News: Brand new Jeep Cherokee wirelessly hacked.

TheDamned

New member
https://thescene.com/watch/wired/hackers-wireless-jeep-attack-stranded-me-on-a-highway


They use an exploit in the Uconnect software to directly have access to the CAN bus network, therefore, control almost anything on the car.

An ongoing investigation into the security of Chrysler vehicles bears some pretty startling conclusions. In a couple of weeks, security researchers will reveal the details of a zero-day exploit that affects some 471,000 cars. Put bluntly: Hackers can take complete control of the cars from thousands of miles away.

Longtime car hackers Charlie Miller and Chris Valasek recently demonstrated the dangerous possibilities of the Chrysler exploit to Wired’s Andy Greenberg. The journalist actually took a Jeep Cherokee onto the highway outside St. Louis, while the hackers took over control of the car. Using the Jeep’s Uconnect system, which plugs into a cellular network, the security researchers were able to gain control of the car’s entertainment system and then rewrite the firmware to send commands to critical systems like the brakes, steering, and transmission. Greenberg describes the experience:

As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission.

Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.

What’s especially worrisome about this situation is that Chrysler knows about the vulnerability and doesn’t seem to be taking it too seriously. The company recently released a patch to the Uconnect software that addresses the issue, but it needs to be installed via USB drive or by a dealer.

Meanwhile, Chrysler sort of scolded the researchers for sharing information about the exploit publicly. “Under no circumstances does [Fiat Chrysler Automotive] condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company said in a statement.

Although this is not the first time that security researchers have discovered and shared details of a car hack, it’s starting to get pretty real. When there are almost half a million cars that could be commandeered or bricked with just a few key strokes, it’s time for auto companies to take notice, and embrace the community of researchers and politicians trying to make sure our cars are safe.
 
My borther got his Forester 2014 opened wirelessly yesterday night , i wonder if itsa similar system

(no trace of nothing ) threw shit on the floor, made a mess stole some cd's... left Sunglasses tthere... Car was in the driveway
 
Ce n'était qu'une question de temps....

Parcontre je suis surpris que ca soit pas GM étant donné que ca fait des lunes que leur systeme est en ligne avec Onstar. J'ai tjs pensé que ca serait le premier systeme a etre piraté.
 
Chrysler on du pensé qu'un système par-feu dans c'étais de mettre de la laine minéral contre le feu tout le tour du truck.

latest
 
J'avais vu sa dans les release notes de la patch juillet 2015 pour uconnect mais je ne savais pas qu'est-ce que c'était supposer regler.

Ça dit que c'est un upgrade de sécurité pour les modèles américains seulement (étant donné qu'on a pas le modem pour le service uconnect via cellulaire ici)

On est correct au Canada, on paie plus cher pour moins de features. Merci Chrysler de penser à notre sécurité et à vos profits avant tout.
 
Trying to understand how the accelerator, brakes and transmission are accessible through Uconnect. That is just unbelievable.
 
Trying to understand how the accelerator, brakes and transmission are accessible through Uconnect. That is just unbelievable.

Accelerator and brakes can be controlled by the ECU through the traction/stability controls. It has a DBW throttle and the ABS pump can activate/cancel the brakes.

Steering can be controlled by the ECU in reverse because of the park assist function.
 
Trying to understand how the accelerator, brakes and transmission are accessible through Uconnect. That is just unbelievable.

ils se sont servi de Uconnect pour aller faire un flash et implanter leur propre firmware sur un chip
et par ce chip reprogramme ils accedent le CAN Bus
 
How are they getting access to Uconnect on a particular vehicle? Are they preloading something into the vehicle beforehand?
 
http://auto.lapresse.ca/actualites/...-chrysler-rappelle-14-million-de-voitures.php

Le constructeur automobile Fiat Chrysler (FCA) a décidé de rappeler 1,4 million de véhicules aux États-Unis pour effectuer une mise à jour de leurs systèmes informatiques embarqués, après le piratage d'un modèle Jeep Cherokee par deux chercheurs.

L'ex-Chrysler affirme n'avoir eu connaissance d'aucun blessé ou d'une quelconque réclamation à l'exception de l'exemple démontré par les deux chercheurs.

Les véhicules concernés sont le Jeep Grand Cherokee et la Cherokee années modèles 2014-2015, les camionnettes à plateau RAM 1500 (2013-2015), les Dodge Viper (2013-2015), Durango (2014-2015), Challenger (2015) et les berlines Chrysler 200 et 300 (2015).

Les chercheurs informatiques Charlie Miller et Chris Valasek affirment avoir pris le contrôle d'un modèle Jeep Cherokee en imposant au conducteur, un journaliste du magazine Wired, des manoeuvres qu'il ne maîtrisait pas.

Le journaliste de Wired avait notamment vu la radio du véhicule commencer à fonctionner toute seule, puis les essuie-glaces se déclencher ainsi que le lave-vitre, le moteur ralentir puis se couper et enfin les freins disparaitre.

FCA US a indiqué avoir créé une mise à jour pour le logiciel concerné et que celle-ci est également disponible pour téléchargement à partir d'une clé USB qui permettra aux propriétaires de procéder eux-mêmes à la mise à jour s'ils le souhaitent.

Les nouveaux modèles seront pour leur part équipés d'un dispositif empêchant tout accès à distance du système informatique du véhicule

Le troisième groupe automobile américain affirme effectuer ce rappel à titre préventif car «aucun défaut n'a été détecté» dans les véhicules.
 
How are they getting access to Uconnect on a particular vehicle? Are they preloading something into the vehicle beforehand?

they have to know the IP address of the car and also it's unique ID number, which apparently SPRINT send in the clear on their cellular network
 
Trying to understand how the accelerator, brakes and transmission are accessible through Uconnect. That is just unbelievable.

I programmed CAN Buses on cars in CÉGEP, it's known universal bus for cars, each companies use it their own way. Once you "decode" their protocol you can do anything, really. But you can't just plug a computer in and access the bus lol, u must have a backdoor or someshit to get in.

Accelerator and brakes can be controlled by the ECU through the traction/stability controls. It has a DBW throttle and the ABS pump can activate/cancel the brakes.

Steering can be controlled by the ECU in reverse because of the park assist function.

Exactly.
ils se sont servi de Uconnect pour aller faire un flash et implanter leur propre firmware sur un chip
et par ce chip reprogramme ils accedent le CAN Bus

Je crois pas que c'est ça qui s'est passé.
Je crois vraiment qui ont abusé d'une faille dans uconnect pour faire un classic buffer overflow et ainsi acceder à l'espace mémoire réservé au data du CAN BUS, à partir de là y crisse ce qui veulent dans mémoire.

How are they getting access to Uconnect on a particular vehicle? Are they preloading something into the vehicle beforehand?

No, read above.

All drive by wire with CAN signals.

Yep
 
And thats why you buy a manual. Hackers take control of your accelerator? Pop it into neutral and slowly pull the E-brake.
 
they have to know the IP address of the car and also it's unique ID number, which apparently SPRINT send in the clear on their cellular network

Are the vehicles being assigned static IPs by the carrier? Can't they just put the onus on the carrier and get them to not be retarded and employ a modicum of encryption?
 
Back
Top