{"id":3526,"date":"2015-08-10T18:42:58","date_gmt":"2015-08-10T11:42:58","guid":{"rendered":"http:\/\/ttud.com.vn\/?p=3526"},"modified":"2017-09-27T18:45:30","modified_gmt":"2017-09-27T11:45:30","slug":"rolljam-bo-kit-30-hack-duoc-khoa-cua-bang-remote-cua-hang-trieu-xe-hoi-va-cua-gara","status":"publish","type":"post","link":"https:\/\/casta.ttud.com.vn\/index.php\/rolljam-bo-kit-30-hack-duoc-khoa-cua-bang-remote-cua-hang-trieu-xe-hoi-va-cua-gara\/","title":{"rendered":"Rolljam: B\u1ed9 kit 30$ hack \u0111\u01b0\u1ee3c kh\u00f3a c\u1eeda b\u1eb1ng remote c\u1ee7a h\u00e0ng tri\u1ec7u xe h\u01a1i v\u00e0 c\u1eeda gara"},"content":{"rendered":"

T\u1ea1i DefCon 2015 \u0111ang di\u1ec5n ra t\u1eeb ng\u00e0y 6 – 9\/8 \u1edf Las Vegas (m\u1ed9t trong nh\u1eefng h\u1ed9i ngh\u1ecb hacker l\u1edbn nh\u1ea5t th\u1ebf gi\u1edbi t\u1ed5 ch\u1ee9c h\u00e0ng n\u0103m), chuy\u00ean gia b\u1ea3o m\u1eadt Samy Kamkar \u0111\u00e3 gi\u1edbi thi\u1ec7u b\u1ed9 c\u00f4ng c\u1ee5 c\u00f3 gi\u00e1 32$ d\u00f9ng \u0111\u1ec3 hack c\u00e1ch m\u1edf kh\u00f3a c\u1eeda c\u00e1c lo\u1ea1i xe h\u01a1i kh\u00f4ng c\u1ea7n ch\u00eca kh\u00f3a (keyless – d\u00f9ng remote \u0111\u1ec3 m\u1edf c\u1eeda xe) c\u0169ng nh\u01b0 remote c\u1eeda gara \u0111\u1ec3 xe. Thi\u1ebft b\u1ecb t\u00ean l\u00e0 Rolljam, nh\u00ecn b\u1ec1 ngo\u00e0i th\u00ec th\u1ea5y gi\u00f4ng gi\u1ed1ng m\u1ed9t c\u00e1i Raspberry Pi nh\u01b0ng s\u1ee9c m\u1ea1nh c\u1ee7a n\u00f3 th\u1eadt l\u00e0 gh\u00ea g\u1edbm.<\/strong><\/p>\n

\"\"<\/p>\n

Samy Kamkar m\u00f4 t\u1ea3 ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Rolljam nh\u01b0 sau: B\u1ed9 rolljam s\u1ebd \u0111\u01b0\u1ee3c \u0111\u1eb7t \u1ea9n gi\u1ea5u trong ph\u1ea1m vi \u0111\u00e2u \u0111\u00f3 g\u1ea7n chi\u1ebfc xe, khi ch\u1ee7 xe s\u1eed d\u1ee5ng remote b\u1ea5m m\u1edf kh\u00f3a xe, rolljam s\u1ebd ph\u00e1t ra m\u1ed9t s\u00f3ng radio ph\u00e1 t\u00e1c d\u1ee5ng c\u1ee7a remote xe, \u0111\u1ed3ng th\u1eddi “copy” l\u1ea1i to\u00e0n b\u1ed9 m\u00e3 l\u1ec7nh m\u00e0 remote truy\u1ec1n t\u1edbi xe \u0111\u1ec3 m\u1edf kh\u00f3a. Ch\u1ee7 xe s\u1ebd th\u1ea5y l\u00e0 l\u1ea7n nh\u1ea5n n\u00fat \u0111\u1ea7u ti\u00ean kh\u00f4ng c\u00f3 t\u00e1c d\u1ee5ng (c\u1eeda xe kh\u00f4ng \u0111\u01b0\u1ee3c m\u1edf), h\u1ecd ph\u1ea3i b\u1ea5m remote l\u1ea7n 2 \u0111\u1ec3 m\u1edf kh\u00f3a xe. L\u00fac n\u00e0y th\u00ec m\u00e3 kh\u00f3a c\u1ee7a remote \u0111\u00e3 \u0111\u01b0\u1ee3c rolljam sao ch\u00e9p l\u1ea1i v\u00f4 b\u1ed9 nh\u1edb c\u1ee7a n\u00f3. M\u1ed9t th\u1eddi gian sau, c\u00f3 th\u1ec3 l\u00e0 v\u00e0i gi\u1edd, v\u00e0i ng\u00e0y, v\u00e0i tu\u1ea7n, khi ch\u1ee7 xe kh\u00f4ng \u0111\u1ec3 \u00fd, hacker s\u1ebd s\u1eed d\u1ee5ng rolljam \u0111\u1ec3 m\u1edf kh\u00f3a c\u1eeda chi\u1ebfc xe, c\u00f3 th\u1ec3 l\u1ea5y tr\u1ed9m chi\u1ebfc xe \u0111i m\u1ea5t. C\u00e1ch l\u00e0m t\u01b0\u01a1ng t\u1ef1 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng \u0111\u1ec3 tr\u1ed9m m\u00e3 m\u1edf kh\u00f3a c\u1eeda gara nh\u00e0 \u0111\u1ec3 xe c\u1ee7a n\u1ea1n nh\u00e2n.<\/p>\n

Vi\u1ec7c hack kh\u00f3a c\u1eeda xe b\u1eb1ng c\u00e1ch sao ch\u00e9p m\u00e3 remote \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00e1c hacker khai th\u00e1c t\u1eeb nhi\u1ec1u n\u0103m nay. Do \u0111\u00f3 c\u00e1c h\u00e3ng xe h\u01a1i \u0111\u00e3 s\u1eeda l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt n\u00e0y b\u1eb1ng c\u00e1ch, m\u1ed7i l\u1ea7n khi ch\u1ee7 xe b\u1ea5m remote m\u1edf kh\u00f3a c\u1eeda th\u00ec m\u00e3 \u0111\u1ed3ng b\u1ed9 gi\u1eefa remote v\u00e0 xe \u0111\u01b0\u1ee3c \u0111\u1ed5i kh\u00e1c, tr\u00e1nh vi\u1ec7c 1 m\u00e3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng 2 l\u1ea7n. H\u1ec7 th\u1ed1ng rolljam c\u1ee7a Samy Kamkar ti\u1ebfn b\u1ed9 h\u01a1n \u1edf ch\u1ed7 n\u00f3 ph\u00e1 s\u00f3ng \u0111\u1ed3ng b\u1ed9 c\u1ee7a remote v\u00e0 xe trong l\u1ea7n \u0111\u1ea7u ti\u00ean 2 b\u00ean mu\u1ed1n ti\u1ebfp c\u1eadn nhau (l\u1ea7n \u0111\u1ea7u ti\u00ean ch\u1ee7 xe b\u1ea5m m\u1edf c\u1eeda nh\u01b0ng kh\u00f4ng c\u00f3 t\u00e1c d\u1ee5ng). Trong l\u1ea7n 2 ch\u1ee7 xe b\u1ea5m remote, rolljam s\u1ebd ch\u1eb7n v\u00e0 sao ch\u00e9p l\u1ea1i \u0111o\u1ea1n m\u00e3 “s\u1ed1 2” n\u00e0y \u0111\u1ed3ng th\u1eddi ph\u00e1t l\u1ea1i \u0111o\u1ea1n m\u00e3 “s\u1ed1 1” \u0111\u1ec3 m\u1edf xe. Ch\u1ee7 xe c\u1ee9 t\u01b0\u1edfng l\u00e0 l\u00fac \u0111\u1ea7u h\u1ecd b\u1ea5m n\u00fat kh\u00f4ng \u0103n, nh\u01b0ng th\u1ef1c ra l\u00e0 thao t\u00e1c m\u1edf c\u1eeda xe \u0111\u00e3 b\u1ecb hacker thu th\u1eadp l\u1ea1i. \u0110o\u1ea1n m\u00e3 “s\u1ed1 2” m\u00e0 rolljam sao ch\u00e9p ch\u01b0a \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng n\u00ean hi\u1ec3n nhi\u00ean sau n\u00e0y s\u1ebd d\u00f9ng \u0111\u1ec3 m\u1edf c\u1eeda xe \u0111\u01b0\u1ee3c.<\/p>\n

Tr\u01b0\u1edbc \u0111\u00f3, h\u1ed3i cu\u1ed1i th\u00e1ng 7 v\u1eeba r\u1ed3i Samy c\u00f3 tr\u00ecnh di\u1ec5n m\u1ed9t thi\u1ebft b\u1ecb kh\u00e1c t\u00ean l\u00e0 OwnStar, n\u00f3 hack \u0111\u01b0\u1ee3c h\u1ec7 th\u1ed1ng \u0111i\u1ec1u khi\u1ec3n OnStar RemoteLink tr\u00ean xe GM \u0111\u1ec3 m\u1edf kh\u00f3a c\u1eeda xe v\u00e0 \u0111\u1ec1 m\u00e1y xe.<\/p>\n