Hacking Your Car Using CANBUS

CANBUS hacking…

A little into in a few minutes. yes, as implied, it is a BUS and you can gain access to it from the ODB-II port. Think a hub. All messages on a segment go to all devices on the segment. Messages can be filtered with a gateway (think firewall) between various busses, which may or may not be exposed at the ODB-II port.

Ok, about the messages. A little bit different from networks that we are familliar with. First off, the message do not have source field, but do have a destination in the form of a one byte arbitration ID, these arbitration IDs also indicate priority - the lower the Arbitration ID destination, the higher priority the message. So the ArbID 0 would be processed prior to 73febeef. Now, each message is sent to the bus with an ArbID, and each device LISTENS for specific ArbIDs that is concerned about. With that, Gateways can pass specific messages, and each Device can look for multiple messages. Oh, those messages? Either 11 or 29 bytes, so fairly easy to fuzz.

More episodes of Security Weekly TV

Featured episodes in Tech & Gadgets

Security Weekly TV

Information security news, research, vulnerabilities, hacking, and how-tos!