Presented at
Black Hat Europe 2016,
Nov. 4, 2016, 2 p.m.
(60 minutes)
CANToolz is an open-source framework for working with CAN bus. In this presentation we will demonstrate use-cases and examples of black-box analyses of CAN network and ECU devices. This framework based on modules and libraries that can be used all together in different combos to get exactly what researcher/tester needs. <br><br><span style="background-color: initial;" data-mce-style="font-size: 12px; line-height: 20px; background-color: initial;"><span style="font-size: 12px; line-height: 20px;" data-mce-style="font-size: 12px; line-height: 20px;">1. What tester could do over OBD2 port?</span><br><ul><li>UDS scanning, sub-function scanning</li><li>Tester tool testing and traffic analysis</li></ul><span style="font-size: 12px; line-height: 20px;"><br></span></span><span style="font-size: 12px; line-height: 20px; background-color: initial;" data-mce-style="font-size: 12px; line-height: 20px; background-color: initial;">2. CAN Switch/Hub scanning</span><br><ul style="font-size: 13.34px;" data-mce-style="font-size: 13.34px;"><li><span style="font-size: 13.34px; line-height: normal; background-color: initial;" data-mce-style="font-size: 13.34px; line-height: normal; background-color: initial;">What messages could be routed from one bus to another?</span></li></ul><span style="background-color: initial;" data-mce-style="font-size: 13.34px; background-color: initial;"><span style="line-height: 20px;" data-mce-style="line-height: 20px;"><br></span><span style="font-size: 12px; line-height: 20px; background-color: initial;" data-mce-style="font-size: 12px; line-height: 20px; background-color: initial;">3. Understanding the traffic</span><br></span><ul><li><span style="font-size: 13.34px; line-height: normal; background-color: initial;" data-mce-style="font-size: 13.34px; line-height: normal; background-color: initial;">How to find "what means what"</span><br></li></ul><ul><li><span style="line-height: normal; font-size: 13.34px; background-color: initial;" data-mce-style="line-height: normal; font-size: 13.34px; background-color: initial;">Finding control frames</span><br></li><li><span style="line-height: normal; font-size: 13.34px; background-color: initial;" data-mce-style="line-height: normal; font-size: 13.34px; background-color: initial;">Finding status frames</span><br></li></ul><br><span style="font-size: 13.34px; background-color: initial;" data-mce-style="font-size: 13.34px; background-color: initial;">4. Running MitM</span><br><ul><li><span style="font-size: 13.34px; line-height: normal; background-color: initial;" data-mce-style="font-size: 13.34px; line-height: normal; background-color: initial;">DIY: anti-thief system</span><br></li></ul><br> Also, you could use CANToolz for integration/security tests as part of developing process (SDLC), and we will cover this part as well.
Presenters:
-
Alexey Sintsov
- ,
Alexey Sintsov graduated from Saint-Petersburg State Politechnic University with a degree in Information Security of Computer Systems department (Russia). Since 2001 he has been working on practical questions in the field of security analysis and searching for vulnerabilities and exploit development (JIT-SPRAY, ROP and other buzz-words could be added here ;)). Alexey is the co-founder of first Russian DEF CON group -DCG#7812 and is also the organizer of Zeronights conference. Some fruits of his labor can be found here: http://www.exploit-db.com/author/?a=549
Links:
Similar Presentations: