“I launched the attack, and two minutes later a terminal pops up,” Sick Codes says of the program used to access a computer's command-line interface. Sick Codes soldered controllers directly onto the circuit board and eventually got his attack to bypass the system's protections. The logs also revealed the path to another potential timing attack that might grant deeper access. He found that when the system thought it was in such an environment, it would offer more than 1.5 GB worth of logs that were meant to help authorized service providers diagnose problems. It took experimentation on a number of touchscreen circuit boards over many months to find bypasses to John Deere's dealer authentication requirements, but eventually Sick Codes was able to game a reboot check to restore the device as if it were being accessed by a certified dealer. But ultimately he focused on a few models, including the widely deployed 26 models, for the exploit he is presenting. To develop his jailbreak, Sick Codes got his hands on numerous generations of John Deere tractor control touchscreen consoles. We want farmers to be able to repair their stuff for when things go wrong, and now that means being able to repair or make decisions about the software in their tractors.” They don’t want stuff to go wrong at the most important part of the year when they have to pull stuff out of the ground,” Sick Codes says. “Farmers prefer the older equipment simply because they want reliability.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |