Tesla Charging Ports Opened with HackRF Replay Attack








The charging port on Tesla electric vehicles is protected via a cover that can be opened by charging stations via a wireless signal transmitted at 315 MHz. It turns out that the command to open the port is totally without any security. This means it’s possible to record or recreate the signal, and play it back anywhere using a transmit capable SDR device like a HackRF.

Twitter user @IfNotPike has done just that, managing to open the Tesla charging port using a handheld HackRF with Portapack setup. If you cannot record the signal, a repo hosting a valid signal file is available on GitHub from jimilinuxguy. Interestingly jimilinuxguy notes “The range for this is INSANE. I was able to perform this from VERY far away.” and the same signal can be used to “open any and all Tesla vehicle charging ports in range”

Fortunately for Tesla owners, the level of damage a malicious party could cause through the charging port is limited, since the charging port is not active until a correct charging cable is connected. It also seems that the charging port on most models will automatically close after some time if no charger is connected.

Tesla Charging Port Opened with HackRF and Portapack | Credit: @IfNotPike







Source link

%d bloggers like this: