Home Exploits Tools CBM – Car Backdoor Maker (Hacking a Car)

CBM – Car Backdoor Maker (Hacking a Car)

August 2, 2019 Leave a Comment
CBM - Car Backdoor Maker (hacking a car)

Technology is grow very fast, smart car is not just a dream. But, you know what, along with the advancement of technology security on that is can be exploit, even a car.

This time i will share with you a hardware-backdoor for CAN bus – by Sheila A. Berta & Claudio Caracciolo the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS location or when a specific car status is reached; and a configuration interface that allows users to create attack payloads in an easy manner. Have you ever imagined the possibility of your car being automatically attacked based on its GPS coordinates, its current speed or any other set of parameters? Now it’s possible :-)The project is divided in two parts: the “Car Backdoor Maker” (PC software) and “The Bicho” (hardware-backdoor for CAN bus).

Car Backdoor Maker

The Car Backdoor Maker is a software for making attack templates and load them into The Bicho.
Before starting, please read how to Get The Bicho hardware.

CBM - Car Backdoor Maker (hacking a car)

Under “car backdoor maker” folder, you’ll find the source code to compile it using Qt C++ 5.6.

The Bicho

The Bicho is a hardware backdoor for CAN bus.
By backdooring a car with The Bicho you will able to remotely control that car from any geographical point by injecting CAN frames through SMS commands.

The Bicho is a hardware-backdoor that must be connected to the car’s OBD-II port. It supports multiple attack payloads (pre-configured using Car Backdoor Maker) and it can be used against any vehicle that supports CAN, without limitations regarding manufacturer or model. Each one of the payloads is associated to a command that can be delivered via SMS, allowing remote execution from any geographical point. Furthermore, as an advanced feature, the attack payload can be configured to be automatically executed once the victim’s vehicle is proximate to a given GPS location. The execution can also be triggered by detecting the transmission of a particular CAN frame, which can be associated with the speed of the vehicle, its fuel level, and some other factors, providing the means to design highly sophisticated attacks and execute them remotely.

The-Bicho - hacking car (car backdoor maker)
The-Bicho - Hardware For Hacking (hacking a car) xploitlab

Install and Usage

This project has its wiki where you will find the following useful documentation:

Disclaimer

We are not responsible for bad uses.

Authors

Download CBM

You May Also Like

MetaFinder - Tool for Searching Documents in a Domain with search engine google, bing, baidu, yandex

MetaFinder – Tool for Searching Documents in a Domain

Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Dirsearch – Web Content Discovery Scanner

ApkLeaks - Tool For Scanning Mobile Application APK file to Extract All Data URIs, Endpoints & Secrets

ApkLeaks – Tool For Scanning APK file to Extract URIs, Endpoints & Secrets

Fully automated Log4j RCE Scanning and Exploit Tool Kali Linux

log4j-scan – Log4j RCE Scanning and Exploit Tool

Subzy - Subdomain Takeover Vulnerability Scan Tool

Subzy – Subdomain Takeover Vulnerability Tool

IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

Leave a Reply

Your email address will not be published. Required fields are marked *

eight − three =