The Mr Robot series with OTW (Occupy the Web) continues. OTW explains how hacks shown in the Mr Robot TV Series actually work (and if they are actually realistic). He compares real world car hacking vs what is shown in the TV series. // MENU // 00:00 - On This Episode of Hack Like Mr Robot! 00:30 - Welcome Back//OTW 00:45 - The Mr Robot Hack We're Doing 02:05 - Cars Becoming Like Computers 02:43 - Software Defined Radio Is Everywhere! 04:11 - Hardware Used//RTL-SDR 04:31 - Software Used//HDSDR 06:17 - Mr Robot//Car Hacking Strategies 08:21 - SDR//Ukraine Conflict 10:00 - Next Step//Signal Jamming 11:14 - Different SDR Software 12:01 - Osmocom//Generate Jamming Signal 14:26 - Sending Out Jamming Signal 15:03 - Signal Jamming Used to Protect Politicians 17:22 - Which Interface to Use? 18:17 - The HackRF//Pros & Cons 19:54 - Signal Generator Waveform Flags 20:37 - Next Step//Capturing the Signal 22:13 - Next Step//Sending the Signal//Replay Attack 25:45 - Next Step//Connecting to ODB2 Port 27:09 - ODB2 Protocols 28:00 - Car Hacking Research//can-utils 29:10 - Car Simulator//ICSim 30:53 - Starting Simulator 32:10 - Capturing Commands to Start the Car//cansniffer 33:56 - Logging//candump 35:06 - Searching log file for commands 35:42 - Sending command//cansend 37:05 - Mr Robot Hack//Realistic? 39:08 - Metasploit Car Hacking Modules 41:08 - Comment!//Which Hack Next? // DEVICES // RTL-SDR: amzn.to/3cag953 HackRF One: greatscottgadgets.com/hackrf/one/ // Previous Videos in the Series // Mr Robot Ep 1: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-3yiT_WMlosg.html Mr Robot Ep 2: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-7V9_x97s4g8.html // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: ru-vid.com // Occupy The Web social // Twitter: twitter.com/three_cube // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Uhm. Maybe not really possible. Since now the LimeSDR are not made anymore. Ore sadly a lot of money with the question of its the original and not an chinese bad copy. How can we locate cellphones with maybe a hackRF. Ore a better sdr receiver with a gsmscan? Just an idea to input.
Personally I am glad these are still 40 minutes long and extra informative. Please do not condense them into 20 second shorts like all the other channels are suddenly doing. I hate shorts so much
very nice to see this. Well done. I am a senior cyber security consultant with 25+ years experience. Despite your channel having a beginners focus, it's still enjoyable for us veterans. Nice thing you are doing here David. The best of luck to you mate.
Reza Sayadi I need help, plz ,people are remote controlling my phone and setting the properties at unhealthy levels, it's something I can't stop, plz help
I LOVE OTW’s book, “Linux Basics for Hackers”, I’ve learned quite a bit from him, also love Mr Robot, an awesome series (I wish they’d make more). Love your channel too David. This is a TRIPLE WIN. Thank you all.
Love the serie, David! Keep them going. I think this is so important in terms of educational purpose and for awareness around the world to let people know how relatively easy it can be with some IT knowledge to hack something, just with the use of a single receiver and a linux distro.
Mercedes use two freqs for their keyfobs. The jam portion is tough because the HackRF or other SDRs do not have the power output necessary unless you are literally standing next to the target. The roll + jam method will work but it is a proximity based method. I prefer to use URH to record and analyze signals + replay. As always David another great video.
One of my senior projects in college was to create a wireless ECU device. I had so much fun accidentally DoSing the CAN in my car. Your engine sounds really funky when the sensors can’t communicate.
OTW's voice is soo soothing, calm and gentle. A master indeed. Thanks David for continuing this series. YOu should have included OTW in the video title tho
I bought the RTL-SDR when I saw the video this morning and just got it in the mail. This is easily the coolest thing I've ever done (still a beginner in cs/networking). Thanks for the video, will be purchasing the HackRF One next!
To filter lsusb results to show only SDRs you could pipe grep (-iF = case insensitive), if "SDR" is included in the product title. Example: lsusb | grep -iF "sdr"
Commands to figure out what devices are in firmware: dmesg; lsusb -v; lspci -v; ls -lart /dev | tail If you know that the device is a character device that gives a bit more info. You can also do a deep query on a particular device by id. On Sparc Solaris there is a dedicated firmware layer that you can enter and depending on the device (if not a laptop) there may be dedicated means of controlling or configuring firmware
Fun fact about signal jamming to counter radio controlled IEDs in Afghanistan…our jammers in our trucks actually block the satcom signal we sit on for higher command. We were using that frequency over sat to call in medevacs and one time, we took a casualty and we had to call in a medevac right away. But our ground force commander was getting no dice with the sat comm. comes right up to my truck, flips the switch on the jammer, and finally got higher on the radio. Now, I didn’t know this at the time but everyone around me assumed I did so I got yelled at for having the jammer on when it should have been off. But - the Taliban are very, very, very, smart. It was always a joke they are just a bunch of cavemen in paper sandals and pajamas. Nope. Very intelligent individuals. So when they realized inside our trucks were hammers to jam radio and cell signals to counter their IEDs attack, the Taliban increasingly (and quickly too) moved to using what we call “command detonation” initiation. A physical power crowd that some times ran hundreds and hundreds of feet, sometimes burried under a few inches or maybe even a foot of dirt and would run into an orchard or into a random civilians home and they would sit and wait and remotely set off the IED with a cable that ran all the way to it. We came across a couple of those when I was there along with reverse pressure plate initiations (meaning, releasing the pressure from the plate sets it off - they would put big rocks in the middle of the road knowing we obviously have to move the rock and once it’s lifted up, the IED goes off) and standard pressure plated IEDs. I think we only came across one “RC” IED in 2014 and about 300 yards away I saw a guy in the window banging on his cellphone through my scope looking all confused. I asked to fire on him as I was 100 percent certain he was infact - the trigger man and he was awake wayyyyyy too earlier yo be making cellphone calls but was told to let him go. Our jammers 100 percent jammed the signal and would not detonate that IED we found
@@kensmechanicalaffair no thats absolutely not a stupid question thats actually a really good question. Now how we use our eyes to look for something that isnt right in the ground is look at the dirt all around you and look for a patch of dirt that clearly looks like its been turned over. Alot of times, the taliban planted IEDs on us the night before or two nights before. Which would mean when they cover the IED back up with dirt, its being mixed with the colder, more moisture rich dirt they dug up. So if the IED was planted a night or two before, youll notice a patch of dirt in the road that looks darker than the rest of the road. That would also mean that the dirt that surrounds the IED is cooler than the surrounding dirt. So if you used a thermal camera to pick up on the road, youll noticed a spot that looks cooler than the rest of the road and that would be a warning sign that dirt was recently turned over which could indicated an IED was planted there. We dont normally use thermal cameras but on occasion we actually did. We had them on trucks to actually look up at the mountain peaks to look for spotters or possible trigger men but there was a time we found that weird looking patch of dirt and had the K9 go up to the dirt, and wouldnt you know it....she hit on the dirt (meaning shes saying something is here) and it was 4 jugs of HME. Which is like a fertilizer they like to use for IEDs and my Thermal camera on the truck that morning actually saw the spot on the road where the dirt was cooler than the rest. So no, deff not a stupid question. But I wouldnt rely on something like a thermal camera to pick up on that. Radio jammers, dogs, Ground Penetrating Radar, and your own instinct works best.
THANK YOU DAVID! for another Mr. Robot series and I love this stuff. one thing to mention your show more section is a full of information that is a great thing to get information keep it up!
Firstly thanks David and OTW (Occupy the Web) for this wonderful series, it was so informative and got to know and learn so many thing form this video it's just amazing eagerly waiting for further videos. Love Form INDIA..
Awesome, this is actually exactly the hack I was hoping to see explained on here! Sounds a lot like the radio jamming The Weatherman (from Negativland) does.
Im new to the cyber security world, but come from the automotive field (nearly a decade as a certified mechanic). Super interesting to see how this was carried out as I actually understand the automotive side of things. I would be curious to see how this works on newer vehicles with SDGM (Serial data gateway) modules or the newer "K-line" that is primarily dedicated to prevent cyber attacks on EVs. Id be willing to teach some automotive electrical/data communication knowledge to anyone wanting to network!
Cool. I have used SDRs for several years to track flights (ADS-B) , ships (AIS) and IoT devices (433 MHz). Nice to see that you can use a SDR device to do cybersecurity. You can use the command rtl_biast to show all RTL2832U based SDR devices. I dont know if you can use it for other SDR chips.
some times I just feel so overwhelemed with the amount of things we need to learn to be good hackers that is crazy. I want to read about so many things but I just don't have the time for it. this particular field(radio) is one I had always liked but I just don't have the time because of all the many things I had been trying to do at the same time. i want to learn about API for hacking, radio, binary exploration, web exploration, debugging, coding, malware analysis, reverse engineering and much more. and each of these things take years to really get a good understanding of it
This is right up my alley! I've theorized how to do some of this stuff. It's a dream of mine to hack Voice over LTE on the LG V20 smartphone so we can use open sourced ROMs. Thanks for teaching me about some of the tools.
Another great video, I am glad that I started watching you a couple of months ago David :) But I have a question - could you make a video with a list (or maybe something else) with best latops in 2022 for security? I know you probably get a lot of this kind of request but still... it would be nice to see something like this on your channel, just my thought - hope you don't mind.
I’m learning so much valuable information from your videos! Fantastic quality, great learning tool, and better yet, it helps to make these things make sense in the real world. Cannot thank you enough for your incredible work!!!
Thanks for the info, but OTWs website could use some help with the css… It’s almost unusable on an iPhone13 Pro Max. Lots of blank black space. I think the media queries aren’t working maybe?
Hi David, would you able to have hackers elaborate how crypto exchanges are hacked seemingly most of them using blockchain? How do we get back the fund or retrieve back in case we were scammed?
When using the sniffer, could you not connect to OBD11 port and sniff a data sample of the target vehicle? I worked for a GPS tracking company and, we would drive the most strictly controlled ( what we could control) route accounting for traffic, red lights etc,. All the while capturing the NEMA and OBD11 data and we could loop that data into our tools and recreate the test drive for a number of reasons. This is pertinent as we could learn a lot from the data including the the manufacturers implementation of the SPEC i would have added quotes to SPEC, but you all know why that doesn't translate. YOU ARE ABSOLUTELY CORRECT. . it is so loosely defined that we consider it a guideline rather that a SPEC. Freighters and MAC K trucks would change their stuff every couple of years. it was challenging. If there is a method available for one to grab a data capture from the actual target vehicle and collectively with the community we could compile a database for every ones benefit. OOPS! I reacted before finishing you demo. Sorry bout that.
Great content, as usual! I love this Mr. Robot series! I wonder if there are any code dumps for certain makes and models on the “darkish” web… sort of like a RockYou-esque txt file of codes. Wouldn’t shock me ha ha.
Love these, I’ve watched each one as soon as they come out. Please keep this series going, I don’t even watch Mr Robot, this is better than the real show.
Another good Hackrf alternative is the limesdr mini, it’ll do full duplex and has slightly higher bandwidth. It has decent support with most SDR related software but is not quite prolific as the Hackrf
hey david.. Once you jamm the key fob signals so the cars would'nt be able to get lock is it right .so why you need to replay the signals with transmitter to open the door..The door would'nt be locked becauuse of jamming
The computer chip that needs accessing is inside the battery pack on the control board. A Tesla can be stolen. It's just a matter of time and equipment to do the job.
Here is one that will cook your noodle. Bypass the rolling codes on the key fob by first capturing any signal ..then jam the keyfob signal..this will tell the computer to allow ANY previously used rolling code (which you have already captured one) to unlock the car..then playback the captured signal. Cheers 🍻
I love this video and iam manoj waiting for my HackRf One. Iam the The July recipient for the Great Scott Gadgets Free Stuff Program from India. Thankyou so much that you give so many information about SDR in this video. My HackRf One was in transit after receiving iam going to learn IOT Penetration testing. I love to do car hacking... I have the RTL-SDR Device but through that device i cant doo replay attack. Thankyou so much to provide this video on RU-vid.
I've been trying to do some CANBUS hacking on a solar charge controller and a hot tub. I know it can be maddening finding all the commands. I was assuming they had a small database of vulnerable vehicles with the commands. They seem to have lots of friends. Presumably at least one is a car hacker or car thief. Then they looked for a vehicle in the list and used the data that friend provided.
Isn't IUD birth control Master OTW??? lol I thought you would get a kick out of that I know you really meant IED(improvised expl. dev.) right or is the idiot coming out of me?? Love the content guys! PS. Master OTW is awesome and so is Mr. Bombal I appreciate both of you very much!!!
Sir can you please elaborate the scene in which how dark army listens to conversations happening near by, Will be helpful and Thanks for the Content you are sharing.
so i got this older honda suv and someone broke the door cylinder in a public place last summer. why this craze for hi tech in cars, push button start, cyl deactivation, wifi hotspot, apple this, android that? what are car makers doing to secure vehicles? all the bad guys need to do these days is tow the vehicle from the victim driveway! it happened for real, education or not.
So my biggest sticking point with the car hack is the steering lock, Mr Robot doesn't address this problem(that i remember). Sure you may be able to start the car but if you try to turn the steering wheel a certain amount (left or right without a key ) the steering column will lock preventing any further turning. Still i love the show and suspend disbelief 😀
@iam1smiley1 That isn't possible. There's a chip inside the fob that sends its data to the car after the start button is pressed or when a key is turned in an ignition. If it's not present the car is going nowhere.
So maybe one thing i did not understanf. If you jam the signal by sending white noise at an intensity strong enough to block the key transmiter..... When you try to read the actual key code from the fob.... Wouldn't you capture only the whitenoise? @David Bombal