Automotive Security – Part 5 (How to use can-utils efficiently ?)

Welcome back! I hope you have gone through the previous blogs, where we discussed about OBD-II. In this blog we will look into can-utils. Which contains user space utilities for Linux CAN subsystem. I suggest you to follow me throughthe blog while trying the commands in real time, for hands on grip.

Introduction

In a previous blog, we discussed CAN bus protocol. Let us consider a scenario where we have the required hardware to sniff the bus. Now, all we need is a software tool that helps in analyzing the bus. One such tool is called can-utils. Basically can-utils is more like a Swiss army knife.

can-utils is a command line Linux utility that contains basic tools which can display, record, generate and replay CAN traffic. Along with these basic operations we can also calculate busload, convert log files and it also contain ISO 15765-2:2016 tools.

In this blog we will look into these tools which helps us analyze CAN bus.

  • candump.
  • cansniffer.
  • canplayer.
  • cangen.
  • cansend.

can-utils

To install can-utils in your learning space, use the following command.

  sudo apt-get install can-utils -y

can-utils installation demo.

Before doing some hands on around can-utils, let’s create a virtual can network in our Linux machine. Use the following commands.

  sudo modprobe can
  sudo modprobe vcan
  sudo ip link add dev vcan0 type vcan
  sudo ip link set up vcan0

setting up viirtual can network demo.

Note: We will be using vcan0 from now, while conducting an assessment you can replace with the name of the network which you give while setting up.

Candump:

it is used to display, filter and log the can bus data to files, it basically dumps the packets flowing in the bus on the screen. Candump has several options to play with data floating in the bus. We can see the packets data in both binary mode and ASCII mode, it can also separate packets from different buses by color coding them. We can use the following command to color-code the bus while the data is shown in both binary and ASCII formats.

  candump –c -i –a vcan0

We can also log the traffic in the bus using candump.

  candump –l vcan0

candump explanation demo.

cansniffer:

unlike can dump, can sniffer display all the packets which are currently appearing in the bus. It has different options to color code the bits which are changing in a particular ID. Also, we can toggle between binary mode and ASCII mode using “b + ENTER” to color code the bits which are updating we can use “-c” while entering the command or “c + ENTER” live.

  cansniffer vcan0 
  Use “ c + ENTER ” to color code.
  Use “ b + ENTER ” to toglle between binary and ASCII outputs in live.

cansniffer explanantion demo

cangen:

it is used to generate random traffic In a bus, it also has advanced features where we can set the gap in milli seconds, generate CAN FD frames, send can packets with RTR frames and etc.

  cangen vcan0 

cangen demo video.

In order to understand more about canplayer and cansend, I’ll be using ICsim. ICsim is a great tool to practice car hacking on a bus level and do a virtual demonstration of attacks..

canplayer:

as discussed above we can log the packets flowing in the bus into a log file. Canplayer helps us in playing back the log files. The command for the same is,

  canplayer –I <*filename> 

In this we will recording the signal indication packets of ICsim and replay them using canplayer. Yup we did a repaly attack on indication node.

canplayer demo video.

cansend:

using cansend we can send both CAN 2.0 & CAN FD frames depeending on the bus we are analysing. The command is,

  cansend vcan0 <ID>#<DATA> 

cansend demo video.

Finally, lets dump, record and play the signal indication of ICsim using can-utils.

replay attack on ICsim demo video.

If you’ve gone through these tools help pages or manuals, you’ll find lot of options to craft the commands according to the bus you’re assessing.

Conclusion:

We hope this blog post made you a comfortable to use can-utils with ease. If you are reading up to this point, you are very much interested in Automotive security. This blog post aimed to give you an idea about CAN Bus protocol which is widely used in Automotive architecture. Going forward, the next blog post will decode some of the famous car hacks happened in the history. I hope you enjoyed reading this as much as I enjoyed writing it : )

About Payatu

Payatu is a research-powered cybersecurity service and training organization specialized in IoT, embedded, mobile, cloud, infrastructure security, and advanced security training. We offer a full IoT/IIoTT ecosystem security assessment, including hardware, firmware, middleware, and application interfaces. If you are looking for security testing services then let’s talk, share your requirements: https://payatu.com/#getstarted Payatu is at the front line of IoT security research, with a great team, and in house tools like expliot.io. In the last 8+ years, Payatu has performed, security assessment of 100+ IoT/IIoT product ecosystems and we understand the IoT ecosystem inside out. Get in touch with us. Click on the get started button below.

Subscribe to our Newsletter
Subscription Form
DOWNLOAD THE EBOOK

Fill in your details and get your copy of the ebook in few seconds

Ebook Download
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download ICS Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download Cloud Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download IoT Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download Code Review Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download Red Team Assessment Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download AI/ML Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download DevSecOps Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download Product Security Assessment Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download AI/ML Sample Report
DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Download IoT Sample Report

Let’s make cyberspace secure together!

Requirements

Connect Now Form

What our clients are saying!

Trusted by