It was always a joke they are just a bunch of cavemen in paper sandals and pajamas. Nope. Very intelligent individuals. So when they realized inside our trucks were hammers to jam radio and cell signals to counter their IEDs attack, the Taliban increasingly (and quickly too) moved to using what we call “command detonation” initiation. A physical power crowd that some times ran hundreds and hundreds of feet, sometimes burried under a few inches or maybe even a foot of dirt and would run into an orchard or into a random civilians home and they would sit and wait and remotely set off the IED with a cable that ran all the way to it. We came across a couple of those when I was there along with reverse pressure plate initiations (meaning, releasing the pressure from the plate sets it off - they would put big rocks in the middle of the road knowing we obviously have to move the rock and once it’s lifted up, the IED goes off) and standard pressure plated IEDs. I think we only came across one “RC” IED in 2014 and about 300 yards away I saw a guy in the window banging on his cellphone through my scope looking all confused. I asked to fire on him as I was 100 percent certain he was infact - the trigger man and he was awake wayyyyyy too earlier yo be making cellphone calls but was told to let him go. Our jammers 100 percent jammed the signal and would not detonate that IED we found

You guys are awesome! Thanks for this series!

10:38 in video duration, I like your goldfish shark canvas very creative 👌👍

OTW is amazing,Must have RUclips channel

Thank's David for making videos on SDR .

David doing it again, this is the reason for your success

Educational purpose GOd bless u as always

The most amazing episode, interview at mercedes next week as a pentester. 😅

Love From India💐❤️

Another great video, I am glad that I started watching you a couple of months ago David :)
But I have a question - could you make a video with a list (or maybe something else) with best latops in 2022 for security? I know you probably get a lot of this kind of request but still... it would be nice to see something like this on your channel, just my thought - hope you don't mind.

Here is one that will cook your noodle. Bypass the rolling codes on the key fob by first capturing any signal ..then jam the keyfob signal..this will tell the computer to allow ANY previously used rolling code (which you have already captured one) to unlock the car..then playback the captured signal. Cheers 🍻

Please keep up these mr robot explaination and demonstration videos. Love!

God!!!...your videos are soo informative..Thank you

This is so fascinating, had to show all my students.

Hi, just some info, port in cars to connect to car computer is OBD II (On-board diagnostics) and not ODB II

ThankYou David And Master OTW.

Another good Hackrf alternative is the limesdr mini, it’ll do full duplex and has slightly higher bandwidth. It has decent support with most SDR related software but is not quite prolific as the Hackrf

dam! controlling the Frequency is useful and make our plans easier

Agree, this mr robot series is great thanks Dave and OTW

Thank you very much

I'm learning a lot from this fellow. I love this!

Thanks a lot David! Keep these videos coming. Can you please make an episode when Mr. Robot hacked Ron’s coffee? I think its season 1 episode 1

How to protect your car from malfunctioning due to remote hacks?

Great video guys! Thank you for sharing all that knowledge ...

Great video, learnt some good stuff especially on the SDR subject. However, it's OBD not ODB.

Great content, as usual! I love this Mr. Robot series! I wonder if there are any code dumps for certain makes and models on the “darkish” web… sort of like a RockYou-esque txt file of codes. Wouldn’t shock me ha ha.

Again great class thanks to both Mr David bombal

Honestly love these series, many thanks !

Reprogramming incoming nuclear ICBMs (in flight) sounds like my next home defense project...

Im gonna order the book next week

My VW Polo (2003) would be a challenge. - a museum car with OBD. Hardly any RF-emissions, just CO2?

They definitely aren’t thinking security, I mean look at Hyundai, the used the example rsa keys for their encryption

Good to have you back OTW

Hi David, I retired from my job regarding my health situation, Now I want to start by learning ethical hacking..! Where to start.? 😥

I love this video and iam manoj waiting for my HackRf One. Iam the The July recipient for the Great Scott Gadgets Free Stuff Program from India. Thankyou so much that you give so many information about SDR in this video. My HackRf One was in transit after receiving iam going to learn IOT Penetration testing. I love to do car hacking... I have the RTL-SDR Device but through that device i cant doo replay attack. Thankyou so much to provide this video on RUclips.

love bombal from morocco ❤❤

I agree he's awesome leave it be I like listening to the full 40 minutes

the gausian method sort of reminded me when fighter aircraft deploy foil chaff to avoid lock on

When using the sniffer, could you not connect to OBD11 port and sniff a data sample of the target vehicle? I worked for a GPS tracking company and, we would drive the most strictly controlled ( what we could control) route accounting for traffic, red lights etc,. All the while capturing the NEMA and OBD11 data and we could loop that data into our tools and recreate the test drive for a number of reasons. This is pertinent as we could learn a lot from the data including the the manufacturers implementation of the SPEC i would have added quotes to SPEC, but you all know why that doesn't translate. YOU ARE ABSOLUTELY CORRECT. . it is so loosely defined that we consider it a guideline rather that a SPEC. Freighters and MAC K trucks would change their stuff every couple of years. it was challenging. If there is a method available for one to grab a data capture from the actual target vehicle and collectively with the community we could compile a database for every ones benefit. OOPS! I reacted before finishing you demo. Sorry bout that.

Great tutorial😊

Why aren't keyfob locks and ignition using challenge/response with public key cryptography, having the car offer a random number, and only accept the command if the command + the random number are signed with a private key stored in the fob ?

Love this interviews

Thank’s for sharing! Great one!

You can record and resend fob code but this will not unlock any car, each time you press any unlock but another code is expected for all cars of this century

The intro is so addictive 💞

this video helped me. thanks

44 seconds in and I already bought the books you recommended.

I'm literally addicted to this series, and I hope to collaborate with both of you sometime in the future...

Great channel thanks man for your content 👍🏻

Very Interesting stuff tanks for your work+

Just want to point out @ 15:50 that an IUD and an IED are very different things 🤣

Thanks for the info, but OTWs website could use some help with the css… It’s almost unusable on an iPhone13 Pro Max. Lots of blank black space. I think the media queries aren’t working maybe?