Two Scumbags nicked my Car

trevortron said:
Another simple remedy the makers could implement would be a simple motion detector in the fob. No movement = no signal. Seemples.
Click to expand...
Don't quote me on it but I'm sure that keyless cars don't require keyfob to be present to keep engine running. They're needed (or relay is needed) to start car but that's about it. At least on my car that's true.

The makers should fix that and after x time of no keyfob detected and car still running, they cut out. Obviously a warning would have to be shown on display to allow those that are driving to safely pull over. Similar option could be they cut out with no keyfob present and only when engine running but no movement detected (ie not driving).

There is obviously a downside to this though.
 
ketmp said:
Don't quote me on it but I'm sure that keyless cars don't require keyfob to be present to keep engine running. They're needed (or relay is needed) to start car but that's about it. At least on my car that's true.

The makers should fix that and after x time of no keyfob detected and car still running, they cut out. Obviously a warning would have to be shown on display to allow those that are driving to safely pull over. Similar option could be they cut out with no keyfob present and only when engine running but no movement detected (ie not driving).

There is obviously a downside to this though.
Click to expand...

That's not a bad idea at all. I'm wondering if the keyfob only has one response though (if that's how the relay attack works). If it is one response and it has been captured and can be replayed (like my Wilko doorbell :)) then there is no further need for the keyfob.

It got me thinking about how a car remains running essentially without a key.

It's probably not too important to restart the car once started as it will be in a container.

@ketmp idea is an interesting one though. Like:

Car: You still there?
Fob: Still here.
Car: You still there?
Fob: Still here.
Car: You still there?
Fob: .......................................

Car: You still there?
Fob: .......................................


Car: Stopping.
 
Spectre said:
That's not a bad idea at all. I'm wondering if the keyfob only has one response though (if that's how the relay attack works). If it is one response and it has been captured and can be replayed (like my Wilko doorbell :)) then there is no further need for the keyfob....
Click to expand...
No, my car alerts when keyfob not present but doesn't appear to do anything other than alert so it must continously check for keyfob.
 
ketmp said:
No, my car alerts when keyfob not present but doesn't appear to do anything other than alert so it must continously check for keyfob.
Click to expand...

@ketmp thing is what does their conversation look like?

I'm guessing it differs from car to car but imagine it was the same response every time when the car asks for the fob.

It would be something like:

Car: Fob, give me a code.
Fob: 0x012345678
Car: Fob, give me a code.
Fob: 0x012345678
Car: Fob, give me a code.
Fob: 0x012345678

Now, that sort of attack would work as long as 0x12345678 can be replayed to the ECU every time it requests one.

The introduction of a rolling code could do something like:

Car: Fob, give me a code.
Fob: 0x012345678
Car: Fob, give me the next code.
Fob: 0x012345678
Car: NOT VALID!

This brings me back to what sort of capability the fob/transponder has.
 
Mine beeps if I move out of range, pretty sure it will stop after a short distance, it's a Nissan pulsar
 
I tried that and couldn't unlock car from 30 ft away. Not tried to start car yet
 
gez said:
Mine beeps if I move out of range, pretty sure it will stop after a short distance, it's a Nissan pulsar
Click to expand...
Stop beeping or stop car? Test it as my Focus beeps for short period then stops beeping but does still display message that key not detected but i've left it for about 5mins and engine kept running.
 
  • Like
Reactions: gez
turner brown said:
search hackrf on youtube and see how cheap and easy this is
Click to expand...

Do you have a specific link?

I have a HackRF One but I'm sure with rolling codes it isn't as easy as a replay attack. I've cloned a doorbell that I bought :).

Some attacks rely on blocking reception of the real fob whilst sniffing what they sent and then replaying that at a later time. I think these attacks that you see in the media at the moment are something to do with a development kit being used as a repeater between a transponder and car in realtime rather than a replay attack.
 
no just seen a few on there about it and don't own a hackrf
but this is the same type of attack
To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.
 
You must log in or register to reply here.

Similar threads

silverdale
Win 10 Not booting
Replies
6
Views
503
Carl Murric
C
alimac
    • Like
There’s a new form of keyless car theft that works in under 2 minutes
Replies
0
Views
238
alimac
alimac
Grimeire
    • Wow
    • Like
    • Sad
amazon support!!!!!!
Replies
3
Views
821
Sandra51
S
alimac
    • Like
'Oppenheimer' a warning to world on AI, says director Nolan
Replies
0
Views
464
alimac
alimac
chookey
    • Haha
    • Like
Bus trip from hell
Replies
10
Views
602
chookey
chookey
Back
Top