CEHv6 module 56 hacking GPS

Trang 1

Ethical Hacking and CountermeasuresVersion 6

Module LVIHacking Global Positioning System

Ethical Hacking and Countermeasures v6

Module LVI: Hacking Global Positioning System

Exam 312-50

Trang 2

Hacking Global Positioning System

Module Objective

• Global Positioning System(GPS)

• Secret Startup commands

• Firmware Hacking

• Waypoints

• GPS Tools

• Security ToolsThis module will familiarize you with:

Module Objective

This module will familiarize you with:

 Global Positioning Systems (GPS)

 Secret Startup Commands

 Firmware Hacking

 Waypoints

 GPS Tools

 Security Tools

Trang 3

Module Flow

Global Positioning System(GPS)

Secret Startup commands

Firmware Hacking Security Tools

GPS Tools Waypoints

Module Flow

Trang 4

Global Positioning System (GPS)

The Global Positioning System (GPS) is a based navigation system that provides reliable positioning, navigation, and timing services

satellite-GPS shows the exact position on earth

GPS is a constellation of 24 satellites revolving 11,000 nautical miles above earth surface

A GPS receiver can detect signals transmitted by GPS satellite

 Global Positioning System

Source: http://www.gps.gov/

The Global Positioning System (GPS) is a satellite-based navigation system that provides reliable positioning, navigation, and timing services GPS shows an exact position on the earth GPS is a constellation of 24 satellites revolving 11,000 nautical miles above the earth’s surface A GPS receiver can detect signals transmitted by the GPS satellite

The GPS is made up of three parts: satellites orbiting the earth; control and monitoring stations

on earth; and the GPS receivers owned by users GPS satellites broadcast signals from space that are picked up and identified by the GPS receivers Each GPS receiver then provides three-dimensional location (latitude, longitude, and altitude) plus the time GPS provides accurate location and time information for an unlimited number of people in all weather, day and night, anywhere in the world

Trang 5

Terminologies

• DGPS is a method of improving the accuracy of your receiver by adding a local reference station to expand the information available from the satellites

Differential GPS (DGPS)

• WAAS is intended to enable aircraft to rely on GPS for all phases

of flight, including precision approaches to any airport within its coverage area

Wide Area Augmentation System (WAAS)

• It transmits signals containing information on reliability and accuracy of the positioning signals which are sent by GPS and Global Orbiting Navigation Satellite system(GLONASS)

European Geostationary Navigation Overlay Service (EGNOS)

Local Area Augmentation System (LAAS)

• The effects of the combined errors of four variables (latitude, longitude, altitude, and time) on the accuracy of a three- dimensional fix

Geometric Dilution of Precision (GDOP)

• The ratio of incoming signal strength to the amount of interfering noise as measured in decibels on a logarithmic scale

Signal to Noise Ratio (SNR)

Terminologies

Differential GPS (DGPS)

Receiver’s accuracy can be improved by using DGPS It adds a local reference station to expand the information available from the satellite For receiving DGPS signals, a GPS receiver can be modified to design DGPS signals as “DGPS ready.” DGPS can increase the accuracy of the positions that are derived from the GPS receivers

Wide Area Augmentation System (WAAS)

WAAS is an air navigation aid that was developed by the Federal Aviation Administration to expand GPS, in turn improving accuracy, integrity, and availability WAAS enables aircraft to depend on GPS for all phases of flights, which includes precision approaches to any airport coming under the coverage area

European Geostationary Navigation Overlay Service (EGNOS)

EGNOS enhances the dual military satellite navigation system, operating the US GPS and the Russian GLONASS system It makes them compatible for critical applications such as flying aircraft or navigation of ships through channels

Trang 6

Local Area Augmentation System (LAAS)

Source: http://www.environmental-studies.de/GPS/GPS_Glossary/gps-glossary-l-m/7.html

Local Area Augmentation System is similar to WAAS, in that similar correction data are used But

in this case, the correction data are transmitted from a local source, typically at an airport or another location where accurate positioning is needed These correction data are typically useful for only about a thirty to fifty kilometer radius around the transmitter

Geometric Dilution of Precision (GDOP)

GDOP is the outcome of the combination of errors of four variables—latitude, longitude, altitude, and time—on the accuracy of the three dimensional fix GPS devices define the position of an object by using “3-d multilateration,” a process of figuring out where many spheres intersect.Signal to Noise Ratio (SNR)

SNR is the ratio of the incoming signal strength along with interfering noise calculated in decibels

on a logarithmic scale

Trang 7

GPS Devices Manufacturers

Garmin 3S Navigation Alpine Navtech Magellan Silva

Trang 8

Trang 9

Sharing Waypoints

• Storing in External storage devices

• Distribute them on paper

• Make it available on Internet

There are variety of ways to store waypoints:

• www.waypoint.org

• www.swopnet.com/waypoints

• www.travelbygps.com

• www.pickatrail.com

Websites where waypoints can be stored:

A waypoint is a spot on the surface of the Earth as defined by coordinates that are inputted into the GPS and stored, usually along with an icon, a descriptive name, and some text

Wardriving

Wardriving is an activity by which WiFi networks, broadcasting signals are detected

With addition of GPS, pinpoint location

of the discovered hotspot can be stored

Information regarding street names, building numbers, network spots, and logs by location are stored automatically

Trang 10

Areas of Concern

Use of precision weapons in which jamming can degrade the accuracy of weapon, results in:

• Unnecessarily increased weapons expenditures

• An increase in collateral damage

Interruption of GPS can deny warfighters with a common time and position coordinate, leading to:

• Delays in finding targets

• Increased exposure to threats

• Missed engagements

"Warfighter" is a term used by the United States Department of Defense to refer to any member of the US armed forces or a member of any armed forces under the US flag

 Areas of Concern

Nowadays, the military system depends on GPS, creating a potential vulnerability to the warfighters The US and allied military forces are relying more on GPS even though warfighters are not totally aware of GPSs vulnerabilities and its potential impact on the mission There are some areas that compromise the use of precision weapons in which jamming can degrade the accuracy of the weapon, resulting in:

 Increased expenditures on weapons unnecessarily

 An increase in collateral damage

Interruption of GPS can deny warfighters a common time and position coordinate, leading to:

 Delays in finding targets

 Increased exposure to threats

 Missed engagements

“Warfighter” is a term used by the US Department of Defense to refer to any member of the US armed forces or any member of any armed force under the US flag

Trang 11

Sources of GPS Signal ErrorsFactors which reduce quality of GPS signal are:

Ionosphere and troposphere delays Signal multipath Receiver clock errors Orbital errors Number of satellites visible Satellite geometry/shading Intentional degradation of the satellite signal

 Sources of GPS Signal Errors

The GPS signal includes three dissimilar bits of information:

Factors that reduce quality of GPS signals are:

 Ionosphere and troposphere delays

Signals of the satellite slow down when it passes through the atmosphere The GPS system consists of a model that identifies the average amount of delay, and partially reduces such errors

 Receiver clock errors

The receiver’s built-in clock is not synchronized with the atomic clock of the GPS satellite, resulting in a slight timing error

 Signal multipath

Such types of errors take place when the GPS signals are reflected by objects such as tall buildings or mountains before the receiver receives it Therefore, the travel time of the signal is increased

 Number of satellites visible

The greater the number of satellites a GPS receiver can see, the more accurate it is Tall surfaces such as buildings, mountains, or electronic interference, block signal reception

 Satellite geometry/ shading

It is a relative position of a satellite at a given time It takes place when satellites are placed at wide angles relative to each other Poor geometry occurs when satellites are placed in a straight line or tight grouping

 Orbital Error

Trang 12

It is a wrong location reported by the satellite, also called an ephemeris error

Intentional degradation of the satellite signals

Intentional degradation of a GPS signal is used by the US Department of Defense to prevent the usage of highly accurate signals by military adversaries US Department of Defense also calls this Selective Availability (SA)

Source: http://www8.garmin.com/aboutGPS/

Trang 13

Methods to Mitigate Signal Loss

1

• Use precision oscillators as flywheel time/frequency generators, as these oscillators “hold-over” the required specifications for some period of time until the GPS signal is recovered

Methods to mitigate GPS signal loss are:

 Methods to Mitigate Signal Loss

In addition to the military frequency codes being accessed, there are some more methods to mitigate signal loss Four satellites are required for the position’s information, but only one satellite signal is required for the basic timing/ frequency information The following are methods

to mitigate signal loss conditions:

1 The most famous timing solution is the use of precision oscillators to “hold over” required specification for some span of time until the recovery of GPS signal High performance quartz oscillators are used to “hold over” periods of one day

2 Jam-resistant antennas and receiver front-end add-ons help to minimize the risk of GPS’ signal loss These devices are of low cost, size, weight, and power consumption as compared to their military counterparts

3 Use FAA civil Aviation (Wide Area Augmentation System) infrastructure; it is a differential ground-based system providing improved position accuracy, typically 1.5 m, for CAT III aircraft landing

Trang 14

GPS Secrets

Trang 15

GPS devices also have the same but due to limited number of buttons, many complex keystrokes are necessary to open hidden menus

Source: www.the-gadgeteer.com

 GPS Hidden Secrets

Electronic devices have hidden diagnostic screens or setup menus These hidden diagnostic screens are generally not known to common users They are used by the manufacturers to diagnose the fault and a possible remedy for it

GPS devices also have the same screen but, due to the limited number of buttons, many complex keystrokes are necessary to open hidden menus If these screens are not opened by legitimate persons, it can cause lot of problems and can damage the unit

Trang 16

Secret Startup Commands in

Mark

Holding mark key down , will totally reset the unit

All data will be lost without any warning message

Enter

Holding Enter key down will show test mode screen

Three keyboard keys are important while checking secret commands, if those held down while powering the unit

 Secret Startup Commands in Garmin

Three keyboard keys are important while checking secret commands:

Mark

Holding down the Mark key at the time of powering the unit will not only tend to rearrange theunit, but also all user-supplied data and preferences will be lost The unit will be restored to factory defaults No warning message is prompted after this combination of keys

Enter

While powering the unit, holding down the Enter key will result in a test screen on the unit Final testing and calibration of the Garmin device is done with the help of the test screen This screen should not be used when the device is locked onto satellite Sometimes, the real satellite can spoof the test mode by recalibrating the unit with wrong data

Trang 17

Hard Reset/ Soft Reset

• It erases all data from GPS unit and restores it to factory default

• Hard reset is the last option when soft reset is not working

Soft Reset

 Hard Reset Keys for Garmin

Trang 18

Firmware Hacking

Tiêu đề	Hacking Global Positioning System
Trường học	EC-Council
Chuyên ngành	Ethical Hacking
Thể loại	Module
Năm xuất bản	2025
Thành phố	Not Specified

Định dạng
Số trang	37
Dung lượng	0,91 MB