The goal of this research is to expose vulnerabilities with key fobs. An assortment of tools and resources will be used to discover the radio-wave key that unlocks a vehicle. A tool called HackRF will be used to capture the actual radio signal coming from the key fob when the unlock button is pressed. Additionally, a site called FCC ID can also be used to help narrow down the frequency of the key fob. By simply putting in the serial code, or other obtainable key fob information, many design specifications, including the radio frequency, can be discovered using the website. Many cars listen on broad range of frequencies due to the key fob’s signals changing due to outside elements, this can be exploited through different attacks. There are several different attack styles used to break into cars by simulating the key fob. One of the best known forms of attack is a replay attack. Replay attacks are generally used on older style car key fobs with fixed binary radio waves. These radio waves can be recorded and replayed later to unlock the car. This issue was corrected on newer car keys by using rolling codes. These play different codes every time the unlock button is pressed, allowing the car to scratch off numbers as the key is pressed, and keep from repeating previous numbers.
HackRF, Replay Attacks, Automotive Hacking, Radio Signal Capturing
This is a metadata-only record.
Computer Science & Information Systems
- Event date
25 March 2022
- Date submitted
20 July 2022
- Additional information