CEH Practical Guide
  • Certified Ethical Hacker (CEH v12 and CEH V13) Practical Guide: Complete Study Resources & Tips
  • Module 2. Footprinting and Reconnaissance
    • 1. Footprinting through Search Engines
    • 2. Perform Footprinting Through Internet Research Services
    • 3. Footprinting through Social Networking sites
    • 4. Website Footprinting
    • 5. WHOIS Footprinting
    • 6. DNS Footprinting
    • 7. Network footprinting
    • 8. Email Footprinting
    • 9. Footprinting using footprinting tools
    • 10. Perform Footprinting using AI
  • Module 3. Scanning Networks
    • 1. Host Discovery
    • 2. Port and Service Discovery
    • 3. Perform OS Discovery
    • 4. Scan beyond Firewalls and IDS
    • 5. Network scanning using various tools
    • 6. Perform Network Scanning using AI
  • Module 4. Enumeration
    • 1. Netbios Enumeration (Port 137)
    • 2. SNMP Enumeration (Port 161,162)
    • 3. LDAP Enumeration (Port 389)
    • 4. NFS Enumeration
    • 5. DNS Enumeration
    • 6. SMTP Enumeration
    • 7. RPC, SMB and FTP Enumeration
    • 8. Enumeration using various tools
    • 9. Perform Enumeration using AI
  • Module 5. Vulnerability Assessment
    • 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases
    • 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
    • 3. Perform Vulnerability Analysis using AI
  • Module 6. System Hacking
    • 1. Gain access to the system
    • 2. Privilege Escalation
    • 3. Maintain Remote Access and Hide Malicious Activities
    • 4. Clear Logs to hide the Evidence of Compromise
    • 5. Active Directory (AD) Attacks
  • Module 7. Malware Threats
    • 1. Gain access to systems with Trojans
    • 2. Infect the system using Virus
    • 3. Perform Static Malware Analysis
    • 4. Perform Dynamic Malware Analysis
  • Module 8. Sniffing
    • 1. Perform Active Sniffing
    • 2. Perform Network Sniffing using Various Sniffing Tools
    • 3. Detect Network Sniffing
  • Module 9. Social Engineering
    • 1. Perform Social Engineering using tools
    • 2. Detect a Phishing attack
    • 3. Audit Organization security for phishing attacks
    • 4. Social Engineering using AI
  • Module 10. Denial of Service
    • 1. Perform DOS and DDOS with various techniques
    • 2. Detect and Protect DOS and DDOS attacks
  • Module 11. Session Hijacking
    • 1. Perform Session Hijacking
    • 2. Detect Session Hijacking
  • Module 12. Evading IDS, antivirus and Honeypots
    • 1. Intrusion Detection using various tools
    • 2. Evade Firewall using Evasion Techniques
  • Module 13. Hacking Web Servers
    • 1. Footprint the Webserver
    • 2. Perform Webserver attacks
    • 3. Perform a Web Server Hacking using AI
  • Module 14. Hacking Web Applications
    • 1. Footprint the Web Infrastructure
    • 2. Perform Web applications Attacks
    • 3. Detect Web Vulnerabilities using using web application security tools
    • 4. Perform Web Application Hacking using AI
  • Module 15. SQL Injection
    • 1. Perform SQL Injection attacks
    • 2. Detect SQL Vulnerabilities using different tool
    • 3. Perform SQL Injection using AI
  • Module 16. Hacking Wireless Networks
    • 1. Footprint a wireless Network
    • 2. Perform Wireless Traffic Analysis
    • 3. Perform Wireless Attacks
  • Module 17. Hacking Mobile Platforms
    • 1. Hack Android Devices
    • 2. Secure Android Device
  • Module 18. IoT and OT Hacking
    • 1. Footprinting IoT and OT devices
    • 2. Capture and Analyze IoT traffic
    • 3. Perform IoT Attacks
  • Module 19. Cloud Computing
    • 1. Perform Reconnaissance on Azure
    • 2. S3 Bucket Enumeration
    • 3. Exploit S3 buckets
    • 4. Perform Privilege Escalation to Gain Higher Privileges
    • 5. Perform Vulnerability Assessment on Docker Images
  • Module 20. Cryptography
    • 1. Encrypt the Information using Various Cryptography Tools
    • 2. Create a self signed Certificate
    • 3. Perform Disk Encryption
    • 4. Cryptanalysis Using different tools
    • 5. Perform Cryptography using AI
  • Tips for exams
  • Additional Resources
Powered by GitBook
On this page

Was this helpful?

  1. Module 18. IoT and OT Hacking

3. Perform IoT Attacks

Most IoT devices come with security issues such as the absence of a proper authentication mechanism or the use of default credentials or absence of a lock-out mechanism

Previous2. Capture and Analyze IoT trafficNextModule 19. Cloud Computing

Last updated 6 months ago

Was this helpful?

1. Perform Replay Attack on CAN Protocol

The Controller Area Network (CAN) protocol is a robust communication system that allows microcontrollers and devices to interact without a central computer. It uses a message-based approach for reliable data exchange, even in noisy environments. CAN is widely used in automotive industry due to its reliability and simplicity. In modern vehicles, CAN protocol is central to system communication, enabling connections between engine controls, brakes, and infotainment units. However, this interconnectivity can be exploited by hackers to manipulate vehicle functions, posing safety risks.

Here, we are using the ICSim tool to simulate CAN protocol and demonstrate how attackers sniff the transmitted packets and perform replay attack to gain basic control over the target.

Install the simulator

sudo apt-get install can-utils

Now, to setup a virtual CAN interface issue following commands:

sudo modprobe can
sudo modprobe vcan
sudo ip link add dev vcan0 type vcan
sudo ip link set up vcan0

To check whether Virtual CAN interface is setup successfully, run ifconfig. Here, vcan0 interface is present which confirms that our Virtual CAN interface is setup successfully.

run cd ICSim to navigate to ICSim directory and execute make command to create two executable files for IC Simulator and CANBus Control Panel.

Run ./icsim vcan0 to start the ICSim simulator. You will see the IC Simulator interface

Similarly, execute ./controls vcan0 to start the CANBus Control Panel. You will see the CANBus Control Panel interface.

Now, we will start sniffer to capture the traffic sent to the ICSim Simulator by CANBus control panel simulator. To do so, open a new terminal tab and execute sudo su to run the programs as a root user (When prompted, enter the password toor). Navigate to ICSim directory to do so run cd ICSim/.

Execute cansniffer -c vcan0 to start sniffing on the vcan0 interface. Leave this sniffer on.

Open a new terminal and execute sudo su to run the programs as a root user (When prompted, enter the password toor). Navigate to ICSim directory to do so run cd ICSim/. To capture the logs run candump -l vcan0.

After starting to capture the logs, open ICSim and Controller simulator and perform functions such as acceleration, turning left/right, opening and locking doors so that logs are generated. Once you are done, terminate the ongoing process by pressing Ctrl + C.

ICSim Functions
Keys

Accelerate

Up arrow

Left/Right Turn

Left arrow/ Right arrow

Unlock Rear Left/Right doors

Right Shift + X / Right Shift + Y

Unlock Front Left/Right doors

Right Shift +A / Right Shift + B

Lock all doors

Hold Right Shift key + Tap Left Shift

Unlock all doors

Hold Left Shift key + Tap Right Shift

Now verify if you have obtained the log file by executing ls command.Now, to perform replay attack, run canplayer -I candump-2024-05-07_063502.log and press enter

canplayer -I candump-2024-05-07_063502.log

Once the log file is executed, you can see the movements that were performed while creating the log file in real time in IC Simulator and CANBus control panel simulator.

Certified Ethical Hacker (CEHv12) Practical hands on LabsUdemy
Logo