How does a hacker crack a car alarm system?

If the previous hacker's action to remotely crack the car has not made you aware of the importance of car safety, then the next message may make you realize that the car that was not connected to the Internet is not absolutely safe.

How is a hacker's car alarm system?

On the "Biantian" vulnerability response platform, there have been hacker teams exposing the anti-theft system of Volvo, BYD, and Buick. The design of the anti-theft system has only a few tens of dollars. Perform the action of opening and closing the door and the trunk. The entire process does not require the vehicle to have networking functions, as long as the door is remotely controlled by the car key, there is a potential risk.

The car is not connected to the Internet. How can a hacker crack the anti-theft system? Is it the kind of "locking car interference" that we often say? Of course things are not that simple.

The 18-year-old hacker from the "Mythical Team" Ghost Lab was discovered. In the sharing session where the vulnerability was discovered, I also learned about the entire cracking process. Because of the security of many vehicles, the related core vulnerabilities need to be kept confidential.

The key to the problem is the "synchronization value"

Although the core vulnerability cannot be disclosed, the whole cracking principle is not complicated (it is very boring): the hacker can monitor the wireless signal of the car remote control key and send the signal according to a specific mechanism, so that the remote control car can be reproduced indefinitely. The function of the key.

Hackers can capture signals and send them to the car for cracking, mainly because the anti-theft systems of these cars use HCS rolling chips and keeloq algorithms. This is an encryption and decryption technology algorithm introduced by a US company in the 1980s. It has high security features and is mainly used in car anti-theft systems and access control systems. It is the preferred chip in the field of keyless entry systems.

How is a hacker's car alarm system?

To put it easy to understand, the HCS rolling code chip and keeloq algorithm are the hardware and software solutions adopted by many car and access control remote keys. Once they are cracked, it is easy to cause large-scale security problems.

Back to this crack, every time the owner presses the key lock button and the drive button, a new signal is triggered. The vehicle quickly calculates the signal and determines whether to open the door. In the code of this command, there is a unique and fixed identification code (serial number) for each car and key, and the synchronization value encrypted for each command (the synchronization value is automatically +1 after each operation).

Each time the key is issued, the key and the car will record the synchronization value. After receiving the command, the car must check the synchronization value before proceeding to the next step. For example, the car key sends a signal with a synchronization value of "11", and the signal stored in the car is "10". The vehicle checks that the signal difference between the two can be opened within a certain range (to prevent the user from accidentally pressing the switch). The sync values ​​are not uniform, but the difference is not too large).

How is a hacker's car alarm system?

This calculation has both a decimal algorithm and a hexadecimal algorithm. Both algorithms need to be converted multiple times. When the programmer wrote the program, there was an obvious vulnerability. As long as two consecutive unlock commands (such as 10 and 11) were received, the system could not recognize whether the command was sent for the current key, and it would be executed by default.

Thousands of words merge into one sentence, once the hacker gets two consecutive synchronization values ​​(this requires the owner to send two commands continuously for a certain length of time), you can use this vulnerability to simulate the car key function without restriction. It will be hacked.

Is it harmful?

At the cracking scene, we also experienced a more interesting "accident". Due to the unknown interference, the receiver's multiple attempts to issue commands to the vehicle were still unsuccessful. Finally, it was discovered that the signal from the remote controller of the projector affected the operation of the cracking device. From this point we can see that this set of cracking equipment has low anti-interference ability to the external environment, and it needs to be solved under ideal conditions.

Because the entire command was acquired, the hacker could not analyze the unique identification code of each car and key. Therefore, the current crack is only for a specific single vehicle, and it is not possible to make a non-discriminatory crack on the same model.

For this loophole, Wang Yingjian, the head of "Mythical Action", has already found it in some models of Volvo 2008 XC90, BYD F0, Buick Regal, but it is still unclear the total number of vehicles affected. Because it is a hardware and software problem, the owner can only drive the vehicle back to the original factory or 4S shop to replace or upgrade the anti-theft system. Moreover, the vehicle time span using the HCS rolling code chip and the keeloq algorithm is very long, and some models are already difficult to maintain.

Let me talk about the difference between this method of cracking and the method of "locking the car". In fact, this technology has gained more privileges on the "locking car interference". Users can't avoid being hacked by the hacker if they are unaware or even ensure that the door is locked.

As long as the car owner can enter the car without knowing it, the harm caused by privacy leakage and property loss can be uncontrollable. And hackers can use the vulnerability to lock the car, so that the owner can not detect whether the vehicle has been invaded.

8 Inches Tablet PC

The 8-inch tablet will have a big impact on the 7-inch and 10-inch tablet market. Because the portability of an 8-inch tablet is stronger than that of a 10-inch tablet, and the usable area is larger than that of a 7-inch tablet. The most important thing is that the price is more moderate, which is much cheaper than a 10-inch tablet. It can be said that the 8-inch tablet computer has a good balance between portability and screen display area, and is more likely to be favored by the majority of users.


8 Inches Tablet Pc,Tablet Computer,8 Inch Android Tablets,8 Inch Tablet

Jingjiang Gisen Technology Co.,Ltd , https://www.gisentech.com

This entry was posted in on