How Cars Get Hacked by Rolling Code Vulnerabilities
HTML-код
- Опубликовано: 11 сен 2024
- Today we take a look at car hacking using SDRs and rolling codes. Hackers can gain complete and unlimited access to locking, unlocking, controlling the windows, opening the trunk, and starting the engine of the target vehicle by taking advantage of a flaw in rolling codes used by key fobs.
Github Link: github.com/Hac...
Samy kamkar also had an attack called Rolljam, which I assume you're referring to, which basically was setup inbetween the car and the key, and it would simultaneously jam the signal to prevent the car from hearing it, and then catch the first signal, then wait for someone to press the key a second time since it would look like it didn't work, then again the device would jam the signal for the car and record it simultaneously, then it would playback the first signal, letting the car hear the first signal and lock (user thinking this was the second keypress), leaving the device with a second valid code to then unlock the car whenever the attacker wants
How would that work? I am aware of the attack but the jamming part confuses me. If you're jamming something, you're sending out a bunch of noise on a higher power for a specific frequency to deny service to whatever device you're trying to disable. In this case, a key fob. However, since this creates so much "garbage" noise, how would you find the key fob on, say, 315 mhz or 433 mhz on the waterfall (let's say we are using a HackRF w/Portapack to record the first and second signal) if it's being jammed? Shouldn't it just receive the noise from the jamming device?
@@thatoneintrovert9618 very good point! i presume you'd have to have 2 'radios'. one positioned close to a car/garage door. that one would jam the signal coming from a fob and the other would be in your hand, recording the fob's signal. that's how i envision it.
I appreciate how hard you guys work to put out content for the small community of like minded individuals your channel has attracted!
Great show. Btw you don’t need any aluminium foil or other shielding materials as long as you have physical access to the key and the key is out of range to the lock/vehicle. In most occasions this is the case…
Great show guys. Where I'm located stealing cars right now, specifically older Hondas and Acuras is significant. I wouldn't doubt it, if this is the way they are gaining access.
The tin foil trick...big brain move man🤯
Can you jam the signal then and record those jammed signals with another device?
This is very interesting. I've been aiming to get into SDR for a while now, I guess this will be the straw that broke the camels back
BTW Awesome work guys, I really appreciate the content. You have made something worth while here.I don't get involved in the live streams bc of my work schedule but I don't miss an episode.
Hi, there is a hacking gadget that seem to handle rolling codes with the name Pandwa rf, what do you thing abiut it?😊
The kid in th ebeginning obviously didn't know what a rolling code is. He described the de Bruijn sequence.
Earned tf out my subscription
Clone the code away from the car so the car never gets the code and record that code since the car is out of range. Or a signal blocker
Im going to try this with my flipper zero 🥳🥳
🤣"..rep it up in foil and click it few times.."
How would it work if there are 2 keys? Does that mean they aren’t using riling code?
I have a 2011 car with 2 keys.
Naw
I would analyze the key fob in gqrx or any other radio frequency analyzer, see what modulation it’s using (ask/ook, 2fsk), record a few clicks, and replay to see.
If it doesn’t work, decode the signal, and replay code 💯💯
thinking of this, two key are two user names, so each user name has it own rolling code sequence.
I kinda wanna test this on my car now
Thats me woah :)
Bruh, i want my manual key back🤒
Could someone hack your radio and listen to you?
Short answer no
Long answer not your radio
Interesting… best protection, keep fobs inside a faraday bag at night and park your car inside your garage. You’re car is more vulnerable when you’re out and about, so try to park in open spaces and keep your head on a swivel for creepy crawlers watching you!