CANalyzat0r – Security Analysis Toolkit For Proprietary Car Protocols

This software project is a result of a Bachelor’s thesis created at SCHUTZWERK in collaboration with Aalen University by Philipp Schmied.Please refer to the corresponding blog post for more information.Why another CAN tool?Built from scratch with new ideas for analysis mechanismsBundles features of many other tools in one placeModular and extensible: Read the docs and implement your own analysis mechanismsComfortable analysis using a GUIManage work in separate projects using a databaseDocumentation: Read the docs if you need a manual or technical info.Installing and running:Run sudo ./ along with sudo -E ./ This will create a folder called pipenv with a pipenv environment in it.Or just use the docker version which is recommended at this time (Check the file in the subdirectory)For more information, read the HTML or PDF version of the documentation in the ./doc/build folder.FeaturesManage interface configuration (automatic loading of kernel modules, manage physical and virtual SocketCAN devices)Multi interface supportManage your work in projects. You can also import and export them in the human readable/editable JSON formatLogging of all actionsGraphical sniffingManage findings, dumps and known packets per project Easy copy and paste between tabs. Also, you can just paste your SocketCAN files into a table that allows pasting Threaded Sending, Fuzzing and Sniffing Sniffing at the same timeAdd multiple analyzing threads on the GUIIgnore packets when sniffing – Automatically filter unique packets by ID or data and IDCompare dumpsAllows setting up complex setups using only one windowClean organization in tabs for each analysis taskBinary packet filtering with randomizationSearch for action specific packets using background noise filteringSQLite supportFuzz and change the values on the flyTesting ItYou can use the Instrument Cluster Simulator in order to tinker with a virtual CAN bus without having to attach real CAN devices to your machine.TroubleshootingEmpty GUI WindowsPlease make sure that the QT_X11_NO_MITSHM environment variable is set to 1. When using sudo, please include the -E option in order to preserve this environment variable as follows: sudo -E ./ the GUI styleThis application has to be run as superuser. Because of a missing configuration, the displayed style can be set to an unwanted value when the effective UID is 0. To fix this behaviour, follow these steps:Quick way: Execute echo “[QT]\nstyle=CleanLooks" >> ~/.config/Trolltech.conf Alternative way: Install qt4-qtconfig: sudo apt-get install qt4-qtconfigRun qtconfig-qt4 as superuser and change the GUI style to CleanLooks or GTK+Or use the docker containerDownload CANalyzat0r