We’re happy to announce that Reverse Everything founder Danilo Erazo presented How I hacked Learning Codes of the key job of a car assembled in my country at DEF CON 32 in 2024
What: How I hacked Learning Codes of the key job of a car assembled in my country Who: Danilo Erazo Where: Las Vegas, USA When: August, 2024
In this presentation, Danilo Erazo shows how it was possible to detect the use of learning codes instead of rolling codes in a key job of a car widely used in Ecuador.
For this purpose, the key job was disassembled and the HS2240 integrated circuit was detected and, using a logic analyzer, the emission of learning codes from the integrated circuit to the radio frequency LED emitter was checked. With the use of HackRF SDR, the learning code is duplicated to be able to open the car N times without needing the original key anymore, which proves that the use of learning codes is very vulnerable, just like fixed codes.
Danilo Erazo is an Independent Automotive Security Researcher and Bug Hunter from Ecuador, with experience in developing electronic devices, pentesting, software development, reverse engineering and hardware hacking. He has reported critical vulnerabilities to Huawei, KIA Corporation, KIA Ecuador, Realtek Semiconductor Corp and many Latin American Banks. He holds multiple practical certifications in cybersecurity and computer networks, such as OSWP, CEH, CBP, CCSP, CPAZ, CNSP, CAP, CPNA, CCNA, API Security for Connected Cars and Fleets, Practical Junior IoT Tester (PJIT). He is part of the DEFCON CHV. Danilo is the organizer of the Car Hacking Villa at Ekoparty, the founder of the conference PWNORDIE in Ecuador. He has been a speaker at DEFCON33, DEFCON32, Recon 2025, Hardwear USA 2025, Ekoparty 2023, 2024, Bsides Colombia 2024, 2025, etc. He also shares content about Hardware Hacking and Pentesting in his YouTube Channel @revers3everything
