Understanding Attack Surfaces
If you come from the software penetration-testing world you
probably already get this. For the rest of us, attack surface means all
the possible ways to attack a target. The target could be a
component or the entire vehicle. At this stage we do not consider
how to exploit any piece of the target, we are only concerned with all
the “entry points” into it.
Think of yourself as an evil spy, trying to do bad things to the
vehicle. To find the weaknesses, evaluate the perimeter and
document the environment. For a vehicle, we need to consider all
the ways data can get into the vehicle – that is, all the ways the
vehicle communicates with the outside world.
From outside the vehicle:
- What signals are received? Radio waves? Keyfobs? Distance
sensors?
- Physical keypad access?
- Touch or motion sensors?
- If electric, how does it charge?
From inside the vehicle:
- Audio input options: CD? USB? Bluetooth?
- Diagnostic ports?
- What are the capabilities of the dashboard? GPS? Bluetooth?
Internet?
Once you have thought about this, you should have realized there
are a LOT of ways data can enter the vehicle. If any of this data is
malformed or intentionally malicious, what happens?
If you come from the software penetration-testing world you
probably already get this. For the rest of us, attack surface means all
the possible ways to attack a target. The target could be a
component or the entire vehicle. At this stage we do not consider
how to exploit any piece of the target, we are only concerned with all
the “entry points” into it.
Think of yourself as an evil spy, trying to do bad things to the
vehicle. To find the weaknesses, evaluate the perimeter and
document the environment. For a vehicle, we need to consider all
the ways data can get into the vehicle – that is, all the ways the
vehicle communicates with the outside world.
From outside the vehicle:
- What signals are received? Radio waves? Keyfobs? Distance
sensors?
- Physical keypad access?
- Touch or motion sensors?
- If electric, how does it charge?
From inside the vehicle:
- Audio input options: CD? USB? Bluetooth?
- Diagnostic ports?
- What are the capabilities of the dashboard? GPS? Bluetooth?
Internet?
Once you have thought about this, you should have realized there
are a LOT of ways data can enter the vehicle. If any of this data is
malformed or intentionally malicious, what happens?
![[Image: hmr1.png]](https://hackmyride.com/images/virtualblue/hmr1.png)