Obtaining root privileges using ADB on the DJI RM500 Smart Controller by exploiting a shell injection vulnerability in the "djilink" system service. Read more...

Using fault injection to bypass the disabled programmer setting on a Renesas RH850/P1M-E automotive microcontroller and access flash memory contents. Read more...

Part 4 in the series of modifying the firmware running on a VW Golf Power Steering. In this post I'll dicuss the bootloader and flashing process. Read more...

Part 3 in the series of modifying the firmware running on a VW Golf Power Steering. In this post I'll reverse engineer the application firmware, and identify the patches I want to make. Read more...

Part 2 in the series of modifying the firmware running on a VW Golf Power Steering. In this post I'll extract a firmware upgrade file and load it in Ghidra. Read more...

Part 1 in the series of modifying the firmware running on a VW Golf Power Steering. In this post I'll get a module running on a desk and establish diagnostics communications. This series will also serve as a general introduction to car hacking. Read more...

The goal of this project was to inject steering commands onto the FlexRay bus of an Audi. Using an FPGA a man-in-the-middle attack was performed, and the steering wheel was controled with a joystick. Read more...