what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Charlie Miller

Email addresscharlie.miller at accuvant.com
First Active2011-12-10
Last Active2017-04-26
Remote Exploitation Of An Unaltered Passenger Vehicle
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper outlines the research into performing a remote attack against an unaltered 2014 Jeep Cherokee and similar vehicles that results in physical control of some aspects of the vehicle. Hopefully this additional remote attack research can pave the road for more secure connected cars in our future by providing this detailed information to security researchers, automotive manufacturers, automotive suppliers, and consumers.

tags | paper, remote
SHA-256 | d7f534a978ca4d25721f39404f7aad67339b186a0025047f6293bf98556c1d36
CAN Message Injection - OG Dynamite Edition
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper investigates why physical control inconsistencies exist and present techniques that can be leveraged to more fully obtain control of the physical systems of the car while only injecting CAN bus messages. It also discusses ways to makes these systems more robust to CAN message injection.

tags | paper
SHA-256 | 383c15500ebb9e6fd0e34bf42e9e070b737657eb4bcf9930fb34491defdb4078
A Survey Of Remote Automotive Attack Surfaces
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

Whitepaper called A Survey of Remote Automotive Attack Surfaces. This paper attempts to analyze numerous automobiles varying in production year to show how remote attack surfaces have evolved with time and to try to quantify the difficulty of a remote attack for a variety of different automobiles. This analysis will include how large the remote attack surface is, how segmented the ECUs which have physical control of the automobile are from those accepting external input, and the features present in the automobile which allow computers to physically control it. Additionally, this paper recommends defensive strategies including an IDS-type system to detect and prevent these types of attacks.

tags | paper, remote
SHA-256 | 371d87d27666d1f97678cbf4eec03704f4c1e85029009ee2439690303f7dde28
Car Hacking: For Poories A.K.A. Car Hacking Too: Electric Boogaloo
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This whitepaper is a follow-up on car hacking that was an attempt to reduce this barrier to entry so more researchers could get involved.

tags | paper
SHA-256 | 9249c9c2c9ccfb49896bf3953a0b5ca6d1f19ab6a4f67bc032d488183dad0773
Adventures In Automotive Networks And Control Units
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

Adventures in Automotive Networks and Control Units (aka car hacking) is an overview of the original work by Charlie Miller and Chris Valasek that covers CAN bus sniffing, injection, and attacks against a Toyota Prius and Ford Escape. Also included are all the tools they used and related data.

Changes: Although the car hacking tools have already been added to Packet Storm, this archive also has the whitepaper and a new version of the tool archive.
tags | exploit
SHA-256 | 388155dad3d4941180cc43d65a21b1b4f0febcb901ea70241f133325b8b436df
Adventures In Automotive Networks And Control Units
Posted Aug 6, 2013
Authored by Chris Valasek, Charlie Miller

Previous research has shown that it is possible for an attacker to get remote code execution on the electronic control units (ECU) in automotive vehicles via various interfaces such as the Bluetooth interface and the telematics unit. This paper aims to expand on the ideas of what such an attacker could do to influence the behavior of the vehicle after that type of attack. In particular, the authors demonstrate how on two different vehicles that in some circumstances they are able to control the steering, braking, acceleration and display. They also propose a mechanism to detect these kinds of attacks. All technical information and code needed to reproduce these attacks is included in this archive. This was released to the community as promised by the researchers who presented their findings at Defcon 21.

tags | exploit, remote, code execution
SHA-256 | 794a8286ed148e6a725895876ffebe1b0e584fd41753499c11022ae5b23ac94c
Browser Security Comparison: A Quantitative Approach
Posted Dec 10, 2011
Authored by Ryan Smith, Chris Valasek, Paul Mehta, Charlie Miller, Shawn Moyer, Joshua Drake | Site accuvant.com

Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.

tags | paper
SHA-256 | e054bd896f56e8be803b55bc04ad540e6247fb7a0bbcf3094c27a9a421226a18
Page 1 of 1

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By