Another Car Hacking Approach

Cars now have infotainment systems for several years. Those systems accomplish basic tasks such as radio, music, navigation and Bluetooth handsfree, but can also embed sophisticated features, using wireless connectivity (with cloud backends) and vehicle bus connectivity. Previous talks have presented some vulnerabilities in the past. This talk will introduce a different approach to compromise embedded infotainment systems, with both software and hardware attacks.

While previous methods focused on OS and network hacking (access to DBus, telnet, firmware update mechanism…), those vulnerabilities do not exist anymore and different approach had to be used, using 3rd party applications. Multiple protections had to be bypassed, such as multiple level of signature (installation package, code-signing), and read-only file systems just to name few. Post-exploitation forensics demonstrated that the vulnerabilities identified would likely be exploited in many different cars.

How to proceed to test such systems? What are the steps to compromise infotainment system and what vulnerabilities can be found and exploited?

Bio Benjamin Lafois is a senior security consultant that has been working in IT security and compliance for more than 10 years. Benjamin is an expert penetration tester on distributed systems as well as modern infrastructures such as IoT, embedded devices and OT systems. Benjamin has identified several zero-day vulnerabilities on IoT and ICS devices. He has been involved on critical projects in Oil & Gas projects. He also has application assessment expertise and is a Java-guru.