The Mr Robot series with OTW (Occupy the Web) continues. OTW explains how hacks shown in the Mr Robot TV Series actually work (and if they are actually realistic). He compares real world car hacking vs what is shown in the TV series. // MENU // 00:00 - On This Episode of Hack Like Mr Robot! 00:30 - Welcome Back//OTW 00:45 - The Mr Robot Hack We're Doing 02:05 - Cars Becoming Like Computers 02:43 - Software Defined Radio Is Everywhere! 04:11 - Hardware Used//RTL-SDR 04:31 - Software Used//HDSDR 06:17 - Mr Robot//Car Hacking Strategies 08:21 - SDR//Ukraine Conflict 10:00 - Next Step//Signal Jamming 11:14 - Different SDR Software 12:01 - Osmocom//Generate Jamming Signal 14:26 - Sending Out Jamming Signal 15:03 - Signal Jamming Used to Protect Politicians 17:22 - Which Interface to Use? 18:17 - The HackRF//Pros & Cons 19:54 - Signal Generator Waveform Flags 20:37 - Next Step//Capturing the Signal 22:13 - Next Step//Sending the Signal//Replay Attack 25:45 - Next Step//Connecting to ODB2 Port 27:09 - ODB2 Protocols 28:00 - Car Hacking Research//can-utils 29:10 - Car Simulator//ICSim 30:53 - Starting Simulator 32:10 - Capturing Commands to Start the Car//cansniffer 33:56 - Logging//candump 35:06 - Searching log file for commands 35:42 - Sending command//cansend 37:05 - Mr Robot Hack//Realistic? 39:08 - Metasploit Car Hacking Modules 41:08 - Comment!//Which Hack Next? // DEVICES // RTL-SDR: amzn.to/3cag953 HackRF One: greatscottgadgets.com/hackrf/one/ // Previous Videos in the Series // Mr Robot Ep 1: th-cam.com/video/3yiT_WMlosg/w-d-xo.html Mr Robot Ep 2: th-cam.com/video/7V9_x97s4g8/w-d-xo.html // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal TH-cam: th-cam.com/users/davidbombal // Occupy The Web social // Twitter: twitter.com/three_cube // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Uhm. Maybe not really possible. Since now the LimeSDR are not made anymore. Ore sadly a lot of money with the question of its the original and not an chinese bad copy. How can we locate cellphones with maybe a hackRF. Ore a better sdr receiver with a gsmscan? Just an idea to input.
Personally I am glad these are still 40 minutes long and extra informative. Please do not condense them into 20 second shorts like all the other channels are suddenly doing. I hate shorts so much
very nice to see this. Well done. I am a senior cyber security consultant with 25+ years experience. Despite your channel having a beginners focus, it's still enjoyable for us veterans. Nice thing you are doing here David. The best of luck to you mate.
Reza Sayadi I need help, plz ,people are remote controlling my phone and setting the properties at unhealthy levels, it's something I can't stop, plz help
I LOVE OTW’s book, “Linux Basics for Hackers”, I’ve learned quite a bit from him, also love Mr Robot, an awesome series (I wish they’d make more). Love your channel too David. This is a TRIPLE WIN. Thank you all.
Love the serie, David! Keep them going. I think this is so important in terms of educational purpose and for awareness around the world to let people know how relatively easy it can be with some IT knowledge to hack something, just with the use of a single receiver and a linux distro.
OTW's voice is soo soothing, calm and gentle. A master indeed. Thanks David for continuing this series. YOu should have included OTW in the video title tho
I bought the RTL-SDR when I saw the video this morning and just got it in the mail. This is easily the coolest thing I've ever done (still a beginner in cs/networking). Thanks for the video, will be purchasing the HackRF One next!
Commands to figure out what devices are in firmware: dmesg; lsusb -v; lspci -v; ls -lart /dev | tail If you know that the device is a character device that gives a bit more info. You can also do a deep query on a particular device by id. On Sparc Solaris there is a dedicated firmware layer that you can enter and depending on the device (if not a laptop) there may be dedicated means of controlling or configuring firmware
Mercedes use two freqs for their keyfobs. The jam portion is tough because the HackRF or other SDRs do not have the power output necessary unless you are literally standing next to the target. The roll + jam method will work but it is a proximity based method. I prefer to use URH to record and analyze signals + replay. As always David another great video.
To filter lsusb results to show only SDRs you could pipe grep (-iF = case insensitive), if "SDR" is included in the product title. Example: lsusb | grep -iF "sdr"
THANK YOU DAVID! for another Mr. Robot series and I love this stuff. one thing to mention your show more section is a full of information that is a great thing to get information keep it up!
One of my senior projects in college was to create a wireless ECU device. I had so much fun accidentally DoSing the CAN in my car. Your engine sounds really funky when the sensors can’t communicate.
Firstly thanks David and OTW (Occupy the Web) for this wonderful series, it was so informative and got to know and learn so many thing form this video it's just amazing eagerly waiting for further videos. Love Form INDIA..
Fun fact about signal jamming to counter radio controlled IEDs in Afghanistan…our jammers in our trucks actually block the satcom signal we sit on for higher command. We were using that frequency over sat to call in medevacs and one time, we took a casualty and we had to call in a medevac right away. But our ground force commander was getting no dice with the sat comm. comes right up to my truck, flips the switch on the jammer, and finally got higher on the radio. Now, I didn’t know this at the time but everyone around me assumed I did so I got yelled at for having the jammer on when it should have been off. But - the Taliban are very, very, very, smart. It was always a joke they are just a bunch of cavemen in paper sandals and pajamas. Nope. Very intelligent individuals. So when they realized inside our trucks were hammers to jam radio and cell signals to counter their IEDs attack, the Taliban increasingly (and quickly too) moved to using what we call “command detonation” initiation. A physical power crowd that some times ran hundreds and hundreds of feet, sometimes burried under a few inches or maybe even a foot of dirt and would run into an orchard or into a random civilians home and they would sit and wait and remotely set off the IED with a cable that ran all the way to it. We came across a couple of those when I was there along with reverse pressure plate initiations (meaning, releasing the pressure from the plate sets it off - they would put big rocks in the middle of the road knowing we obviously have to move the rock and once it’s lifted up, the IED goes off) and standard pressure plated IEDs. I think we only came across one “RC” IED in 2014 and about 300 yards away I saw a guy in the window banging on his cellphone through my scope looking all confused. I asked to fire on him as I was 100 percent certain he was infact - the trigger man and he was awake wayyyyyy too earlier yo be making cellphone calls but was told to let him go. Our jammers 100 percent jammed the signal and would not detonate that IED we found
@@kensmechanicalaffair no thats absolutely not a stupid question thats actually a really good question. Now how we use our eyes to look for something that isnt right in the ground is look at the dirt all around you and look for a patch of dirt that clearly looks like its been turned over. Alot of times, the taliban planted IEDs on us the night before or two nights before. Which would mean when they cover the IED back up with dirt, its being mixed with the colder, more moisture rich dirt they dug up. So if the IED was planted a night or two before, youll notice a patch of dirt in the road that looks darker than the rest of the road. That would also mean that the dirt that surrounds the IED is cooler than the surrounding dirt. So if you used a thermal camera to pick up on the road, youll noticed a spot that looks cooler than the rest of the road and that would be a warning sign that dirt was recently turned over which could indicated an IED was planted there. We dont normally use thermal cameras but on occasion we actually did. We had them on trucks to actually look up at the mountain peaks to look for spotters or possible trigger men but there was a time we found that weird looking patch of dirt and had the K9 go up to the dirt, and wouldnt you know it....she hit on the dirt (meaning shes saying something is here) and it was 4 jugs of HME. Which is like a fertilizer they like to use for IEDs and my Thermal camera on the truck that morning actually saw the spot on the road where the dirt was cooler than the rest. So no, deff not a stupid question. But I wouldnt rely on something like a thermal camera to pick up on that. Radio jammers, dogs, Ground Penetrating Radar, and your own instinct works best.
I worked on EA-6B Prowler electronic warfare aircraft. In my day they were mainly used for radar surveillance and jamming but during the GWOT they were upgraded to deal much more with communications surveillance and jamming. The ability to do a lot of what is discussed in this video but at a different level (record and playback, IMSI catcher, etc) gave the platform a whole new mission in life which was great to see. Sadly the Marine Corps decided to retire the platform and there is no real replacement at this time.
Love these, I’ve watched each one as soon as they come out. Please keep this series going, I don’t even watch Mr Robot, this is better than the real show.
Awesome, this is actually exactly the hack I was hoping to see explained on here! Sounds a lot like the radio jamming The Weatherman (from Negativland) does.
I’m learning so much valuable information from your videos! Fantastic quality, great learning tool, and better yet, it helps to make these things make sense in the real world. Cannot thank you enough for your incredible work!!!
some times I just feel so overwhelemed with the amount of things we need to learn to be good hackers that is crazy. I want to read about so many things but I just don't have the time for it. this particular field(radio) is one I had always liked but I just don't have the time because of all the many things I had been trying to do at the same time. i want to learn about API for hacking, radio, binary exploration, web exploration, debugging, coding, malware analysis, reverse engineering and much more. and each of these things take years to really get a good understanding of it
Im new to the cyber security world, but come from the automotive field (nearly a decade as a certified mechanic). Super interesting to see how this was carried out as I actually understand the automotive side of things. I would be curious to see how this works on newer vehicles with SDGM (Serial data gateway) modules or the newer "K-line" that is primarily dedicated to prevent cyber attacks on EVs. Id be willing to teach some automotive electrical/data communication knowledge to anyone wanting to network!
Why aren't keyfob locks and ignition using challenge/response with public key cryptography, having the car offer a random number, and only accept the command if the command + the random number are signed with a private key stored in the fob ?
This is right up my alley! I've theorized how to do some of this stuff. It's a dream of mine to hack Voice over LTE on the LG V20 smartphone so we can use open sourced ROMs. Thanks for teaching me about some of the tools.
Another great video, I am glad that I started watching you a couple of months ago David :) But I have a question - could you make a video with a list (or maybe something else) with best latops in 2022 for security? I know you probably get a lot of this kind of request but still... it would be nice to see something like this on your channel, just my thought - hope you don't mind.
hey david.. Once you jamm the key fob signals so the cars would'nt be able to get lock is it right .so why you need to replay the signals with transmitter to open the door..The door would'nt be locked becauuse of jamming
Thanks for the info, but OTWs website could use some help with the css… It’s almost unusable on an iPhone13 Pro Max. Lots of blank black space. I think the media queries aren’t working maybe?
So maybe one thing i did not understanf. If you jam the signal by sending white noise at an intensity strong enough to block the key transmiter..... When you try to read the actual key code from the fob.... Wouldn't you capture only the whitenoise? @David Bombal
Another good Hackrf alternative is the limesdr mini, it’ll do full duplex and has slightly higher bandwidth. It has decent support with most SDR related software but is not quite prolific as the Hackrf
Hi David, would you able to have hackers elaborate how crypto exchanges are hacked seemingly most of them using blockchain? How do we get back the fund or retrieve back in case we were scammed?
Great content, as usual! I love this Mr. Robot series! I wonder if there are any code dumps for certain makes and models on the “darkish” web… sort of like a RockYou-esque txt file of codes. Wouldn’t shock me ha ha.
You can record and resend fob code but this will not unlock any car, each time you press any unlock but another code is expected for all cars of this century
When using the sniffer, could you not connect to OBD11 port and sniff a data sample of the target vehicle? I worked for a GPS tracking company and, we would drive the most strictly controlled ( what we could control) route accounting for traffic, red lights etc,. All the while capturing the NEMA and OBD11 data and we could loop that data into our tools and recreate the test drive for a number of reasons. This is pertinent as we could learn a lot from the data including the the manufacturers implementation of the SPEC i would have added quotes to SPEC, but you all know why that doesn't translate. YOU ARE ABSOLUTELY CORRECT. . it is so loosely defined that we consider it a guideline rather that a SPEC. Freighters and MAC K trucks would change their stuff every couple of years. it was challenging. If there is a method available for one to grab a data capture from the actual target vehicle and collectively with the community we could compile a database for every ones benefit. OOPS! I reacted before finishing you demo. Sorry bout that.
I love this video and iam manoj waiting for my HackRf One. Iam the The July recipient for the Great Scott Gadgets Free Stuff Program from India. Thankyou so much that you give so many information about SDR in this video. My HackRf One was in transit after receiving iam going to learn IOT Penetration testing. I love to do car hacking... I have the RTL-SDR Device but through that device i cant doo replay attack. Thankyou so much to provide this video on TH-cam.
Here is one that will cook your noodle. Bypass the rolling codes on the key fob by first capturing any signal ..then jam the keyfob signal..this will tell the computer to allow ANY previously used rolling code (which you have already captured one) to unlock the car..then playback the captured signal. Cheers 🍻
yea tesla does spread spectrum watched a video where they tried this and it was hard to tell what one there looking at but i have seen that there was a program your able to highlight the section you want to replay and do it that way
so i got this older honda suv and someone broke the door cylinder in a public place last summer. why this craze for hi tech in cars, push button start, cyl deactivation, wifi hotspot, apple this, android that? what are car makers doing to secure vehicles? all the bad guys need to do these days is tow the vehicle from the victim driveway! it happened for real, education or not.
I wonder if the canbus can access the ecu of the car and allow say a fuel map reflash so someone's economy suddenly becomes sluggish and leaned out so car starts stuttering..
This is reason alone to drive an old car. Any car newer than -08 this could be done to pretty much. Some older tha. That... They can lock your throttle on max and turn of the brakes for example.
I need an affordable easy to use car alarm hacker my neighbors have been spiting me and they are using their car alarm even in times I am asleep it is so noisy and sometimes when I do things in front the house they turn in their car alarm and that really gives me a fright. I need really need a car alarm that can hack theirs so I'll be using their cars to annoy them too. Revenge is needed. Please those narcissistic neighbors people here are really in the death note list for 11 years now
37:20 if you're already inside the vehicle, no more hacking need lol. Just flash the ECU modules to disable any anti-theft system. From that point on, all you need to do is power to the corresponding OBD2 pin to start the ignition, then the other pin to activate the starter. And drive off.
The Mr Robot series with OTW (Occupy the Web) continues. OTW explains how hacks shown in the Mr Robot TV Series actually work (and if they are actually realistic). He compares real world car hacking vs what is shown in the TV series.
// MENU //
00:00 - On This Episode of Hack Like Mr Robot!
00:30 - Welcome Back//OTW
00:45 - The Mr Robot Hack We're Doing
02:05 - Cars Becoming Like Computers
02:43 - Software Defined Radio Is Everywhere!
04:11 - Hardware Used//RTL-SDR
04:31 - Software Used//HDSDR
06:17 - Mr Robot//Car Hacking Strategies
08:21 - SDR//Ukraine Conflict
10:00 - Next Step//Signal Jamming
11:14 - Different SDR Software
12:01 - Osmocom//Generate Jamming Signal
14:26 - Sending Out Jamming Signal
15:03 - Signal Jamming Used to Protect Politicians
17:22 - Which Interface to Use?
18:17 - The HackRF//Pros & Cons
19:54 - Signal Generator Waveform Flags
20:37 - Next Step//Capturing the Signal
22:13 - Next Step//Sending the Signal//Replay Attack
25:45 - Next Step//Connecting to ODB2 Port
27:09 - ODB2 Protocols
28:00 - Car Hacking Research//can-utils
29:10 - Car Simulator//ICSim
30:53 - Starting Simulator
32:10 - Capturing Commands to Start the Car//cansniffer
33:56 - Logging//candump
35:06 - Searching log file for commands
35:42 - Sending command//cansend
37:05 - Mr Robot Hack//Realistic?
39:08 - Metasploit Car Hacking Modules
41:08 - Comment!//Which Hack Next?
// DEVICES //
RTL-SDR: amzn.to/3cag953
HackRF One: greatscottgadgets.com/hackrf/one/
// Previous Videos in the Series //
Mr Robot Ep 1: th-cam.com/video/3yiT_WMlosg/w-d-xo.html
Mr Robot Ep 2: th-cam.com/video/7V9_x97s4g8/w-d-xo.html
// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam: th-cam.com/users/davidbombal
// Occupy The Web social //
Twitter: twitter.com/three_cube
// Occupy The Web books //
Linux Basics for Hackers: amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh
// Other books //
The Linux Command Line: amzn.to/3ihGP3j
How Linux Works: amzn.to/3qeCHoY
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
pin your comment
Uhm. Maybe not really possible. Since now the LimeSDR are not made anymore. Ore sadly a lot of money with the question of its the original and not an chinese bad copy.
How can we locate cellphones with maybe a hackRF. Ore a better sdr receiver with a gsmscan?
Just an idea to input.
Personally I am glad these are still 40 minutes long and extra informative. Please do not condense them into 20 second shorts like all the other channels are suddenly doing. I hate shorts so much
I really agree with that.
Me too. It's upsetting 😭
Agree
Agree
shorts only work on things that only need a few seconds to relay, this isn't something that you can easily do that with.
very nice to see this. Well done.
I am a senior cyber security consultant with 25+ years experience. Despite your channel having a beginners focus, it's still enjoyable for us veterans.
Nice thing you are doing here David. The best of luck to you mate.
Reza Sayadi I need help, plz ,people are remote controlling my phone and setting the properties at unhealthy levels, it's something I can't stop, plz help
@@johnfarmer1734 hard reset or throw away
I love this Mr. Robot series! Thanks for making more of these videos David.
Glad you like them Tejas!
@@davidbombal This interviews with this guy and the tiktok one just love those series. Keep grinding kind sir
who hates it! its entertaining and informative as hell!!
I LOVE OTW’s book, “Linux Basics for Hackers”, I’ve learned quite a bit from him, also love Mr Robot, an awesome series (I wish they’d make more). Love your channel too David. This is a TRIPLE WIN. Thank you all.
@@davidbombal Could you make a series on hacking feature phones like J2ME and Kai Os? With or without internet access. Thanks!!
Love the serie, David! Keep them going. I think this is so important in terms of educational purpose and for awareness around the world to let people know how relatively easy it can be with some IT knowledge to hack something, just with the use of a single receiver and a linux distro.
OTW's voice is soo soothing, calm and gentle. A master indeed. Thanks David for continuing this series. YOu should have included OTW in the video title tho
I am becoming more and more fan of this TH-cam channel , the time they spend is awesome .. so inspirational
I bought the RTL-SDR when I saw the video this morning and just got it in the mail. This is easily the coolest thing I've ever done (still a beginner in cs/networking). Thanks for the video, will be purchasing the HackRF One next!
What is that
Commands to figure out what devices are in firmware: dmesg; lsusb -v; lspci -v; ls -lart /dev | tail
If you know that the device is a character device that gives a bit more info. You can also do a deep query on a particular device by id.
On Sparc Solaris there is a dedicated firmware layer that you can enter and depending on the device (if not a laptop) there may be dedicated means of controlling or configuring firmware
The only series I've been waiting...
It's just amazing....
Respect bombal🤗
Thank you! Glad you are enjoying the videos :)
Mercedes use two freqs for their keyfobs. The jam portion is tough because the HackRF or other SDRs do not have the power output necessary unless you are literally standing next to the target. The roll + jam method will work but it is a proximity based method. I prefer to use URH to record and analyze signals + replay. As always David another great video.
i find a mixture of porta hack2 and zipper does the job - add an ext module for the flipper to get more range and power
You're my role model as a jnr software engineer, Big Love from Ghana. God bless you.
To filter lsusb results to show only SDRs you could pipe grep (-iF = case insensitive), if "SDR" is included in the product title.
Example: lsusb | grep -iF "sdr"
THANK YOU DAVID! for another Mr. Robot series and I love this stuff. one thing to mention your show more section is a full of information that is a great thing to get information keep it up!
One of my senior projects in college was to create a wireless ECU device.
I had so much fun accidentally DoSing the CAN in my car. Your engine sounds really funky when the sensors can’t communicate.
Best series on TH-cam, educational and very entertaining. Thank you, Mr. Bombal.
Firstly thanks David and OTW (Occupy the Web) for this wonderful series, it was so informative and got to know and learn so many thing form this video it's just amazing eagerly waiting for further videos. Love Form INDIA..
My favorite series on TH-cam. Thanks so much!
Thank you so much Scott! Glad you are enjoying it :)
These interviews with Ocupy the Web are amazing! His insight to all the differing techniques and history of technologies are just incredible.
I'm so glad I just found your channel, this free information is top notch. Amazing! Thank you David!
We been waiting eagerly sir the robot. 🤖 keep posting David
You're welcome! I hope you enjoy the video :)
at 17:31 you can use dmesg -w from a root terminal then plug in your device to figure out which one it is.
I work at a car dealership. I told everyone I wanted to learn how to hack cars now everyone thinks I am going to steal one.
This is just a white collar version of kia boys lmao. Love the content and the editing is top notch!
Fun fact about signal jamming to counter radio controlled IEDs in Afghanistan…our jammers in our trucks actually block the satcom signal we sit on for higher command. We were using that frequency over sat to call in medevacs and one time, we took a casualty and we had to call in a medevac right away. But our ground force commander was getting no dice with the sat comm. comes right up to my truck, flips the switch on the jammer, and finally got higher on the radio. Now, I didn’t know this at the time but everyone around me assumed I did so I got yelled at for having the jammer on when it should have been off. But - the Taliban are very, very, very, smart. It was always a joke they are just a bunch of cavemen in paper sandals and pajamas. Nope. Very intelligent individuals. So when they realized inside our trucks were hammers to jam radio and cell signals to counter their IEDs attack, the Taliban increasingly (and quickly too) moved to using what we call “command detonation” initiation. A physical power crowd that some times ran hundreds and hundreds of feet, sometimes burried under a few inches or maybe even a foot of dirt and would run into an orchard or into a random civilians home and they would sit and wait and remotely set off the IED with a cable that ran all the way to it. We came across a couple of those when I was there along with reverse pressure plate initiations (meaning, releasing the pressure from the plate sets it off - they would put big rocks in the middle of the road knowing we obviously have to move the rock and once it’s lifted up, the IED goes off) and standard pressure plated IEDs. I think we only came across one “RC” IED in 2014 and about 300 yards away I saw a guy in the window banging on his cellphone through my scope looking all confused. I asked to fire on him as I was 100 percent certain he was infact - the trigger man and he was awake wayyyyyy too earlier yo be making cellphone calls but was told to let him go. Our jammers 100 percent jammed the signal and would not detonate that IED we found
Just like movie "The Hurt Locker"
This is a stupid question, but could you possibly see an I.E.D with a thermal camera? Before it explodes of course, lol.
@@kensmechanicalaffair no thats absolutely not a stupid question thats actually a really good question. Now how we use our eyes to look for something that isnt right in the ground is look at the dirt all around you and look for a patch of dirt that clearly looks like its been turned over. Alot of times, the taliban planted IEDs on us the night before or two nights before. Which would mean when they cover the IED back up with dirt, its being mixed with the colder, more moisture rich dirt they dug up. So if the IED was planted a night or two before, youll notice a patch of dirt in the road that looks darker than the rest of the road. That would also mean that the dirt that surrounds the IED is cooler than the surrounding dirt. So if you used a thermal camera to pick up on the road, youll noticed a spot that looks cooler than the rest of the road and that would be a warning sign that dirt was recently turned over which could indicated an IED was planted there. We dont normally use thermal cameras but on occasion we actually did. We had them on trucks to actually look up at the mountain peaks to look for spotters or possible trigger men but there was a time we found that weird looking patch of dirt and had the K9 go up to the dirt, and wouldnt you know it....she hit on the dirt (meaning shes saying something is here) and it was 4 jugs of HME. Which is like a fertilizer they like to use for IEDs and my Thermal camera on the truck that morning actually saw the spot on the road where the dirt was cooler than the rest. So no, deff not a stupid question. But I wouldnt rely on something like a thermal camera to pick up on that. Radio jammers, dogs, Ground Penetrating Radar, and your own instinct works best.
@@Kaotix_music Interesting, thanks for the reply.
I worked on EA-6B Prowler electronic warfare aircraft. In my day they were mainly used for radar surveillance and jamming but during the GWOT they were upgraded to deal much more with communications surveillance and jamming. The ability to do a lot of what is discussed in this video but at a different level (record and playback, IMSI catcher, etc) gave the platform a whole new mission in life which was great to see. Sadly the Marine Corps decided to retire the platform and there is no real replacement at this time.
Connector name is OBD2 (OBDII) and network is CAN-BUS, which is network on which any modern car's ecus communicate between each other.
Love these, I’ve watched each one as soon as they come out. Please keep this series going, I don’t even watch Mr Robot, this is better than the real show.
Very much interesting! Your interviews with OTW is a gold mine of valuable informations! Thank you so much!
Awesome, this is actually exactly the hack I was hoping to see explained on here! Sounds a lot like the radio jamming The Weatherman (from Negativland) does.
Things didn't end well for Mobley, & Romero from what I remember. Thanks, David, & OtW. I enjoyed this.
Glad you enjoyed the video Joe!
I’m learning so much valuable information from your videos! Fantastic quality, great learning tool, and better yet, it helps to make these things make sense in the real world. Cannot thank you enough for your incredible work!!!
some times I just feel so overwhelemed with the amount of things we need to learn to be good hackers that is crazy. I want to read about so many things but I just don't have the time for it. this particular field(radio) is one I had always liked but I just don't have the time because of all the many things I had been trying to do at the same time. i want to learn about API for hacking, radio, binary exploration, web exploration, debugging, coding, malware analysis, reverse engineering and much more. and each of these things take years to really get a good understanding of it
10:38 in video duration, I like your goldfish shark canvas very creative 👌👍
Hi, just some info, port in cars to connect to car computer is OBD II (On-board diagnostics) and not ODB II
This was an awesome episode as I don't know much about car hacking, but it seems very interesting.
Wow, that was a great talk. I really enjoyed this one. Cheers!
Great video guys. I hope you go over hacking the ESP32 soon
Im new to the cyber security world, but come from the automotive field (nearly a decade as a certified mechanic). Super interesting to see how this was carried out as I actually understand the automotive side of things. I would be curious to see how this works on newer vehicles with SDGM (Serial data gateway) modules or the newer "K-line" that is primarily dedicated to prevent cyber attacks on EVs. Id be willing to teach some automotive electrical/data communication knowledge to anyone wanting to network!
Why aren't keyfob locks and ignition using challenge/response with public key cryptography, having the car offer a random number, and only accept the command if the command + the random number are signed with a private key stored in the fob ?
This is right up my alley! I've theorized how to do some of this stuff. It's a dream of mine to hack Voice over LTE on the LG V20 smartphone so we can use open sourced ROMs. Thanks for teaching me about some of the tools.
I started to watch your show daily. Amazing learning experience 👌
Tak!
David + OTW = Best way to learn hacking
The best hacking series. I am loving this even more than the mr. robot itself.
OTW is amazing,Must have TH-cam channel
Awesome video, I especially liked the DragonOS part!
Cemaxecuter I am constantly checking your videos💯👌
I love Mr. Robot!! Thank you for the video!! Plus I have the first book you mentioned and love it!!!
Another great video, I am glad that I started watching you a couple of months ago David :)
But I have a question - could you make a video with a list (or maybe something else) with best latops in 2022 for security? I know you probably get a lot of this kind of request but still... it would be nice to see something like this on your channel, just my thought - hope you don't mind.
You both are great humans ! learning and sharing. absolutely appreciated!
hey david.. Once you jamm the key fob signals so the cars would'nt be able to get lock is it right .so why you need to replay the signals with transmitter to open the door..The door would'nt be locked becauuse of jamming
Hi David, I retired from my job regarding my health situation, Now I want to start by learning ethical hacking..! Where to start.? 😥
Thanks for the info, but OTWs website could use some help with the css… It’s almost unusable on an iPhone13 Pro Max. Lots of blank black space. I think the media queries aren’t working maybe?
Man OTW is the OG in hacking. Have been following him since the null byte era.
28:20 Why is he using sudo from a r00t prompt in Kali?
Amaziiiing, so informative as always. Thank you
So maybe one thing i did not understanf. If you jam the signal by sending white noise at an intensity strong enough to block the key transmiter..... When you try to read the actual key code from the fob.... Wouldn't you capture only the whitenoise? @David Bombal
Can these devices send and receive smoke signals? For a native American like myself, that would be a handy function.
Another good Hackrf alternative is the limesdr mini, it’ll do full duplex and has slightly higher bandwidth. It has decent support with most SDR related software but is not quite prolific as the Hackrf
Is it legal in the US for my to try this on my own car? I'm trying to research for the answer but I'm having a tough time.
It was amazing sir, next will be related Traffic signal hacking
You guys are awesome! Thanks for this series!
Your channel has gotten me so interested in cybersec. Love this content!!!
Please keep up these mr robot explaination and demonstration videos. Love!
Hi David, would you able to have hackers elaborate how crypto exchanges are hacked seemingly most of them using blockchain?
How do we get back the fund or retrieve back in case we were scammed?
David doing it again, this is the reason for your success
How to protect your car from malfunctioning due to remote hacks?
Great video, learnt some good stuff especially on the SDR subject. However, it's OBD not ODB.
Great content, as usual! I love this Mr. Robot series! I wonder if there are any code dumps for certain makes and models on the “darkish” web… sort of like a RockYou-esque txt file of codes. Wouldn’t shock me ha ha.
You can record and resend fob code but this will not unlock any car, each time you press any unlock but another code is expected for all cars of this century
dam! controlling the Frequency is useful and make our plans easier
Reprogramming incoming nuclear ICBMs (in flight) sounds like my next home defense project...
When using the sniffer, could you not connect to OBD11 port and sniff a data sample of the target vehicle? I worked for a GPS tracking company and, we would drive the most strictly controlled ( what we could control) route accounting for traffic, red lights etc,. All the while capturing the NEMA and OBD11 data and we could loop that data into our tools and recreate the test drive for a number of reasons. This is pertinent as we could learn a lot from the data including the the manufacturers implementation of the SPEC i would have added quotes to SPEC, but you all know why that doesn't translate. YOU ARE ABSOLUTELY CORRECT. . it is so loosely defined that we consider it a guideline rather that a SPEC. Freighters and MAC K trucks would change their stuff every couple of years. it was challenging. If there is a method available for one to grab a data capture from the actual target vehicle and collectively with the community we could compile a database for every ones benefit. OOPS! I reacted before finishing you demo. Sorry bout that.
Thanks a lot David! Keep these videos coming. Can you please make an episode when Mr. Robot hacked Ron’s coffee? I think its season 1 episode 1
God!!!...your videos are soo informative..Thank you
Thank's David for making videos on SDR .
Agree, this mr robot series is great thanks Dave and OTW
They definitely aren’t thinking security, I mean look at Hyundai, the used the example rsa keys for their encryption
I love this video and iam manoj waiting for my HackRf One. Iam the The July recipient for the Great Scott Gadgets Free Stuff Program from India. Thankyou so much that you give so many information about SDR in this video. My HackRf One was in transit after receiving iam going to learn IOT Penetration testing. I love to do car hacking... I have the RTL-SDR Device but through that device i cant doo replay attack. Thankyou so much to provide this video on TH-cam.
Great video guys! Thank you for sharing all that knowledge ...
Here is one that will cook your noodle. Bypass the rolling codes on the key fob by first capturing any signal ..then jam the keyfob signal..this will tell the computer to allow ANY previously used rolling code (which you have already captured one) to unlock the car..then playback the captured signal. Cheers 🍻
Valeu!
yea tesla does spread spectrum watched a video where they tried this and it was hard to tell what one there looking at but i have seen that there was a program your able to highlight the section you want to replay and do it that way
best content available for learning practical hacking techniques
15:55 Did he call them IUD's? I thought those went somewhere else not related to explosives 😂
so i got this older honda suv and someone broke the door cylinder in a public place last summer. why this craze for hi tech in cars, push button start, cyl deactivation, wifi hotspot, apple this, android that? what are car makers doing to secure vehicles? all the bad guys need to do these days is tow the vehicle from the victim driveway! it happened for real, education or not.
The most amazing episode, interview at mercedes next week as a pentester. 😅
Best wishes for your interview!
Educational purpose GOd bless u as always
I wonder if the canbus can access the ecu of the car and allow say a fuel map reflash so someone's economy suddenly becomes sluggish and leaned out so car starts stuttering..
Honestly love these series, many thanks !
This is so fascinating, had to show all my students.
I'm learning a lot from this fellow. I love this!
Just want to point out @ 15:50 that an IUD and an IED are very different things 🤣
Both can ruin someone's day if used incorrectly 🤔
Very late response, but I'm glad someone else caught that. I had to replay and increase volume to make sure I heard it correctly
This is reason alone to drive an old car. Any car newer than -08 this could be done to pretty much. Some older tha. That... They can lock your throttle on max and turn of the brakes for example.
Robert Bosh invented the can bus in the 70's. It's been controlling the car a long time.
ThankYou David And Master OTW.
Solve this problem with a TOTP code between the car and the key fob? Has this been done yet? I would assume it has, idk.
I need an affordable easy to use car alarm hacker my neighbors have been spiting me and they are using their car alarm even in times I am asleep it is so noisy and sometimes when I do things in front the house they turn in their car alarm and that really gives me a fright. I need really need a car alarm that can hack theirs so I'll be using their cars to annoy them too. Revenge is needed. Please those narcissistic neighbors people here are really in the death note list for 11 years now
Do you need a connection like Hotspot or Bluetooth to rum the software
Do RTL-SDR and HackRF do the same thing?
37:20 if you're already inside the vehicle, no more hacking need lol.
Just flash the ECU modules to disable any anti-theft system.
From that point on, all you need to do is power to the corresponding OBD2 pin to start the ignition, then the other pin to activate the starter. And drive off.
Good to have you back OTW