What do you think?
Rate this book
The Car Hacker's Handbook: A Guide for the Penetration Tester
Modern cars are more computerized than ever. Infotainment and navigation systems, Wi-Fi, automatic software updates, and other innovations aim to make driving more convenient. But vehicle technologies haven't kept pace with today's more hostile security environment, leaving millions vulnerable to attack.
The Car Hacker's Handbook will give you a deeper understanding of the computer systems and embedded software in modern vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and between devices and systems.
Then, once you have an understanding of a vehicle's communication network, you'll learn how to intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more. With a focus on low-cost, open source hacking tools such as Metasploit, Wireshark, Kayak, can-utils, and ChipWhisperer, The Car Hacker's Handbook will show you how to:
-Build an accurate threat model for your vehicle
-Reverse engineer the CAN bus to fake engine signals
-Exploit vulnerabilities in diagnostic and data-logging systems
-Hack the ECU and other firmware and embedded systems
-Feed exploits through infotainment and vehicle-to-vehicle communication systems
-Override factory settings with performance-tuning techniques
-Build physical and virtual test benches to try out exploits safely
If you're curious about automotive security and have the urge to hack a two-ton computer, make The Car Hacker's Handbook your first stop.
The Car Hacker's Handbook will give you a deeper understanding of the computer systems and embedded software in modern vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and between devices and systems.
Then, once you have an understanding of a vehicle's communication network, you'll learn how to intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more. With a focus on low-cost, open source hacking tools such as Metasploit, Wireshark, Kayak, can-utils, and ChipWhisperer, The Car Hacker's Handbook will show you how to:
-Build an accurate threat model for your vehicle
-Reverse engineer the CAN bus to fake engine signals
-Exploit vulnerabilities in diagnostic and data-logging systems
-Hack the ECU and other firmware and embedded systems
-Feed exploits through infotainment and vehicle-to-vehicle communication systems
-Override factory settings with performance-tuning techniques
-Build physical and virtual test benches to try out exploits safely
If you're curious about automotive security and have the urge to hack a two-ton computer, make The Car Hacker's Handbook your first stop.
304 pages, Paperback
First published January 25, 2016
71 people are currently reading
348 people want to read
About the author
Craig Smith
2 booksLibrarian Note: There is more than one author by this name in the Goodreads database.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 8 of 8 reviews
March 24, 2023
Would recommend to anyone in the automotive field to learn more about how people actually go about hacking into vehicles
April 5, 2019
A shame, really.
I only heard praises about this book and can't wait to learn something I used to imagine only possible in movies. Hacking a car is a mysterious field to me, but I'm eager to learn another branch of my favorite subject, automotive electronics.
Unfortunately, this book lacks explanation of the most basic terms, which in turn, makes further lessons more painful and definitely undigestable. It might be useful for someone with knowledge in computers and programming who wish to expand their repertoire.
I only heard praises about this book and can't wait to learn something I used to imagine only possible in movies. Hacking a car is a mysterious field to me, but I'm eager to learn another branch of my favorite subject, automotive electronics.
Unfortunately, this book lacks explanation of the most basic terms, which in turn, makes further lessons more painful and definitely undigestable. It might be useful for someone with knowledge in computers and programming who wish to expand their repertoire.
January 25, 2019
A car can be a daunting hacking target. Most cars don’t come with a keyboard and login prompt, but they do come with a possibly unfamiliar array of protocols, CPUs, connectors, and operating systems. This book will demystify the common components in cars and introduce you to readily available tools and information to help get you started. By the time you’ve finished reading the book, you’ll understand that a car is a collection of connected computers—there just happen to be wheels attached. Armed with appropriate tooling and information, you’ll have the confidence to get hacking.
Well. If you want a textbook to reference when you want to break into a car, this could be a good place to start. It's not really a good high level overview, since it spends most of the book on specific examples. While those are fascinating, they feel too low level and specific to actually read through all of them.
One bit worth reading is for an amusingly dry sense of humor:
You might find that you’re unable to shut the car down. This is a bad, but fortunately rare, situation. First, check that you aren’t flooding the CAN bus with traffic; if you are, stop and disconnect from the CAN bus. If you’re already disconnected from the CAN bus and your car still won’t turn off, you’ll need to start pulling fuses until it does.
And then you lean a few neat things. For example:
The California Air Resources Board (CARB) began testing roadside readers for OBD-III in 1994 and is capable of reading vehicle data from eight lanes of traffic traveling at 100 miles per hour.
DSRC data rates depend on the number of users accessing the local system at the same time. A single user on the system would typically see data rates of 6 to 12Mbps, while users in a high-traffic area—say, an eight-lane freeway—would likely see 100 to 500Kbps. A typical DSRC system can handle almost 100 users in high-traffic conditions, but if the vehicles are traveling around 60 km/h, or 37 mph, it’ll usually support around only 32 users.
These are both talking about wirelessly talking to the car and getting various information out of it. Heck, they even talked about the idea of software updates being delivered over a peer-2-peer (vehicle-2-vehicle!) network, which is neat.
In any case, I'm not really sure who this book is for. Someone that's definitely going to hack their car perhaps as a starter? Neat in theory. Probably something I'll never get around to in practice. So it goes.
May 17, 2019
plenty of interesting material, but put together pretty haphazardly, and totally devoid of theory. It's basically a bunch of security b-sides talks. I gave it a third star because you can't hate on CC(A) licensing.
February 4, 2019
I wish I had the time to try out a good portion of what this book mentions. Exploitation of the infotainment systems will be the first thing I do try if I get an opportunity
Read
February 1, 2024Je hé
February 26, 2025
Great resource for anyone interested in cybersecurity or anyone who wants more control over their own car.
Displaying 1 - 8 of 8 reviews