Open Source Car Hacking Kit

Former Tesla Intern Releases $60 Full Open Source Car Hacking Kit For The Masses article tells about new tool to get your hands on car electronics. CANard tool will make it cheaper and easier than ever before for tinkerers to get to the innards of their connected cars to determine if there are any useful tweaks they can make, or any worrisome security vulnerabilities that more malicious hackers could exploit. CANard programming is based on Python language. To use CANard, you will need CANtact, a CAN to USB interface for the low, low price of $59.95. <the hardware is open source too, meaning it’s easily replicable.

It should allow security researchers of all ilks to easily probe cars for weaknesses. As vehicles can have upwards of 100 million lines of code running on them, it’s makes it essential as many security researchers as possible can validate these systems. Previously, car hacking was the domain of those who had access to more expensive, bespoke hardware and knew the protocols used by cars.

Or have more limited options what can be made by using cheap ODB adaters like OBD2 Bluetooth adapter I just tested and use ready made apps for it.



  1. Tomi Engdahl says:

    Speaking CAN With Open Source Hardware

    You can buy a dongle with a weird industrial connector that fits under the dash of any car on the road for $15. This is just a simple ODB-II transceiver meant for reading error codes and turning a Crown Vic into a police interceptor. There’s a lot more to the CAN Bus than ODB-II; robots and industrial control units, for instance, and Hackaday alum [Eric] has developed an open source tool for all things CAN.

    The CANtact is a small board outfitted with a USB port on one end, a DE-9 port on the other, and enough electronics to talk to any CAN device. The hardware on the CANtact is an STM32F0 – an ARM Cortex M0 that comes with USB and CAN interfaces. This chip connects to a Microchip CAN transceiver, and that’s pretty much all you need to talk to cars and industrial automation equipment.

    On the software side of things, the CANtact can interface with Wireshark and the CANard Python library. All the files, from hardware to software, are available on the Github.

    A $60 Gadget That Makes Car Hacking Far Easier

  2. Tomi Engdahl says:

    Open source OBD-II Adapter

    Automotive diagnostics have come a long way since the “idiot lights” of the 1980s. The current version of the on-board diagnostics (OBD) protocol provides real time data as well as fault diagnostics, thanks to the numerous sensors connected to the data network in the modern vehicle. While the hardware interface is fairly standardized now, manufacturers use one of several different standards to encode the data. [Alex Sidorenko] has built an open source OBD-II Adapter which provides a serial interface using the ELM327 command set and supports all OBD-II standards.

    The hardware is built around the LPC1517 Cortex-M3 microprocessor

    The software is written in C++ for the LPCXpresso IDE – a GNU tool chain for ARM Cortex-M processors, but can also be compiled using a couple of other toolchains.

    Open-source OBD adapter

  3. Tomi Engdahl says:

    ICS-CERT Warns of CAN Bus Vulnerability

    The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an alert on Friday to warn relevant industries about a vulnerability affecting the Controller Area Network (CAN) bus standard.

    CAN is a high-reliability serial bus communications standard. It’s present in most modern cars – it allows various components of a vehicle to communicate with each other – and it’s also used in the healthcare and other sectors.

    A team of Italian researchers published a paper last year describing various CAN weaknesses and an attack method that can be leveraged for denial-of-service (DoS) attacks. They also published a proof-of-concept (PoC) exploit and a video showing how they managed to exploit the flaw to disable the parking sensors on a 2012 Alfa Romeo Giulietta.

    A Stealth, Selective, Link-layer Denial-of-Service Attack Against Automotive Networks

  4. Tomi Engdahl says:

    Toyota Builds Open-Source Car-Hacking Tool
    ‘PASTA’ testing platform specs will be shared via open-source.—threats/toyota-builds-open-source-car-hacking-tool/d/d-id/1333415

    A Toyota security researcher on his flight from Japan here to London carried on-board a portable steel attaché case that houses the carmaker’s new vehicle cybersecurity testing tool.

    Takuya Yoshida, a member of Toyota’s InfoTechnology Center, along with his Toyota colleague Tsuyoshi Toyama, are part of the team that developed the new tool, called PASTA (Portable Automotive Security Testbed), an open-source testing platform for researchers and budding car hacking experts. The researchers here today demonstrated the tool, and said Toyota plans to share the specifications on Github, as well as sell the fully built system in Japan initially.

    What makes the tool so intriguing – besides its 8 kg portable briefcase size – is that automobile manufacturers long had either ignored or dismissed cybersecurity research exposing holes in the automated and networked features in their vehicles.

  5. Tomi Engdahl says:

    CANalyzat0r – Security Analysis Toolkit For Proprietary Car Protocols

  6. Tomi Engdahl says:

    Turn Your Actual Car Into a Racing Simulator
    Nishanth Samala used an old Subaru Forester to control a McLaren 570S.

  7. Tomi Engdahl says:

    The Jailbreaker Enzo is a CAN-bus ECU module that re-calculates and changes CAN-bus traffic by request/response logic, giving your Uconnect features not enabled from factory.


Leave a Comment

Your email address will not be published. Required fields are marked *