CAN Bus Fundamentals
Protocol
CAN (Controller Area Network) is the primary communication protocol in vehicles. It's a broadcast protocol with no authentication, making it vulnerable to sniffing and injection attacks.
CAN Frame Structure
text
CAN Frame (Standard 11-bit ID):
+---------------+-------+------+--------------+------+
| Arbitration | RTR | DLC | Data | CRC |
| ID (11b) | (1b) | (4b) | (0-8 bytes) | |
+---------------+-------+------+--------------+------+
Example CAN message:
ID: 0x7DF (OBD-II broadcast)
DLC: 8
Data: 02 01 0C 00 00 00 00 00
└─┴─┴─ Request RPM
Key characteristics:
- No source/destination - broadcast only
- Priority by arbitration ID (lower = higher priority)
- No authentication mechanism
- Typical speeds: 500 kbps (high), 125 kbps (low)CAN Hardware Setup
bash
# Required hardware:
# - CANable, PEAK PCAN, or similar USB-CAN adapter
# - OBD-II to DB9 cable
# Set up CAN interface on Linux
sudo ip link set can0 type can bitrate 500000
sudo ip link set up can0
# Verify interface
ip -details link show can0
# can-utils installation
sudo apt install can-utils
# Basic sniffing
candump can0
# With timestamps and colors
candump -c -t a can0
# Filter specific IDs
candump can0,7DF:7FF