Тема: SWaP коды
Показать сообщение отдельно
Старый 20.07.2019, 19:41   #213 (permalink)
Новичок
 
Регистрация: 20.05.2019
Сообщений: 7
Вы сказали Спасибо: 0
Поблагодарили 0 раз(а) в 0 сообщениях
Сказал(а) Фууу!: 0
Сказали Фууу! 0 раз(а) в 0 сообщениях
Откуда: Taiwan
Авто: Golf
По умолчанию

I can not share because it different by firmware version.
You can do it by yourself if you have de-compile tool to hack the firmware.

2 approach to hack...
1. checkRIPEMDSignature - Allow you input your SWaP via ODIS-E (Only need a valid signature)
2. checkSHA1Signature - For use with exception list.

I know maybe many people know and could do these.

For the exception list, if you can find a sha1 collision to match the signature
(i.e. Make your exception list have same sha1 checksum with some other file.)
This would be the best way. You would not need to hack the firmware and it would be usable in all version of MHI2.

btw
There is a group(?) claimed they could retrofit MRR ACC with 3Q0 gateway.
I think they use similar way.

Any friends know how to hack other component like ACC or Gateway?
Please let me know. Even you know how to write modified firmware would be helpful.

----------

Цитата:
нашел такое:
Составляешь Swap
Ингредиенты: Vin+vcrm+publickey+privatekey=Swap
Попробуй!
According to my experiment in MHI2.

I hacked signature check.

I found the SWaP only related to VCRN and date. (Date could not older than existed SWaP). VIN is not important.

The VCRN could be measured by measurement function of ODIS-E.
I think if you have some way to make the ECU have same VCRN with know signature, it should be works.

Последний раз редактировалось jvkk; 20.07.2019 в 19:26..
jvkk вне форума   Ответить с цитированием