Step 1 - identifying assets and entry points

Every car is different with some models having more features than other models. Research the publicly available resources on Subaru-connected vehicles and the different features between models and years. For example, we know a connected vehicle have access to the internet via a cellar 4G/LTE connection, but others may gain internet access via tethering to a phone's connection or other means such as Wi-Fi. Let's start there and document what we know about the target vehicle before performing any active attack phases:

  • Cellular connectivity: The Subaru connected vehicles are connected to the internet via AT&T 4G LTE (http://about.att.com/story/att_subaru_bring_4G_lte_to_select_model_year_vehicles.html).
  • Wi-Fi: This is not available in the target Subaru vehicle.
  • Bluetooth: The infotainment system connects devices via Bluetooth to access media, device contact books, and messages.
  • Key fobs: To gain access and start this particular vehicle, the key fob is needed. The key fob transmits at the frequency range of 314.35-314.35 MHz (https://fccid.io/HYQ14AHC).
  • USB connectivity: The infotainment system uses USB to connect a device's media as well as updates for GPS and the infotainment system itself.
  • SD card: The infotainment system has a microSD card slot for GPS maps.
  • OBD II: This is used to access the CAN bus for diagnostics and can flash ECU images on the vehicle for tuning or other performance modifications.
  • CAN bus: Every vehicle has one or multiple CAN buses for in-vehicle communication. The CAN bus is inherently vulnerable and can be sniffed using free tools.
  • Mobile applications: Subaru's Starlink in-vehicle technology connects to the MySubaru application which allows you to lock and unlock your vehicle remotely, access your horn and lights, view car health reports, and locate your vehicle on a map. To use these features, a subscription must be purchased.
  • Web application: In addition to the MySubaru mobile application, Subaru's Starlink in-vehicle technology connects to a web interface which allows you to lock and unlock your vehicle remotely, access your horn and lights, change user settings, schedule services, add authorized users, and locate your vehicle on a map. To use these features, a subscription must be purchased.

Now that we have listed the entry points of a connected vehicle, we have a better idea as to what to target first. We can also gauge the level of effort based upon our skillset and comfortability.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.147.84.169