CaringCaribou / caringcaribou

A friendly car security exploration tool for the CAN bus
GNU General Public License v3.0
751 stars 197 forks source link

Bruteforce security access key and security levels #74

Open jnsbal opened 2 years ago

jnsbal commented 2 years ago

Hello,

I am currently getting familiar with car hacking and found your tool.

Since I am not an expert in the field I got two questions regarding possible additions to CC.

Would it be an appropriate use case for caringcaribou to add a function to bruteforce the security access key after the seed request? I also wondered if it makes sense to try all possible values for the security level (related to cc.py uds security_seed) when checking an ECU.

Thanks!

kasperkarlsson commented 2 years ago

Hello,

Bruteforcing different key values after a seed request would absolutely be possible. Another similar mode would be to also send a new seed request before each attempt.

As for the security level, I suppose that could be bruteforced as well 😃

bhass1 commented 1 year ago

Hey @jnsbal! I had started this work and skeleton implementation, but didn't make time in my life to fully implement and merge it with the mainline. Here it is for reference: https://github.com/bhass1/caringcaribou/tree/master_security_access

Feel free to open a PR on my fork if you want to take that approach or reference it in your own implementation.

CanBusHack commented 1 year ago

Similarly I've created a Brute force and Seed Timing Addition to my "seed_key_automoation" branch.

https://github.com/CanBusHack/caringcaribou/tree/seed_key_automation

obbardc commented 5 months ago

Can you open a PR for that @CanBusHack / @bhass1 ?