{"uuid": "45a03370-0ceb-45dc-8063-d67f0d26e653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27254", "type": "published-proof-of-concept", "source": "https://t.me/PentestingShop/285", "content": "\u200b\u200bHackRF One + Portapack H2 Mayhem\n\nThe HackRF is an exceptionally capable software defined radio (SDR) transceiver, but naturally you need to connect it to a computer to actually do anything with it. So the PortaPack was developed to turn it into a stand-alone device with the addition of a touchscreen LCD, a few buttons, and a headphone jack. With all the hardware in place, it\u2019s just a matter of installing a firmware capable enough to do some proper RF hacking on the go.\n\nEnter MAYHEM, an evolved fork of the original PortaPack firmware that the developers claim is the most up-to-date and feature packed version available. Without ever plugging into a computer, this firmware allows you to receive, decode, and re-transmit a dizzying number of wireless protocols. From firing off the seating pagers at a local restaurant to creating a fleet of phantom aircraft with spoofed ADS-B transponders, MAYHEM certainly seems like it lives up to the name.\n\nDetailed blog post about installing and using MAYHEM on the HackRF/PortaPack, complete with a number of real-world examples that show off just a handful of possible applications for the project. Jamming cell phones, sending fake pager messages, and cloning RF remotes is just scratching the surface of what\u2019s possible.\n\nExample of use: exploitation of a Honda vulnerability Honda's Remote Keyless System (CVE-2022-27254)\n\nFirmware to open any and all Tesla vehicle charging ports in range!\n\nBuy online: \n\ud83d\uded2 https://bit.ly/41HS7D3\n\n#radio #RF #SDR", "creation_timestamp": "2023-04-30T17:52:58.000000Z"}