CAN Signal Extraction from OpenXC with Radare2 (Room 3224)
June 15th 2019 12:30 - 13:30
There’s lots of intro-level material on using radare2. I wanted to do intermediate level how-to. I’ve previously also looked at the open firmware and since it had an open source component it is a good place to start for both 1) not violating any terms and 2) fact-checking reverse engineering work.
OpenXC builds its firmware – for both the open and proprietary builds – using JSON data structures which define the CAN signals. These definitions are akin to the CAN database files (.dbc) files. Reverse engineering of the open openXC builds (as an educational exercise) reveals that it is a straightforward matter to identify and extract the CAN signal definitions from the binary. Attendees will learn: What are dbc files? How to load raw binaries into r2 (ARM in particular)? How to pretty-print data structures using r2? The exposition of machine code in the talk will be via the free radare2 RE tool.
Requirements: - Attendees should bring their own laptop; with radare2 installed from git
Founder and Director, Yellow Flag Security
Ben Gardiner is a Principal Security Engineer at Irdeto and a member of the ethical hacking team, specializing in hardware and low-level software security. With more than 10 years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledg...