05/10/2018 (Thu) 20:15:46
>>12212>>Well now you have peaked my interest. I have a few questions: >How can you interface with the board? >What sort of limits does the board control? >Is the board running a full operating system or just firmware?
Search about comma.ai>>12215>>All these questions require to know what is the manufacturer. Some probably only use electric system for turn on the engine, panel controls and air conditioning. Others most probably have a entire system (not just a simple kernel) that controls the break system and the engine (Tesla, for example). >You would probably need access to the ROM of each board, and then to hack you would need to flash it with a SPI EPROM flash device, such as Bus Pirate or a BeagleBone Black. >So, first of all, you need to bypass the alarm system. Many people intercept the signal from the key. Once you get into the car, dump the ROM using flashrom. Go home, crack into it (probably has TPM authetication, good luck). Then go back to the car and flash the new ROM. If the car has 4G connection, you could (hypothetically) control it remotely... >Useful tools for hacking the ROM is a fuzzer, such as this, and some good knowledge on reverse engeneering (read the IOCCC contest tutorials). >p.s: I don't have experience with that, by the way.
Message too long. Click here to view full text.