Second day of the training! Today we will be covering more diagnostic protocols and hardware hacking. Lots of actual vehicle hardware to practice on.

Had blast giving my "Practical Car Hacking" training with participants from Deloitte and RDW! Three days filled with hands-on hacking on real vehicle hardware. If you're interested in attending one of my trainings or organize one, check out my website icanhack.nl.

I'm releasing the "automotive" rust crate! It has a fully async CAN adapter and UDS client. This allows building fast scanners or communicating with multiple ECUs in parallel. Both SocketCAN (Linux) and panda (Linux, MacOS, Windows) are supported. github.com/I-CAN-hack/aut…

New blog post is out! Extracting the SecOC keys used for securing the CAN Bus on the 2021+ RAV4 Prime. icanhack.nl/blog/secoc-key… Research started all the way in 2022, but took many evenings of reverse engineering to get code execution. PoC: github.com/I-CAN-hack/sec…

In 2022 we found vulnerabilities in dormakaba Saflok hotel locks. Reading one RFID card enables us to forge a pair of cards that open any door in that hotel! Dormakaba is currently working with its customers to fix the 3 million affected locks. wired.com/story/saflok-h…

Fast and Curious: Emulating Renesas RH850 System-on-Chip using Unicorn Engine Brought to you by Damien Cauquil (@[email protected]) and Phil BARRETT to make your automotive vulnerability research easier blog.quarkslab.com/emulating-rh85…

Check out my new blog, coauthored with Jerin S Learn how we unlocked Renesas RH850 security by breaking 16-byte ID code authentication using Voltage Glitching to extract firmware on Automotive ECUs. Read the full article here: lnkd.in/d3zqKE6a #AutomotiveSecurity

An interesting talk at #hw_ioUSA2024 🚗 👨‍💻 that allows uploading a payload to RAM and getting the ECU to execute it. Using this exploit, Willem Melching and Greg Hogan could extract the SecOC keys. YouTube Link: youtu.be/8958gH3KD3Y?si… #carhacking #secoc #reverseengieering

We did it again!!! We got 1st place in the #defcon32 Car Hacking Village CTF. This year we won a Tesla Model 3, and the whole team has their own Black Badge now 😎. Greg Hogan Robbe Derks

So you want to build some shellcode for an ECU? I made a collection of Dockerfiles to set up gcc for V850, PowerPC-VLE and TriCore. It compiles binutils and gcc based on the GPL sources/patches from the proprietary compilers such as S32DS and HighTec C. github.com/I-CAN-hack/aut…

I created a small automotive themed CTF! The first person to solve all the challenges will get a free CAN Bus Throwing Star. Check it out at ctf-teaser.icanhack.nl

Congratulations to stephandb for being the first to solve all the challenges! He also provided an excellent write-up: icanhack.nl/ctf_writeup.pdf. The CTF will stay up for a few more weeks, so don't worry if you haven't been able to finish all the challenges yet.

Inspired by Fraktal's Laser Fault Injection rig, I got an xTool F1. I probably need to use some HNO3 to take off the last bit of packaging. The chips no longer work if I go too far, and the die also looks visually damaged.