How to trick the GPS Glonass without vandalism
Immediately make a reservation: we will not break the devices, jam the signal or drain the fuel through the return line. In this post I want to tell without unnecessary technical details how to increase the mileage on monitoring instruments. At the same time without changing the route of movement of vehicles. The methods were tested in practice on two popular monitoring systems.
In all cases, we need a computer with constant access to the Internet, on which we will raise the server and push ports (I used nginx + node.js).
The essence of the satellite monitoring terminal is to receive, record and send its coordinates with a given periodicity to the monitoring server. We will try to hook between the server and the terminal. To do this, you have to flash the device. How this is done - you can see on the manufacturer's website.
We specify as the server the address of our computer. Now all the data from the device does not come to the server, but to our computer. In my case, on port 7113. We need to listen on this port, if necessary, modify the data and send it to the monitoring server. For this, I wrote a simple script on node.js. The script is simply wedged between the client and the server and displays the data being sent to the console.
')
To increase mileage, will have to modify the data. For example, after every tenth message from the terminal, I send another, slightly modified previous message to the server. For the server, it looks as if the car instantly stopped drove back, then also instantly drove forward. This is the easiest algorithm to increase mileage by 20%. The coordinates are considered correct, the speed does not increase, and on the route of these frauds is not visible, because one route overlaps the other 100%.
If access to monitoring is carried out through the web interface and you have access to the server code and this code is not encrypted, you don’t even need to invent anything. We modify the code so that it gives us what we want.
If you do not have direct access to the monitoring server, you can pass client traffic through yourself. And modify the transmitted data. For this, I also used node.js. Using the http module, we raise the server:
Where do we make a request to the server:
We specify the address, port, etc. as parameters (an example can be seen on the githaba). And we process (if necessary, modify the server response):
Here are some ways to change mileage in a monitoring program. If anyone is interested, I can write more.
This article is intended to draw attention to the security of transport monitoring systems.
In all cases, we need a computer with constant access to the Internet, on which we will raise the server and push ports (I used nginx + node.js).
Method one (without access to the monitoring server)
The essence of the satellite monitoring terminal is to receive, record and send its coordinates with a given periodicity to the monitoring server. We will try to hook between the server and the terminal. To do this, you have to flash the device. How this is done - you can see on the manufacturer's website.
We specify as the server the address of our computer. Now all the data from the device does not come to the server, but to our computer. In my case, on port 7113. We need to listen on this port, if necessary, modify the data and send it to the monitoring server. For this, I wrote a simple script on node.js. The script is simply wedged between the client and the server and displays the data being sent to the console.
')
Your server code
var net = require('net'); var server = net.createServer(function(socket) { var client = new net.Socket(); client.connect(, '7113', function() { console.log('Connected'); }); socket.on('data', function(data) { console.log('> ' + data); client.write(data); }); client.on('data', function(data) { console.log('< ' + data); socket.write(data); }); }); server.listen(, '7113'); To increase mileage, will have to modify the data. For example, after every tenth message from the terminal, I send another, slightly modified previous message to the server. For the server, it looks as if the car instantly stopped drove back, then also instantly drove forward. This is the easiest algorithm to increase mileage by 20%. The coordinates are considered correct, the speed does not increase, and on the route of these frauds is not visible, because one route overlaps the other 100%.
Method two (with access to the server)
If access to monitoring is carried out through the web interface and you have access to the server code and this code is not encrypted, you don’t even need to invent anything. We modify the code so that it gives us what we want.
Method three (passing the final traffic through yourself)
If you do not have direct access to the monitoring server, you can pass client traffic through yourself. And modify the transmitted data. For this, I also used node.js. Using the http module, we raise the server:
var server = http.createServer(function(request, response) {...}).listen(80)
Where do we make a request to the server:
var proxyRequest = http.request(options)
We specify the address, port, etc. as parameters (an example can be seen on the githaba). And we process (if necessary, modify the server response):
proxyRequest.on('response', function(proxyResponse) {....}
Here are some ways to change mileage in a monitoring program. If anyone is interested, I can write more.
This article is intended to draw attention to the security of transport monitoring systems.
Source: https://habr.com/ru/post/302900/
All Articles