The powerful hacker exploitation framework, Metasploit, has recently been updated with attacks against automobiles. This is HUGE, as automobile hacking will be one of the hottest Infosec areas over the next few years.
Rapid7 (the developer of Metasploit) research director Craig Smith says Metasploit can now work with almost any vehicle interface.
“Metasploit condensed a slew of independent software exploits and tools into one framework and now we want to do the same for hardware,” Smith says.
“The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices.
“Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to do the same for all types of hardware.”
Smith says Metasploit will offer several interactive vehicle-related commands for cars that sport CAN buses (these are the most popular busses in vehicle communication systems).
Metasploit, he says, has been designed so that exploit developers can focus on writing automotive tools and less on the attached hardware.
This is great news! If you are interested in car hacking, check out article on hacking the Mitsubishi Outlander here. If you simply want to learn more about Metasploit (something every hacker should know), check out my Metasploit series here on Hackers-Arise.
Also, we will include this new car hacking capability in my upcoming Metasploit Kung-Fu course. It’s time to become a Metasploit Expert!