Former Tesla Intern Releases $60 Full Open Source Car Hacking Kit For The Masses article tells about new tool to get your hands on car electronics. CANard tool will make it cheaper and easier than ever before for tinkerers to get to the innards of their connected cars to determine if there are any useful tweaks they can make, or any worrisome security vulnerabilities that more malicious hackers could exploit. CANard programming is based on Python language. To use CANard, you will need CANtact, a CAN to USB interface for the low, low price of $59.95. <the hardware is open source too, meaning it’s easily replicable.
It should allow security researchers of all ilks to easily probe cars for weaknesses. As vehicles can have upwards of 100 million lines of code running on them, it’s makes it essential as many security researchers as possible can validate these systems. Previously, car hacking was the domain of those who had access to more expensive, bespoke hardware and knew the protocols used by cars.
Or have more limited options what can be made by using cheap ODB adaters like OBD2 Bluetooth adapter I just tested and use ready made apps for it.
19 Comments
Tomi Engdahl says:
Speaking CAN With Open Source Hardware
http://hackaday.com/2015/03/28/speaking-can-with-open-source-hardware/
You can buy a dongle with a weird industrial connector that fits under the dash of any car on the road for $15. This is just a simple ODB-II transceiver meant for reading error codes and turning a Crown Vic into a police interceptor. There’s a lot more to the CAN Bus than ODB-II; robots and industrial control units, for instance, and Hackaday alum [Eric] has developed an open source tool for all things CAN.
The CANtact is a small board outfitted with a USB port on one end, a DE-9 port on the other, and enough electronics to talk to any CAN device. The hardware on the CANtact is an STM32F0 – an ARM Cortex M0 that comes with USB and CAN interfaces. This chip connects to a Microchip CAN transceiver, and that’s pretty much all you need to talk to cars and industrial automation equipment.
On the software side of things, the CANtact can interface with Wireshark and the CANard Python library. All the files, from hardware to software, are available on the Github.
A $60 Gadget That Makes Car Hacking Far Easier
http://www.wired.com/2015/03/60-gadget-thatll-make-car-hacking-easier-ever/
Tomi Engdahl says:
Open source OBD-II Adapter
http://hackaday.com/2016/03/27/open-source-obd-ii-adapter/
Automotive diagnostics have come a long way since the “idiot lights” of the 1980s. The current version of the on-board diagnostics (OBD) protocol provides real time data as well as fault diagnostics, thanks to the numerous sensors connected to the data network in the modern vehicle. While the hardware interface is fairly standardized now, manufacturers use one of several different standards to encode the data. [Alex Sidorenko] has built an open source OBD-II Adapter which provides a serial interface using the ELM327 command set and supports all OBD-II standards.
The hardware is built around the LPC1517 Cortex-M3 microprocessor
The software is written in C++ for the LPCXpresso IDE – a GNU tool chain for ARM Cortex-M processors, but can also be compiled using a couple of other toolchains.
Open-source OBD adapter
http://www.obddiag.net/allpro.html
Tomi Engdahl says:
ICS-CERT Warns of CAN Bus Vulnerability
http://www.securityweek.com/ics-cert-warns-can-bus-vulnerability
The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an alert on Friday to warn relevant industries about a vulnerability affecting the Controller Area Network (CAN) bus standard.
CAN is a high-reliability serial bus communications standard. It’s present in most modern cars – it allows various components of a vehicle to communicate with each other – and it’s also used in the healthcare and other sectors.
A team of Italian researchers published a paper last year describing various CAN weaknesses and an attack method that can be leveraged for denial-of-service (DoS) attacks. They also published a proof-of-concept (PoC) exploit and a video showing how they managed to exploit the flaw to disable the parking sensors on a 2012 Alfa Romeo Giulietta.
A Stealth, Selective, Link-layer Denial-of-Service Attack Against Automotive Networks
https://www.politesi.polimi.it/bitstream/10589/126393/1/tesi_palanca.pdf
Tomi Engdahl says:
Toyota Builds Open-Source Car-Hacking Tool
‘PASTA’ testing platform specs will be shared via open-source.
https://www.darkreading.com/vulnerabilities—threats/toyota-builds-open-source-car-hacking-tool/d/d-id/1333415
A Toyota security researcher on his flight from Japan here to London carried on-board a portable steel attaché case that houses the carmaker’s new vehicle cybersecurity testing tool.
Takuya Yoshida, a member of Toyota’s InfoTechnology Center, along with his Toyota colleague Tsuyoshi Toyama, are part of the team that developed the new tool, called PASTA (Portable Automotive Security Testbed), an open-source testing platform for researchers and budding car hacking experts. The researchers here today demonstrated the tool, and said Toyota plans to share the specifications on Github, as well as sell the fully built system in Japan initially.
What makes the tool so intriguing – besides its 8 kg portable briefcase size – is that automobile manufacturers long had either ignored or dismissed cybersecurity research exposing holes in the automated and networked features in their vehicles.
Tomi Engdahl says:
CANalyzat0r – Security Analysis Toolkit For Proprietary Car Protocols
https://www.kitploit.com/2019/02/canalyzat0r-security-analysis-toolkit.html?m=1
Tomi Engdahl says:
https://hackaday.com/2019/07/22/developing-an-automatic-tool-for-can-bus-hacking/
Tomi Engdahl says:
Sniffing CAN To Add New Features To A Modern Car
https://hackaday.com/2019/05/09/sniffing-can-to-add-new-features-to-a-modern-car/
Car hacking | How I added features by manipulating can bus — and how you
https://medium.com/@tbruno25/car-hacking-how-i-added-features-by-manipulating-can-bus-and-how-you-can-too-b391fcea11f1
Tomi Engdahl says:
https://hackaday.com/2019/05/14/turn-your-car-into-a-simulator/
Tomi Engdahl says:
https://hackaday.com/2019/05/29/turbo-subaru-gets-diy-gauges/
Tomi Engdahl says:
Turn Your Actual Car Into a Racing Simulator
Nishanth Samala used an old Subaru Forester to control a McLaren 570S.
https://www.hackster.io/news/turn-your-actual-car-into-a-racing-simulator-63d1fcf6d997
Tomi Engdahl says:
The Jailbreaker Enzo is a CAN-bus ECU module that re-calculates and changes CAN-bus traffic by request/response logic, giving your Uconnect features not enabled from factory. http://www.customtronix.com/webshop/jailbreaker-enzo/
Tomi Engdahl says:
https://hackaday.com/2020/07/02/custom-packet-sniffer-is-a-great-way-to-learn-can/
Tomi Engdahl says:
Get the CAN Party Started with an Entreé USB-C to CAN Interface
Power CAN devices with Entreé’s USB Power Delivery support.
https://www.hackster.io/news/get-the-can-party-started-with-an-entree-usb-c-to-can-interface-d94a6c9201bd
Tomi Engdahl says:
The board::mini is an open source car hacking platform with an STM32-powered base and three expansion boards.
board::mini Is the Ultimate Vehicle Hardware Hacking Platform
Upcoming open source hardware supporting CAN, USB-C, WiFi, BLE, GPS, and more.
https://www.hackster.io/news/board-mini-is-the-ultimate-vehicle-hardware-hacking-platform-99dc0a13a2d5
Tomi Engdahl says:
https://hackaday.com/2021/04/25/small-open-source-vehicle-hacking-platform/
Tomi Engdahl says:
Using CanoPy To Visualize The CAN Bus
https://hackaday.com/2021/05/08/using-canopy-to-visualize-the-can-bus/
As cars have become more sophisticated electronically, understanding the CAN bus that forms the backbone of automotive digital systems has become more and more important for hacking cars. Inexpensive microcontroller CAN interfaces have made obtaining the raw CAN bus traffic trivial, but interpreting that traffic can be pretty challenging. In order to more easily visualize CAN traffic, [TJ Bruno] has developed CanoPy, a Python tool for visualizing CAN messages in real time.
A basic PC CAN interface simply dumps the bus’s message traffic into the terminal, while more sophisticated tools organize messages by the address of their intended recipients.
Car Hacking | faster reverse engineering using CanoPy
https://tbruno25.medium.com/car-hacking-faster-reverse-engineering-using-canopy-be1955843d57
Tomi Engdahl says:
0x1B’s LIN USB Adapter Brings the Local Interconnect Network to Your Nearest USB Port
Designed as a low-cost alternative to the CAN bus, LIN-based automotive projects are now easier to start and debug.
https://www.hackster.io/news/0x1b-s-lin-usb-adapter-brings-the-local-interconnect-network-to-your-nearest-usb-port-ed0684107a4e
Polish maker 0x1B has released a compact board designed to connect a Local Interconnect Network (LIN) to USB, in either primary or client modes and at speeds of up to 20Kb/s.
Designed as an alternative to the more expensive-to-implement CAN bus, the Local Interconnect Network was developed by Volcano Automotive Group and Motorola for BMW, Volkswagen, Audi, Volvo, and Mercedes-Benz. The first full version of the standard was introduced in 2002, with a second version released in 2003.
The board uses an NXP TJA1028T LIN transceiver to operate as the sole primary or one of up to 15 clients on a LIN bus, with ISO7221 galvanic isolation
Tomi Engdahl says:
https://hackaday.com/2021/11/02/how-to-get-into-cars-endurance-racing-builds/
Tomi Engdahl says:
PYOBD GETS PYTHON3 UPGRADES
https://hackaday.com/2023/09/17/pyobd-gets-python3-upgrades/?fbclid=IwAR3oRsr34S9FXy42QR8OndAKGhE1py_GkoFrNO6upsIc_0hg4vcRQPoMnbU