We have games like Watchdog on PS4 and PC console ( A high tech. game) putting a lot of traffic light h4cking into the game plan. Well, is not difficult to pick up a moment and screw up a traffic light as long as you know what you doing and understand the basic terms fully well.
 |
| A copy of Watchdog Screwing up a traffic light :D |
SECURITY HOLES IN TRAFFIC LIGHT SYSTEM
There are three major weaknesses found in a traffic light that h4ck3rs can take advantage of. I won't be doing much in-depth on each term. Just a point and kill statement should do the trick!. If you need any help or directions on how to study further on this, drop a comment at the end of this article. I will surely help out. Now, back to the weakness needed to be exploited:
1. Unencrypted radio signals exposed to the public
2. The use of factory-default usernames and passwords and,
3. a debugging port that is easy to attack
2. The use of factory-default usernames and passwords and,
3. a debugging port that is easy to attack
HOW TO SCREW UP WITH THE UNENCRYPTED RADIO SIGNAL
In an effort to save installation costs and increase flexibility in connectivity, the traffic light system makes use of wireless radio signals rather than dedicated physical networking links for its communication infrastructure (might have been changed now due to recent security bridge: - Do a background check on the company who manufactured the traffic light ).
The Traffic light systems use a combination of 5.8GHz and 900MHz radio signals frequency. The 900MHz links use a proprietary protocol with Frequency Hopping Spread-Spectrum (FHSS) { You may want to check here} but the 5.8GHz version of the proprietary protocol isn't terribly different from 802.11n ( better than the a and b type which are pretty much obsolete)
Anyone with a laptop and a wireless card operating on the same frequency as the wireless networked traffic light — in this case, 5.8 gigahertz — could access the entire unencrypted network. That's easy to do folks !. Check out your PC specification on google !
DEBUGGING A PORT TO EASILY ATTACK
After gaining access with the radio signal, next is to communicate with one of the controllers in the target network. Mostly, the system’s control boxes run on VxWorks 5.5 (check here), a version which by default gets built from source with a debug port left accessible for testing! Incredible !
Due to the fact communique to the controller isn't always encrypted and requires no authentication, sniffing (tracking and taking pictures facts traffic on the community media) packets could be effortlessly despatched between the controller and this software.
Debugging ports allows h4ck3rs to successfully grew to become all lighting pink or modify the timing of neighboring intersections — as an instance, to make certain someone hit all inexperienced lighting fixtures on a given course. #winks!
Part is the capacity of a cyber criminal to carry out denial-of-provider (DdoS) assault on controlled intersections with the aid of triggering each intersection’s malfunction control unit through attempting invalid configurations, which would put the lights into a failure mode. ( lol and that is when the coincidence starts going on).
Yeah , the technique may appear quick but calls for numerous social engineering. Gathering information on the sort of visitors mild you wanna take advantage of and checking out the agency additionally to recognize the default username and password assigned to the controller and plenty of more. Now, you do this h4ck, you try at your very own chance..Lol am just posting this for educational reasons!
No comments:
Post a Comment
we love to see your comment