Bad rolling code in keyfob for many Subaru cars

[Tom Wimmenhove <tom.wimmenhove () gmail com>]

[Author]
me <tom.wimmenhove () gmail com>

[Description of the vulnerability]
The rolling code used by the keyfob and car is predictable in the sense
that it is not random. It is simply incremental.

[Impact]
An attacker can 'clone' the keyfob and, unlock cars and, when increasing
the rolling code with a sufficiently high value, effectively render the
user's keyfob unusable.

[Affected vehicles]
The exploit has only been tested on a 2009 Subaru Forester, but the same
fob is used, and the exploit should work on, the following vehicles:
 - 2006 Subaru Baja
 - 2005 - 2010 Subaru Forester
 - 2004 - 2011 Subaru Impreza
 - 2005 - 2010 Subaru Legacy
 - 2005 - 2010 Subaru Outback

[Solution]
Don't use the most predictable sequential type of rolling code. Don't send
the command twice so that, in case of Samy Kamkar's rolljam attack, not
even the XOR checksum has to be recalculated when changing a lock to an
unlock command, since the 2 commands cancel each other out, leaving the
checksum in tact.

[Required hardware]
 - Raspberry Pi B+ with WiFi dongle or Raspberry Pi Zero W with built-in
WiFi
 - RTL-SDR RTL2832U DBV-T tuner ($10 on ebay)
 - A piece of wire
 - A 433MHz antenna

[Credit]
pmsac at toxyn dot org for figuring out the checksum algorithm


A detailed explanation of the inner workings of the exploit, how to set
things up and code for the exploit can be found on GitHub:
https://github.com/tomwimmenhove/subarufobrob

- Tom

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/