Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
The car hacker's handbook : a guide for the penetration tester / / by Craig Smith
| The car hacker's handbook : a guide for the penetration tester / / by Craig Smith |
| Autore | Smith Craig (Reverse engineer) |
| Edizione | [1st edition] |
| Pubbl/distr/stampa | San Francisco, [California] : , : No Starch Press, , 2016 |
| Descrizione fisica | 1 online resource (306 pages) : illustrations |
| Disciplina | 629.2/72 |
| Soggetto topico |
Automotive computers - Security measures
Automobiles - Performance Automobiles - Customizing Penetration testing (Computer security) Automobiles - Vandalism - Prevention |
| ISBN |
1-4571-9884-3
1-59327-770-9 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Title Page -- Copyright Page -- About the Author -- About the Contributing Author -- About the Technical Reviewer -- Brief Contents -- Contents in Detail -- Foreword by Chris Evans -- Acknowledgments -- Introduction -- Why Car Hacking Is Good for All of Us -- What's in This Book -- Chapter 1: Understanding Threat Models -- Finding Attack Surfaces -- Threat Modeling -- Level 0: Bird's-Eye View -- Level 1: Receivers -- Level 2: Receiver Breakdown -- Threat Identification -- Level 0: Bird's-Eye View -- Level 1: Receivers -- Level 2: Receiver Breakdown -- Threat Rating Systems -- The DREAD Rating System -- CVSS: An Alternative to DREAD -- Working with Threat Model Results -- Summary -- Chapter 2: Bus Protocols -- The CAN Bus -- The OBD-II Connector -- Finding CAN Connections -- CAN Bus Packet Layout -- The ISO-TP Protocol -- The CANopen Protocol -- The GMLAN Bus -- The SAE J1850 Protocol -- The PWM Protocol -- The VPW Protocol -- The Keyword Protocol and ISO 9141-2 -- The Local Interconnect Network Protocol -- The MOST Protocol -- MOST Network Layers -- MOST Control Blocks -- Hacking MOST -- The FlexRay Bus -- Hardware -- Network Topology -- Implementation -- FlexRay Cycles -- Packet Layout -- Sniffing a FlexRay Network -- Automotive Ethernet -- OBD-II Connector Pinout Maps -- The OBD-III Standard -- Summary -- Chapter 3: Vehicle Communication With SocketCAN -- Setting Up can-utils to Connect to CAN Devices -- Installing can-utils -- Configuring Built-In Chipsets -- Configuring Serial CAN Devices -- Setting Up a Virtual CAN Network -- The CAN Utilities Suite -- Installing Additional Kernel Modules -- The can-isotp.ko Module -- Coding SocketCAN Applications -- Connecting to the CAN Socket -- Setting Up the CAN Frame -- The Procfs Interface -- The Socketcand Daemon -- Kayak -- Summary -- Chapter 4: Diagnostics and Logging.
Diagnostic Trouble Codes -- DTC Format -- Reading DTCs with Scan Tools -- Erasing DTCs -- Unified Diagnostic Services -- Sending Data with ISO-TP and CAN -- Understanding Modes and PIDs -- Brute-Forcing Diagnostic Modes -- Keeping a Vehicle in a Diagnostic State -- Event Data Recorder Logging -- Reading Data from the EDR -- The SAE J1698 Standard -- Other Data Retrieval Practices -- Automated Crash Notification Systems -- Malicious Intent -- Summary -- Chapter 5: Reverse Engineering the CAN Bus -- Locating the CAN Bus -- Reversing CAN Bus Communications with can-utils and Wireshark -- Using Wireshark -- Using candump -- Grouping Streamed Data from the CAN Bus -- Using Record and Playback -- Creative Packet Analysis -- Getting the Tachometer Reading -- Creating Background Noise with the Instrument Cluster Simulator -- Setting Up the ICSim -- Reading CAN Bus Traffic on the ICSim -- Changing the Difficulty of ICSim -- Reversing the CAN Bus with OpenXC -- Translating CAN Bus Messages -- Writing to the CAN Bus -- Hacking OpenXC -- Fuzzing the CAN Bus -- Troubleshooting When Things Go Wrong -- Summary -- Chapter 6: ECU Hacking -- Front Door Attacks -- J2534: The Standardized Vehicle Communication API -- Using J2534 Tools -- KWP2000 and Other Earlier Protocols -- Capitalizing on Front Door Approaches: Seed-Key Algorithms -- Backdoor Attacks -- Exploits -- Reversing Automotive Firmware -- Self-Diagnostic System -- Library Procedures -- Comparing Bytes to Identify Parameters -- Identifying ROM Data with WinOLS -- Code Analysis -- A Plain Disassembler at Work -- Interactive Disassemblers -- Summary -- Chapter 7: Building and Using ECU Test Benches -- The Basic ECU Test Bench -- Finding an ECU -- Dissecting the ECU Wiring -- Wiring Things Up -- Building a More Advanced Test Bench -- Simulating Sensor Signals -- Hall Effect Sensors -- Simulating Vehicle Speed. Summary -- Chapter 8: Attacking ECUS And Other Embedded Systems -- Analyzing Circuit Boards -- Identifying Model Numbers -- Dissecting and Identifying a Chip -- Debugging Hardware with JTAG and Serial Wire Debug -- JTAG -- Serial Wire Debug -- The Advanced User Debugger -- Nexus -- Side-Channel Analysis with the ChipWhisperer -- Installing the Software -- Prepping the Victim Board -- Brute-Forcing Secure Boot Loaders in Power-Analysis Attacks -- Prepping Your Test with AVRDUDESS -- Setting Up the ChipWhisperer for Serial Communications -- Setting a Custom Password -- Resetting the AVR -- Setting Up the ChipWhisperer ADC -- Monitoring Power Usage on Password Entry -- Scripting the ChipWhisperer with Python -- Fault Injection -- Clock Glitching -- Setting a Trigger Line -- Power Glitching -- Invasive Fault Injection -- Summary -- Chapter 9: In-Vehicle Infotainment Systems -- Attack Surfaces -- Attacking Through the Update System -- Identifying Your System -- Determining the Update File Type -- Modifying the System -- Apps and Plugins -- Identifying Vulnerabilities -- Attacking the IVI Hardware -- Dissecting the IVI Unit's Connections -- Disassembling the IVI Unit -- Infotainment Test Benches -- GENIVI Meta-IVI -- Automotive Grade Linux -- Acquiring an OEM IVI for Testing -- Summary -- Chapter 10: Vehicle-to-Vehicle Communication -- Methods of V2V Communication -- The DSRC Protocol -- Features and Uses -- Roadside DSRC Systems -- WAVE Standard -- Tracking Vehicles with DSRC -- Security Concerns -- PKI-Based Security Measures -- Vehicle Certificates -- Anonymous Certificates -- Certificate Provisioning -- Updating the Certificate Revocation List -- Misbehavior Reports -- Summary -- Chapter 11: Weaponizing CAN Findings -- Writing the Exploit in C -- Converting to Assembly Code -- Converting Assembly to Shellcode -- Removing NULLs. Creating a Metasploit Payload -- Determining Your Target Make -- Interactive Probing -- Passive CAN Bus Fingerprinting -- Responsible Exploitation -- Summary -- Chapter 12: Attacking Wireless Systems with SDR -- Wireless Systems and SDR -- Signal Modulation -- Hacking with TPMS -- Eavesdropping with a Radio Receiver -- TPMS Packets -- Activating a Signal -- Tracking a Vehicle -- Event Triggering -- Sending Forged Packets -- Attacking Key Fobs and Immobilizers -- Key Fob Hacks -- Attacking a PKES System -- Immobilizer Cryptography -- Physical Attacks on the Immobilizer System -- Flashback: Hotwiring -- Summary -- Chapter 13: Performance Tuning -- Performance Tuning Trade-Offs -- ECU Tuning -- Chip Tuning -- Flash Tuning -- Stand-Alone Engine Management -- Summary -- Appendix A: Tools of the Trade -- Hardware -- Lower-End CAN Devices -- Higher-End CAN Devices -- Software -- Wireshark -- PyOBD Module -- Linux Tools -- CANiBUS Server -- Kayak -- SavvyCAN -- O2OO Data Logger -- Caring Caribou -- c0f Fingerprinting Tool -- UDSim ECU Simulator -- Octane CAN Bus Sniffer -- AVRDUDESS GUI -- RomRaider ECU Tuner -- Komodo CAN Bus Sniffer -- Vehicle Spy -- Appendix B: Diagnostic Code Modes and PIDs -- Modes Above 0x10 -- Useful PIDs -- Appendix C: Creating Your Own Open Garage -- Filling Out the Character Sheet -- When to Meet -- Affiliations and Private Memberships -- Defining Your Meeting Space -- Contact Information -- Initial Managing Officers -- Equipment -- Abbreviations -- Index -- Footnotes -- Chapter 10: Vehicle-to-Vehicle Communication -- Chapter 12: Attacking Wireless Systems with SDR. |
| Record Nr. | UNINA-9910798228303321 |
Smith Craig (Reverse engineer)
|
||
| San Francisco, [California] : , : No Starch Press, , 2016 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
The car hacker's handbook : a guide for the penetration tester / / by Craig Smith
| The car hacker's handbook : a guide for the penetration tester / / by Craig Smith |
| Autore | Smith Craig (Reverse engineer) |
| Edizione | [1st edition] |
| Pubbl/distr/stampa | San Francisco, [California] : , : No Starch Press, , 2016 |
| Descrizione fisica | 1 online resource (306 pages) : illustrations |
| Disciplina | 629.2/72 |
| Soggetto topico |
Automotive computers - Security measures
Automobiles - Performance Automobiles - Customizing Penetration testing (Computer security) Automobiles - Vandalism - Prevention |
| ISBN |
1-4571-9884-3
1-59327-770-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Title Page -- Copyright Page -- About the Author -- About the Contributing Author -- About the Technical Reviewer -- Brief Contents -- Contents in Detail -- Foreword by Chris Evans -- Acknowledgments -- Introduction -- Why Car Hacking Is Good for All of Us -- What's in This Book -- Chapter 1: Understanding Threat Models -- Finding Attack Surfaces -- Threat Modeling -- Level 0: Bird's-Eye View -- Level 1: Receivers -- Level 2: Receiver Breakdown -- Threat Identification -- Level 0: Bird's-Eye View -- Level 1: Receivers -- Level 2: Receiver Breakdown -- Threat Rating Systems -- The DREAD Rating System -- CVSS: An Alternative to DREAD -- Working with Threat Model Results -- Summary -- Chapter 2: Bus Protocols -- The CAN Bus -- The OBD-II Connector -- Finding CAN Connections -- CAN Bus Packet Layout -- The ISO-TP Protocol -- The CANopen Protocol -- The GMLAN Bus -- The SAE J1850 Protocol -- The PWM Protocol -- The VPW Protocol -- The Keyword Protocol and ISO 9141-2 -- The Local Interconnect Network Protocol -- The MOST Protocol -- MOST Network Layers -- MOST Control Blocks -- Hacking MOST -- The FlexRay Bus -- Hardware -- Network Topology -- Implementation -- FlexRay Cycles -- Packet Layout -- Sniffing a FlexRay Network -- Automotive Ethernet -- OBD-II Connector Pinout Maps -- The OBD-III Standard -- Summary -- Chapter 3: Vehicle Communication With SocketCAN -- Setting Up can-utils to Connect to CAN Devices -- Installing can-utils -- Configuring Built-In Chipsets -- Configuring Serial CAN Devices -- Setting Up a Virtual CAN Network -- The CAN Utilities Suite -- Installing Additional Kernel Modules -- The can-isotp.ko Module -- Coding SocketCAN Applications -- Connecting to the CAN Socket -- Setting Up the CAN Frame -- The Procfs Interface -- The Socketcand Daemon -- Kayak -- Summary -- Chapter 4: Diagnostics and Logging.
Diagnostic Trouble Codes -- DTC Format -- Reading DTCs with Scan Tools -- Erasing DTCs -- Unified Diagnostic Services -- Sending Data with ISO-TP and CAN -- Understanding Modes and PIDs -- Brute-Forcing Diagnostic Modes -- Keeping a Vehicle in a Diagnostic State -- Event Data Recorder Logging -- Reading Data from the EDR -- The SAE J1698 Standard -- Other Data Retrieval Practices -- Automated Crash Notification Systems -- Malicious Intent -- Summary -- Chapter 5: Reverse Engineering the CAN Bus -- Locating the CAN Bus -- Reversing CAN Bus Communications with can-utils and Wireshark -- Using Wireshark -- Using candump -- Grouping Streamed Data from the CAN Bus -- Using Record and Playback -- Creative Packet Analysis -- Getting the Tachometer Reading -- Creating Background Noise with the Instrument Cluster Simulator -- Setting Up the ICSim -- Reading CAN Bus Traffic on the ICSim -- Changing the Difficulty of ICSim -- Reversing the CAN Bus with OpenXC -- Translating CAN Bus Messages -- Writing to the CAN Bus -- Hacking OpenXC -- Fuzzing the CAN Bus -- Troubleshooting When Things Go Wrong -- Summary -- Chapter 6: ECU Hacking -- Front Door Attacks -- J2534: The Standardized Vehicle Communication API -- Using J2534 Tools -- KWP2000 and Other Earlier Protocols -- Capitalizing on Front Door Approaches: Seed-Key Algorithms -- Backdoor Attacks -- Exploits -- Reversing Automotive Firmware -- Self-Diagnostic System -- Library Procedures -- Comparing Bytes to Identify Parameters -- Identifying ROM Data with WinOLS -- Code Analysis -- A Plain Disassembler at Work -- Interactive Disassemblers -- Summary -- Chapter 7: Building and Using ECU Test Benches -- The Basic ECU Test Bench -- Finding an ECU -- Dissecting the ECU Wiring -- Wiring Things Up -- Building a More Advanced Test Bench -- Simulating Sensor Signals -- Hall Effect Sensors -- Simulating Vehicle Speed. Summary -- Chapter 8: Attacking ECUS And Other Embedded Systems -- Analyzing Circuit Boards -- Identifying Model Numbers -- Dissecting and Identifying a Chip -- Debugging Hardware with JTAG and Serial Wire Debug -- JTAG -- Serial Wire Debug -- The Advanced User Debugger -- Nexus -- Side-Channel Analysis with the ChipWhisperer -- Installing the Software -- Prepping the Victim Board -- Brute-Forcing Secure Boot Loaders in Power-Analysis Attacks -- Prepping Your Test with AVRDUDESS -- Setting Up the ChipWhisperer for Serial Communications -- Setting a Custom Password -- Resetting the AVR -- Setting Up the ChipWhisperer ADC -- Monitoring Power Usage on Password Entry -- Scripting the ChipWhisperer with Python -- Fault Injection -- Clock Glitching -- Setting a Trigger Line -- Power Glitching -- Invasive Fault Injection -- Summary -- Chapter 9: In-Vehicle Infotainment Systems -- Attack Surfaces -- Attacking Through the Update System -- Identifying Your System -- Determining the Update File Type -- Modifying the System -- Apps and Plugins -- Identifying Vulnerabilities -- Attacking the IVI Hardware -- Dissecting the IVI Unit's Connections -- Disassembling the IVI Unit -- Infotainment Test Benches -- GENIVI Meta-IVI -- Automotive Grade Linux -- Acquiring an OEM IVI for Testing -- Summary -- Chapter 10: Vehicle-to-Vehicle Communication -- Methods of V2V Communication -- The DSRC Protocol -- Features and Uses -- Roadside DSRC Systems -- WAVE Standard -- Tracking Vehicles with DSRC -- Security Concerns -- PKI-Based Security Measures -- Vehicle Certificates -- Anonymous Certificates -- Certificate Provisioning -- Updating the Certificate Revocation List -- Misbehavior Reports -- Summary -- Chapter 11: Weaponizing CAN Findings -- Writing the Exploit in C -- Converting to Assembly Code -- Converting Assembly to Shellcode -- Removing NULLs. Creating a Metasploit Payload -- Determining Your Target Make -- Interactive Probing -- Passive CAN Bus Fingerprinting -- Responsible Exploitation -- Summary -- Chapter 12: Attacking Wireless Systems with SDR -- Wireless Systems and SDR -- Signal Modulation -- Hacking with TPMS -- Eavesdropping with a Radio Receiver -- TPMS Packets -- Activating a Signal -- Tracking a Vehicle -- Event Triggering -- Sending Forged Packets -- Attacking Key Fobs and Immobilizers -- Key Fob Hacks -- Attacking a PKES System -- Immobilizer Cryptography -- Physical Attacks on the Immobilizer System -- Flashback: Hotwiring -- Summary -- Chapter 13: Performance Tuning -- Performance Tuning Trade-Offs -- ECU Tuning -- Chip Tuning -- Flash Tuning -- Stand-Alone Engine Management -- Summary -- Appendix A: Tools of the Trade -- Hardware -- Lower-End CAN Devices -- Higher-End CAN Devices -- Software -- Wireshark -- PyOBD Module -- Linux Tools -- CANiBUS Server -- Kayak -- SavvyCAN -- O2OO Data Logger -- Caring Caribou -- c0f Fingerprinting Tool -- UDSim ECU Simulator -- Octane CAN Bus Sniffer -- AVRDUDESS GUI -- RomRaider ECU Tuner -- Komodo CAN Bus Sniffer -- Vehicle Spy -- Appendix B: Diagnostic Code Modes and PIDs -- Modes Above 0x10 -- Useful PIDs -- Appendix C: Creating Your Own Open Garage -- Filling Out the Character Sheet -- When to Meet -- Affiliations and Private Memberships -- Defining Your Meeting Space -- Contact Information -- Initial Managing Officers -- Equipment -- Abbreviations -- Index -- Footnotes -- Chapter 10: Vehicle-to-Vehicle Communication -- Chapter 12: Attacking Wireless Systems with SDR. |
| Record Nr. | UNINA-9910822423003321 |
|
Smith Craig (Reverse engineer)
|
||
| San Francisco, [California] : , : No Starch Press, , 2016 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
