Automotive hacking: Remotely hacking into a brand new car | Upstream Security
34,656
Published 2020-01-20
🌐Check Out Our Website! upstream.auto/
🔔 SUBSCRIBE IF YOU ARE NEW AND TURN THE BELL ON
Watch More Videos:
▶️ Introduction to Upstream Security
• Introduction to Upstream Security - A...
▶️ Upstream & Thales Discuss Cybersecurity for Smart Mobility
• Cybersecurity for Smart Mobility | Up...
▶️ Securing the connected car- how big is the problem?
• Securing the Connected Car- How Big i...
Thanks for being with us!
👍 Like the video
💬 Comment if you made it till the end!
🔗 Share the video with anyone you think it might he
All Comments (21)
-
Cool buddy 👍🏻 From Malaysia 🇲🇾
-
The victim's acting is terrible, and this is nowhere near as easy as it's depicted. For those wondering, this attack shown here involves using a pickle exploit to serialize malicious code that when submitted to a server, pipes in a backdoor for a remotely executable reverse shell. There is no way they hacked a legitimate car manufacturer's telematics server to do this. That would require either permission and granted access (which would make this 'hack' a literal joke), or a massive amount of OSINT entirely predicated on the attacker knowing about the server's serialization vulnerabilities and them existing in the first place. On top of that, being able to identify and pinpoint a certain subnet IP for one specific victim would be like looking for a needle in a haystack, unless it was known beforehand, which would otherwise have required the attacker to have been in close physical proximity to the vehicle at some prior point in order to sniff its IPv4 or IPv6 address. This was obviously set up, likely by using an aftermarket telematics device that was plugged into this vehicle's CAM-BUS system and configured to connect to a server that they had access to and controlled.
-
How to do that
-
Give the code file!
-
Which magical python script is he running
-
good isral
-
I want to learn. Will you please give some hint where I can learn?
-
That is very god
-
If only they did not show the screen, it would be more convincing that the guy is a professional hacker
-
But you can't just exploit a remote server with just one command 🤔
-
This is fucking hilarious
-
Ok I just won’t get a car with folding mirrors
-
Hack the BMS over load the battery and lock the driver inside.
-
I have never seen a man so genuine as this guy🔝he’s really a man of he’s words ❤️
-
please spanish subtitles!
-
Homie is bashing that enter key. Also.. this does not seem real.
-
Which language u You used please tell
-
Are you using just a command or python you downloaded to your Computer? Thanks
-
So if you install a malicious update on a computer (even though it's a driving one) with full privileges, you can bring the computer to do malicious stuff? Shocker! Maybe do a video next time where you 1337 h4x a laptop, by downloading a virus and installing it onto the laptop with admin privileges, it's crazy that it can access your webcam and shut down suddenly!
-
Wow this sounds like what happened to me