Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- me takes off the duffelbag onto the passenger seat - taking out a laptop from it.
- me takes out a 14mm ratchet from the backpack after placing the laptop onto the passenger-
- do -seat, then starts removing two bolts from each side of the glovebox.
- me rapidly drops the bolts onto the passenger seat with the ratchet, then reaches for a knife-
- do -inside the duffelbag and places the small switchblade under the peg; popping it off and push-
- do -ing the slides off the pegs holding the glovebox.
- me carefully removes the glovebox - ensuring not to hit any of the power-wires around-
- do -the glovebox, then finally pulls it off the vehicle and places it into the back of the car.
- me reaches for his laptop as he signs himself in.
- me reaches into the duffelbag, taking out a JTAGulator, Bus Pirate Cable and an OBD to DE-9 cable.
- me hooks up the Micro USB connector to the laptop and the JTAGulator.
- do The JTAG turns a green light.
- me connects the Bus Pirate Cable into the ECU behind the empty slot in which the glovebox was.
- me hooks up the OBD to DE-9 cable to the laptop and then to the CAN BUS.
- me runs the laptop, then opens up VMWare and starts a Linux-based OS.
- me types in "# ip link set can0 type can bitrate 500000 listen-only on".
- do Bitrate is 500k.
- me types in "# ip link set can0 up" to start up the network.
- me types in "# candump -cae can0,0:0, FF" to start sniffing.
- me starts setting up the .json file as to set up the port for the network, setting the root as-
- do -WWW and the port as 2515.
- me types in "{"DeviceType": "simulator", "DeviceFile": "simulator.json"}".
- me starts using candump to save the packets by typing in: $ candump -1 can0,0:0, FF.
- me begins to enable the log file.
- me edits the ECU response, changing the 7F (stands for failure) to 67.(stands for acceptance).
- me reaches into the bag once more, taking out a small USB with a sticker on it-
- do -labeling it "Funcube Dongles".
- me hooks up the Funcube Dongles into the laptop, then starts detecting wave signals emitted-
- do -by the immobilizer.
- me starts feeding data into the immobilizer - jamming the keyfob signal to keep the RFID-
- do -the same, then playbacks the log, using it to force the immobilizer open by using the jammed RFID.
- do -In laymen terms, immobilizer has been bypassed.
- me starts up the virtual device for playing the offline stream through the CAN BUS to-
- do -the ECU, which now has the spoofed data of the key being available to turn the engine on.
- me types in "# modprobe vcan" "# ip link add vcan0 type vcan" "# ip link set vcan0 up" to-do-so.
- me finally starts playing the virtual device off the log which he has saved earlier by typing-
- do -"$ canplayer vcan0=can0 < candump-sex69.log"
- do Laptop processes as it sends the data to the CAN BUS, then the vehicle engine should turn on.
- me slips everything back into his dufflebag.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement