1
00:00:07,020 --> 00:00:13,020
Welcome to a special bonus section for my ethical hacking students, this is a tutorial you can't find

2
00:00:13,020 --> 00:00:16,280
anywhere else on the Web or in any other course that I've found.

3
00:00:16,680 --> 00:00:21,780
It's also one of the favorite lessons of our past two years of National Cyber Warrior Academy students.

4
00:00:22,000 --> 00:00:24,470
So I wanted to share it with you in this video.

5
00:00:24,570 --> 00:00:28,140
It makes use of some of the skills that you've been building up in Cauli Linux.

6
00:00:28,140 --> 00:00:32,220
And it will also show you a little bit about packet sniffing, some things that we use when we touch

7
00:00:32,220 --> 00:00:33,370
Wireshark, et cetera.

8
00:00:33,900 --> 00:00:38,490
It's also a good way to understand how to hack a modern car.

9
00:00:38,940 --> 00:00:43,830
So we know that since the 1990s, computers have been running in cars.

10
00:00:43,830 --> 00:00:50,760
We had a network looks something like this called the Controller Area Network for more than 20 years.

11
00:00:51,030 --> 00:00:57,170
And the average modern car ships with as many as 50 microchips.

12
00:00:57,180 --> 00:01:01,630
So 50 little microcontrollers and an average production vehicle out there right now.

13
00:01:02,040 --> 00:01:07,860
So there are a lot of things going on inside your car that look just like the hacking that we do on

14
00:01:07,860 --> 00:01:08,880
a regular network.

15
00:01:09,180 --> 00:01:15,660
So we're going to connect to a virtual controller area network or a V can, and we're going to see how

16
00:01:15,660 --> 00:01:20,430
to simulate a controller area network safely on Calli Linux first.

17
00:01:20,700 --> 00:01:27,120
And then I have a bonus video that we shot with our National Cyber Warrior Academy here that shows actually

18
00:01:27,120 --> 00:01:29,440
plugging in one of these devices to my car.

19
00:01:29,670 --> 00:01:34,290
There are some great open source tools out there for car hacking or for working on your car.

20
00:01:34,500 --> 00:01:39,690
Ethically, the version that you see on your screen here was created by Craig Smith and the team at

21
00:01:39,690 --> 00:01:40,620
Open Garages.

22
00:01:40,620 --> 00:01:47,400
Doug, this is called the Instrument Cluster Simulator or the I see SIM and the I see simulator of the

23
00:01:47,400 --> 00:01:51,630
instrument cluster simulator simulates a real dashboard and a real car.

24
00:01:51,900 --> 00:01:56,880
And then we have a set of controls under see, you can see we could even use a PlayStation controller

25
00:01:56,880 --> 00:02:03,210
like you see at the bottom of the screen there that will allow us to drive our virtual vehicle so we

26
00:02:03,210 --> 00:02:09,330
can simulate the exact kind of network traffic that you would see in a real production automobile.

27
00:02:09,870 --> 00:02:13,740
But you can do it safely from your computer and Linux.

28
00:02:14,010 --> 00:02:18,300
We're going to do all of the setup that it takes to simulate a controller area network.

29
00:02:18,540 --> 00:02:21,690
And then at the very end, we'll see how to use a little cable like this.

30
00:02:21,690 --> 00:02:26,640
This is a twenty dollar USB cable that you can buy on Amazon.

31
00:02:26,640 --> 00:02:31,200
It's got an onboard diagnostic port connector and then a USB.

32
00:02:31,210 --> 00:02:39,810
This is called a can to USB Cable, but we can set up the Vikan or the can utility's software and this

33
00:02:39,810 --> 00:02:47,370
icey simulator and a couple of tools that we'll learn under the Cain utilities to a real vehicle record.

34
00:02:47,370 --> 00:02:53,640
The packets that are going on when we do things like press the accelerator, turn on the the turn signals,

35
00:02:53,940 --> 00:02:58,590
the blinkers left and right open and or unlock and lock the doors.

36
00:02:58,980 --> 00:03:01,350
So we'll be able to see all of those things real time.

37
00:03:01,470 --> 00:03:08,460
And by the end of this lesson, we'll be able to capture that, then replay it back on a controller

38
00:03:08,460 --> 00:03:14,390
area network so that we can affect the vehicle even when no one's touching those controls.

39
00:03:14,790 --> 00:03:18,120
So this is the same kind of hack that you may have seen on television.

40
00:03:18,510 --> 00:03:26,610
When people connect in using the onboard diagnostic port or when they are able to compromise another

41
00:03:26,610 --> 00:03:32,190
system like the You Connect system that we saw a couple of years ago from Charlie Miller's team compromising

42
00:03:32,340 --> 00:03:38,250
Jeep Grand Cherokee while it was driving by, moving from the you connect to network the dashboard entertainment

43
00:03:38,250 --> 00:03:44,580
system into the actual controller area network to record some signals like the ones that we're going

44
00:03:44,580 --> 00:03:45,890
to see right now.

45
00:03:46,200 --> 00:03:49,170
So I hope you're ready for some cool car hacking.

46
00:03:49,200 --> 00:03:50,820
We're going to learn some practical skills.

47
00:03:51,570 --> 00:03:56,990
You might want to use this ethically on your own vehicle, either to test the security of your vehicle,

48
00:03:57,030 --> 00:04:03,560
make sure that your car company is doing a good job of security or to just be able to work on your car.

49
00:04:03,570 --> 00:04:09,060
When I was a kid back in the 70s, we used to be able to just work on our own cars in our backyards

50
00:04:09,060 --> 00:04:10,140
or in our garages.

51
00:04:10,560 --> 00:04:14,940
These days, you pretty much have to go to a dealer to figure out what's going on with your advanced

52
00:04:14,940 --> 00:04:15,810
cyber car.

53
00:04:16,050 --> 00:04:22,080
We're going to see how to ethically retrieve those signals, how to analyze them a little bit, and

54
00:04:22,080 --> 00:04:29,340
even how to play them back and control a vehicle when no one is touching the controls at the dashboard.

55
00:04:29,790 --> 00:04:31,590
So some really exciting stuff.

56
00:04:31,590 --> 00:04:36,360
Like I said, one of the most fun lessons that we do in the Cyber Warrior camp, and you're going to

57
00:04:36,360 --> 00:04:40,260
get a chance to see how to do every bit of it step by step with full instructions on the screen.