-
If you have not please join our official My Outlander PHEV Facebook Group!
Mitsubishi Outlander PHEV Facebook Group
PHEV alarm can be switched off using hacked wifi [merged]
- Thread starter Jimmac
- Start date
Help Support Mitsubishi Outlander PHEV Forum:
Jimmac said:
Yes, but it looks like you need to use the app in the first place.
BBC Article said said:
So if you don't use the app (either delete it or de-register your device), there'll be no data travelling between the car and anything else. I recently removed the wifi from my phone as I was fed up with it over riding my home one.
https://www.pentestpartners.com/blog/hacking-the-mitsubishi-outlander-phev-hybrid-suv/
Tldr; the passphrase is too short and can be cracked within a couple of days if you have access to reasonably powerful GPUs.
If you have the passphrase you can snoop on the handshake between the phone and car, and steal it.
That done, you have access to all functions, including disable the alarm.
Also, as the car's network SSID follows a known pattern, you can track Outlanders on sites that collect network SSIDs.
Mildly worrying, but I won't exactly worry that much that someone sneaks up to my house and start the heater.
Tldr; the passphrase is too short and can be cracked within a couple of days if you have access to reasonably powerful GPUs.
If you have the passphrase you can snoop on the handshake between the phone and car, and steal it.
That done, you have access to all functions, including disable the alarm.
Also, as the car's network SSID follows a known pattern, you can track Outlanders on sites that collect network SSIDs.
Mildly worrying, but I won't exactly worry that much that someone sneaks up to my house and start the heater.
Even if the alarm is cancelled by some techno thief, its still immobilised, unless all that effort is to break a window and steal your packet of wine gum!.
The majority of car theft now is far simpler, they kick your door in and grab the keys off the side, if they are not there they hit you with a baseball bat until you hand them over. I prefer the car is 'hacked' and stolen if it avoid this scenario!
The majority of car theft now is far simpler, they kick your door in and grab the keys off the side, if they are not there they hit you with a baseball bat until you hand them over. I prefer the car is 'hacked' and stolen if it avoid this scenario!
ChrisMiller
Well-known member
geoffshep69
Well-known member
Maybe I’m just too relaxed about these things, but I can never get excited about these potential gaps that IT security experts go out of their way to find. If someone wants to sit outside my house and use their specialist IT knowledge to break into the car’s WiFi so that they can ‘flash the lights’ or ‘tweak the charging settings’ then good luck to them. Even if they disable the alarm they still have to break in to the car, but there’s nothing worth stealing in it anyway.
To be honest, how big a deterrent are car alarms anyway ? Any time you hear one going off you just assume it’s a false alarm. Someone could break into a car in a busy car park, set off the alarm, and I guarantee you that nobody would bat an eyelid and would assume it had gone off by accident.
Like I say, maybe I’m overly relaxed about it, but this article just strikes of sensationalism and scaremongering.
To be honest, how big a deterrent are car alarms anyway ? Any time you hear one going off you just assume it’s a false alarm. Someone could break into a car in a busy car park, set off the alarm, and I guarantee you that nobody would bat an eyelid and would assume it had gone off by accident.
Like I say, maybe I’m overly relaxed about it, but this article just strikes of sensationalism and scaremongering.
TheBunyip
Member
From the horses mouth... http://www.theregister.co.uk/2016/06/06/mitsubishi_outlander_hack/
Includes a Video demonstration which includes a post production insert announcing that Mitsubishi are now taking the matter seriously. The video also implies that once in the car with access to the OBD port the car could be stolen.
Now that the video has been made public we can expect at least the odd "bad boy" to pay attention.
Perhaps Mitsubishi checked out the forum or discovered that our man from EV-+VE had already been in touch.
Includes a Video demonstration which includes a post production insert announcing that Mitsubishi are now taking the matter seriously. The video also implies that once in the car with access to the OBD port the car could be stolen.
Now that the video has been made public we can expect at least the odd "bad boy" to pay attention.
Perhaps Mitsubishi checked out the forum or discovered that our man from EV-+VE had already been in touch.
jaapv
Well-known member
Fully agree. If one wants a car,any car, to be relatively safe, the factory alarm certainly isn't sufficient.geoffshep69 said:
A 20 Euro signal amplifier will enable a thief to gain keyless entry by your own key hanging inside you front door; there is even a story of car theft of fully secured vehicles in the Ukraine by having the street lights switched off, a truck lower a container without bottom over the car, pushing in a couple of transverse beams, loading it onto the truck and driving off...
If you are really interested the most effective ways of securing the car are a Bearlock, a Cobra immobilizer and a LoJack car tracer.
Engraving the registration number in all windows helps as well.
jthspace
Well-known member
06blade said:
In the phone app (mine is iPhone), Settings / Cancel VIN Registration.
I also purchased the iPhone app WiFi Priority as mentioned on this site, so my app NEVER connects to the car unless I manually tell it to do so, so nothing is being sent between the car and the app and I don't have the problem of the app connecting at odd times and disabling the Internet connection on the phone (car is nearer to me than the wireless router, so often connected to the stronger car signal). V annoying.
OK, it's summer so I don't need the remote heating function and other than when I got the car and was playing, I have never had the need to turn the headlights or parking lights on or off. I don't need the charge timer either as we do not have cheaper night time electricity so it doesn't matter when I charge. Others will have different needs, obviously.
I have today received 30! (Minimum order) 1mm micro switches and am awaiting delivery of the four button keyfob, so will be making the remote heating hack as soon as the new fob arrives and I won't need the remote app to control the heating anyway.
Jeff
jthspace
Well-known member
Yes, but it won't connect to anything and as there is no communication between the car and the app there is nothing to intercept, which, from a couple of articles I read, seems to be necessary. As was mentioned in an earlier post, it's one of those hacks that (probably) isn't as easy or wide open as the article seems to make it sound.
Jeff
Jeff
anko
Well-known member
When ALL VIN registrations are cancelled (best to use reset procedure by 20 x Lock / Unlock, hazard lights, etc) the WiFi completely disappears from the air.jthspace said:
I don't think they need to intercept traffic between your app and the car. They only needed to do that the first time to learn how to communicate with the car once they've cracked the Wifi code. So, deregistering a phone as such does not do a lot.
jthspace
Well-known member
Good info, thanks!
It's hidden in the de-registration procedure instructions...
If you follow the instructions to de-register ALL devices, from within the car, NOT from the devices, or from within MMCS, then, and only then, will the car wifi turn off.
Instructions here:
http://www.mitsubishi-motors.com/en/products/outlander_phev/app/remote/jizen.html
Specific line we're interested in from Delete Registration (Initialization Process)
If you follow the instructions to de-register ALL devices, from within the car, NOT from the devices, or from within MMCS, then, and only then, will the car wifi turn off.
Instructions here:
http://www.mitsubishi-motors.com/en/products/outlander_phev/app/remote/jizen.html
Specific line we're interested in from Delete Registration (Initialization Process)
I have followed those de-registration instructions and have confirmed that the car no longer seems to have active wifi.
(i.e. I cannot link to the car from either of my tablets, and the car is no longer showing up on a scan for wifi devices)
Andy
PS. Yes, I hate replying to my own posts.
(i.e. I cannot link to the car from either of my tablets, and the car is no longer showing up on a scan for wifi devices)
Andy
PS. Yes, I hate replying to my own posts.
Thanks guys. I'll have a go at that. I've already deregistered my iPhone on the app and also dumped the app as it's not used.
As an alternative to fumbling about in Mitsubishi's weird and wonderful (and mostly incomprehensible) software can I simply unplug the wifi router/aerial/module? The aerial is identified as being located near the left rear door.
As an alternative to fumbling about in Mitsubishi's weird and wonderful (and mostly incomprehensible) software can I simply unplug the wifi router/aerial/module? The aerial is identified as being located near the left rear door.
Tipper said:
Reading the quotes from Mitsubishi in the article, it is possible that you've already disabled wifi.
Before you start pulling wires etc. may I suggest that you try to see if the car is still responding? (By trying to connect with your deregistered app)
Meanwhile... I wonder how they'll let us know that they have a new software release to cure this problem?
Andy
ChrisMiller
Well-known member
Previous updates (in my limited experience) have arrived as standard phone app updates which then require you to update the software in the car using the app.AndyInOz said:
Speaking as an IT security bod, I wouldn't get too worked up about this issue (and I'm certainly not about to disable my WiFi). It's not entirely coincidence that today sees the start of Europe's largest IT security show in London, and lots of companies will be looking for free publicity. Even Ken Munro from Pen Test Partners admits on the video that cracking the code would take (anyone without access to a supercomputer) days, although (if you've got a few thousand quid to spare) you could buy compute cycles in the cloud and get that down to minutes.
Share this page
Similar threads
