Part A: Setup Kali Linux
- Download Kali Linux
Follow this Initial Setup.Ensure that you download the latest version of Kali Linux (2024.3). You can get it from the official site: https://www.kali.org/get-kali/#kali-platforms
- Update Kali Linux
After completing the installation, run the following commands to update the system and install the latest package versions:
sudo apt-get update -y && sudo apt-get upgrade -y
https://www.youtube.com/watch?v=eWedDdKwp0E
- Check Kali Linux Release Version
To verify your Kali Linux release version, run:
lsb_release -a
Part B: ICSIM
- Clone the ICSIM Repository
Clone the ICSIM repository using the following command:
git clone https://github.com/zombieCraig/ICSim
You can find the repository here:
https://github.com/zombieCraig/ICSim
- Installed required dependencies
sudo apt-get install libsdl2-dev libsdl2-image-dev can-utils
- Installed meson builder system
sudo apt install meson
←STOP HERE→
- Build the project
cd ICSim
meson setup builddir && cd builddir
meson compile
- Testing on a virtual CAN interface
sudo modprobe can
sudo modprobe vcan
sudo ip link add dev vcan0 type vcan
sudo ip link set up vcan0
ip link show
6.Run
./icsim vcan0
./controls vcan0
← PLEAZS STOP OTHERWISE I DONT HAVE THING TO SHARE →
Part 3 : can-utils
cansniffer
cansniffer vcan0
cansniffer -c vcan0
cansend
Change Speedometer.
-
cansend: This is a command-line tool used to send CAN bus messages. -
vcan0: This specifies the virtual CAN interface to which the message will be sent. -
244#00000000: This represents the CAN message itself:-
244: The CAN ID (identifier) of the message. -
#: A separator between the CAN ID and the message data. -
00000000: The message data, which is 8 bytes long in this case
-
#change speedometer reading to 0
cansend vcan0 244#00000000
#change speedometer reading to max
cansend vcan0 244#000000FF
Benefits of Bash Scripting with cansend
while true; do cansend vcan0 244#000000FF &
wait; done
The script continuously sends both right and left signal messages to the can0 interface.
while true; do
cansend vcan0 188#02000000 &
cansend vcan0 188#01000000 &
wait
done
Open Doors
cansend vcan0 19B#00000000
Close Door
cansend vcan0 19B#00000F00
candump
#monitor a specific interface
candump vcan0
# monitor all available interfaces.
candump any
#monitor and loopback messages on a specific interface
candump -l vcan0
Send signal to right and left the same time.
cangen
#generates CAN messages with a fixed CAN ID, fixed data length, and incrementing data values.
cangen vcan0 -g 4 -I 42A -L 1 -D i -v -v
#generates extended frame mode (EFF) CAN messages with incrementing data length codes
cangen vcan0 -e -L i -v -v -v
canplayer
Create log files that is playable to canplayer using this command. Use the controllers and close the terminals when finish recording
#monitor and loopback messages on a specific interface
candump -l vcan0
Play the log files again
cat <yourlogfiles>.log | canplayer
or
canplayer -I <yourlogfiles>.log
canid
remember the lower the id the higher its priorities.
| Components | CAN-ID |
|---|---|
| speedometer | 244 |
| signal | 188 |
| door | 19B |
Part C : Hacking Training
CAN Hacking Training Usage
To safely train on CAN hacking you can play back a sample recording included in this repo of generic CAN traffic. This will
create something similar to normal CAN "noise". Then start the IC Sim with the -r (randomize) switch.
./icsim -r vcan0
Using CAN interface vcan0
Seed: 1401717026
Now copy the seed number and paste it as the -s (seed) option for the controls.
./controls -s 1401717026 vcan0
This will randomize what CAN packets the IC needs and by passing the seed to the controls they will sync. Randomizing
changes the arbitration IDs as well as the byte position of the packets used. This will give you experience in hunting down
different types of CAN packets on the CAN Bus.
For the most realistic training you can change the difficulty levels. Set the difficulty to 2 with the controls:
./controls -s 1401717026 -l 2 vcan0
This will add additional randomization to the target packets, simulating other data stored in the same arbitration id.
← REMEMBER CURIOSITY KILL A CAT →
Part D : CloudCar
ssh-keygen
cat ~/.ssh/*.pub
Please share your public SSH key in our WhatsApp group, and I'll add it to my cloud car's authorized keys.
Top comments (0)