public bool Broadcast()
{
bool OBD_Module_Present = false;
//Send a broadcast message and return the responses in Results
GetMessageResults Results = session_channel.MessageTransaction(TxMessage, 200,
new Predicate <J2534Message>(msg =>
{
RxMessage.RawMessage = msg.Data;
return(RxMessage.SAEMode == SAEModes.REQ_DIAG_DATA_RESPONSE && RxMessage.PID == 0x00);
}));
Results.Messages.ForEach(msg =>
{
OBD_Module_Present = true;
RxMessage.RawMessage = msg.Data;
//Duplicates are probably not a serious concern as long as the callign method
//Is well designed. The check here is for robustness and a lack of concern for
//speed here.
//Check for duplicates, and do not proceed if a module has already been entered
//That has a matching address.
if (!OBDModuleList.Where(module => module.Address == RxMessage.TargetAddress).Any())
{
ModuleData Module = new ModuleData(RxMessage.SourceAddress);
Module.Parse_PID_Validation_Bytes(0, RxMessage.SAEData);
OBDModuleList.Add(Module);
}
});
//Finish validating PIDS for each module detected
OBDModuleList.ForEach(module => { ValidatePIDS(module); });
return(OBD_Module_Present);
}
public bool CatchBroadcastMessage(int Timeout = 200)
{
GetMessageResults Results = channel.GetMessages(1, Timeout, broadcast_rx_handle, false);
if (Results.Status.IsNotOK)
{
return(false);
}
broadcastmessage = (byte [])Results.Messages[0].Data;
channel.RemoveMessageScreen(broadcast_rx_handle);
return(true);
}
public List <byte[]> SAERx(object RxHandle, int NumOfMsgs, int Timeout, bool DestroyHandle = false)
{
List <byte[]> Messages = new List <byte[]>();
J1850Message MessageParser = new J1850Message(default_message_prototype);
GetMessageResults Results = channel.GetMessages(NumOfMsgs, Timeout, (Predicate <J2534Message>)RxHandle, DestroyHandle);
if (Results.Messages.Count > NumOfMsgs)
{
int a = 1;
}
Results.Messages.ForEach(j2534message =>
{
MessageParser.RawMessage = (byte [])j2534message.Data; //This should always be a byte [] so, no type checking is done.
Messages.Add(MessageParser.Data);
});
return(Messages);
}
public byte[] ReadResponse(string originalMessageAsStringForDebug, bool testerPresenceRequest)
{
byte[] response = Array.Empty <byte>();
// before reading from ecu, check if there were out-of-order responses that were stored
if (OutOfOrderBytesList.Count > 0)
{
return(OutOfOrderBytesList.Dequeue());
}
// read response from ecu
Stopwatch sw = new Stopwatch();
sw.Start();
bool waitingForPacket = true;
while (waitingForPacket)
{
if (sw.ElapsedMilliseconds > 2500) // is this P2_TIMEOUT? initially picked 2000 since that is the minimum for tester presence
{
Console.WriteLine($"[!] Internally timed out: {originalMessageAsStringForDebug}");
sw.Stop();
break;
}
GetMessageResults readResult = ConnectionChannel.GetMessage();
if (readResult.Result == ResultCode.STATUS_NOERROR)
{
foreach (Message row in readResult.Messages)
{
if (row.Data.Length < 4)
{
Console.WriteLine($"[!] Discarding received message (invalid size): {BitUtility.BytesToHex(row.Data, true)}");
continue;
}
byte[] identifier = row.Data.Take(4).ToArray();
if (!identifier.SequenceEqual(RxCanIdentifier))
{
if (identifier.SequenceEqual(CanIdentifier))
{
// quietly ignore if it is our can id, usually empty packet
continue;
}
Console.WriteLine($"[!] Discarding received message (unknown sender): {BitUtility.BytesToHex(row.Data, true)} expects {BitUtility.BytesToHex(RxCanIdentifier, true)}");
continue;
}
// skip can identifier
byte[] rxMessageBody = row.Data.Skip(4).ToArray();
if (rxMessageBody.Length == 0)
{
continue;
}
response = rxMessageBody;
LogRead(response);
// if it's a tester presence response, skip it and retry for another packet
if (ConnectionProtocol.IsResponseToTesterPresent(response))
{
// if it is a TP request, we can exit now
if (testerPresenceRequest)
{
return(Array.Empty <byte>());
}
else
{
// accidentally received an out-of-order TP response, silently discard it
continue;
}
}
else
{
// TP receiving someone else's valid command, push it back into the queue and exit
if (testerPresenceRequest)
{
OutOfOrderBytesList.Enqueue(response);
return(Array.Empty <byte>());
}
else
{
// received a packet normally, check in parent caller if the ECU was asking us to wait
waitingForPacket = false;
break;
}
}
//Console.WriteLine($"ECU: {BitUtility.BytesToHex(messageBody, true)}");
}
}
else if (readResult.Result == ResultCode.BUFFER_EMPTY)
{
// nothing in the mailbox, try again
Console.WriteLine($"[!] Retrying: empty buffer: {readResult.Result} for request {originalMessageAsStringForDebug}");
}
else
{
Console.WriteLine($"[!] Error in receive result: {readResult.Result}");
break;
}
}
return(response);
}
static void Main(string[] args)
{
Console.WriteLine("E38 unlocker ");
Console.WriteLine("Enter key to start with. 0x0000 for full range ");
keystring = Console.ReadLine();
if (keystring == "")
{
keystring = "0000";
}
key = Convert.ToInt32(keystring, 16);
if (key < 0x0000 || key > 0xffff)
{
Console.WriteLine("please enter a key between 0x0000 and 0xffff");
Main(args);
}
Console.WriteLine($"Starting brute force with {key:X4}"); //Console.WriteLine($"{i:X4}");
Channel Channel = APIFactory.GetAPI(DllFileName).GetDevice().GetChannel(Protocol.ISO15765, Baud.ISO15765, ConnectFlag.CAN_29BIT_ID);
Channel.StartMsgFilter(new MessageFilter(UserFilterType.STANDARDISO15765, new byte[] { 0x00, 0x00, 0x07, 0xE0 }));
System.Threading.Thread.Sleep(50);
Channel.SendMessage(new byte[] { 0x00, 0x00, 0x07, 0xE0, 0x09, 0x02 });
GetMessageResults Response = Channel.GetMessages(3, 500);
Vin = HexStringToString(BitConverter.ToString(Response.Messages[2].Data).Replace("-", "").Substring(14, 34));
Console.WriteLine($"Vin is {Vin}");
if (Vin.Length != 17)
{
Console.WriteLine("Vin is not correct, problem.. exiting");
Main(args);
}
Console.WriteLine("please make note of last key tried if you need to stop, then start with last key tried to continue");
for (int trykey = key; trykey < 0x10000; trykey++)
{
Channel.SendMessage(new byte[] { 0x00, 0x00, 0x07, 0xE0, 0x27, 0x01 });
GetMessageResults Seedrequest = Channel.GetMessages(2);
message = (BitConverter.ToString(Seedrequest.Messages[1].Data).Replace("-", ""));
Console.WriteLine($"Response from Seed request is {message}");
if (message.Contains("6701"))
{
Console.WriteLine("Seed request response OK"); // key = 0x1234
keystring = trykey.ToString("X4");
byte key1 = Convert.ToByte(keystring.Substring(0, 2), 16);
byte key2 = Convert.ToByte(keystring.Substring(2, 2), 16);
Channel.SendMessage(new byte[] { 0x00, 0x00, 0x07, 0xE0, 0x27, 0x02, key1, key2 });
GetMessageResults Unlocked = Channel.GetMessages(2);
message = (BitConverter.ToString(Unlocked.Messages[1].Data).Replace("-", ""));
if (!message.Contains("670"))
{
Console.WriteLine($"Error!! Unlock failed using {key1:X2} {key2:X2} for key, Response was {message}");
System.Threading.Thread.Sleep(9980);
}
else
{
Console.WriteLine("!!!!! Unlocked- OK");
Console.WriteLine($"Key used to unlock was 0x{trykey:X4}");
File.WriteAllText(AppDomain.CurrentDomain.BaseDirectory + @"\" + "key.txt", $"Key used to unlock was 0x{trykey:X4}");
Console.WriteLine("Press any key to close, make sure you note the key used!!! ");
Console.WriteLine("Key is also saved as key.txt");
Console.ReadKey();
Environment.Exit(0);
}
}
else
{
Console.WriteLine($"Error!! Response from Seed request is {message}");
System.Threading.Thread.Sleep(9980);
trykey--; // try the same key again
// do we quit or keep on going??
}
}
APIFactory.StaticDispose();
// Channel.ClearMsgFilters();
Console.WriteLine("Press any key to end ");
Console.ReadKey();
}
static void Logdata()
{
Connect();
// System.Threading.Thread.Sleep(40);
//// now its connected.. now what?? Can I read messages and wait to see a certain message? then read and log all messages?
var filePath = string.Empty;
using (SaveFileDialog saveFileDialog = new SaveFileDialog())
{
saveFileDialog.InitialDirectory = "c:\\";
saveFileDialog.Filter = "txt files (*.txt)|*.txt";
saveFileDialog.FilterIndex = 2;
saveFileDialog.RestoreDirectory = true;
if (saveFileDialog.ShowDialog() == DialogResult.OK)
{
filePath = saveFileDialog.FileName;
File.Delete(filePath);
using (StreamWriter w = File.AppendText(filePath))
{
int l = 0;
Console.WriteLine("Press any key to stop logging");
Console.WriteLine("starting log in 2 seconds");
System.Threading.Thread.Sleep(1000);
Console.WriteLine("starting log in 1 second");
System.Threading.Thread.Sleep(1000);
Console.WriteLine("Starting log");
while (Console.KeyAvailable == false)
{
GetMessageResults Logdata = A.Channel.GetMessage();
if (Logdata.Result == 0)
{
String line = BitConverter.ToString(Logdata.Messages[0].Data).Replace("-", "").Remove(0, 5);
switch (filter)
{
case 0:
{
w.WriteLine(line);
if (Debug)
{
Console.WriteLine(line);
}
Console.WriteLine(l);
break;
}
case 1:
{
if (line.StartsWith("7E0") || line.StartsWith("7E8") || line.StartsWith("7DF") || line.StartsWith("101"))
{
w.WriteLine(line);
if (Debug)
{
Console.WriteLine(line);
}
Console.WriteLine(l);
}
break;
}
case 2:
{
if (line.StartsWith("7E2") || line.StartsWith("7EA") || line.StartsWith("7DF") || line.StartsWith("101"))
{
w.WriteLine(line);
if (Debug)
{
Console.WriteLine(line);
}
Console.WriteLine(l);
}
break;
}
case 3:
{
if (line.StartsWith("7E0") || line.StartsWith("7E8") || line.StartsWith("7E2") || line.StartsWith("7EA") || line.StartsWith("7DF") || line.StartsWith("101"))
{
w.WriteLine(line);
if (Debug)
{
Console.WriteLine(line);
}
Console.WriteLine(l);
}
break;
}
case 4:
{
if (line.StartsWith("7DF") || line.StartsWith("101") || line.StartsWith("7EB") || line.StartsWith("641"))
{
w.WriteLine(line);
if (Debug)
{
Console.WriteLine(line);
}
Console.WriteLine(l);
}
break;
}
}
l++;
}
}
Console.WriteLine("finished, your file was saved to " + filePath);
Console.WriteLine("Press any key to exit program, please note your log file location");
w.Close();
Console.ReadKey(); // delay
APIFactory.StaticDispose();
}
}
}
}
public byte[] SendMessage(IEnumerable <byte> message, bool quiet = false)
{
byte[] response = Array.Empty <byte>();
// hack: "quiet" is almost always for tester presence, this prevents tester presence from interrupting existing transactions
if (TransactionInProgress && quiet)
{
return(response);
}
TransactionInProgress = true;
CommunicationsLogHighLevel.Append($"W {BitUtility.BytesToHex(message.ToArray(), true)}\r\n");
// prepare data to send
List <byte> packet = new List <byte>(CanIdentifier);
packet.AddRange(message);
string messageAsString = BitUtility.BytesToHex(message.ToArray(), true);
if (!quiet)
{
// LogPacket(message, true);
}
if (ConnectionDevice is null)
{
Console.WriteLine($"[!] Attempted to write into an invalid device, data: {messageAsString}");
TransactionInProgress = false;
return(response);
}
if (ConnectionChannel is null)
{
Console.WriteLine($"[!] Attempted to write into an invalid channel, data: {messageAsString}");
TransactionInProgress = false;
return(response);
}
// try to send the message
try
{
ConnectionChannel.SendMessage(packet);
}
catch (Exception ex)
{
Console.WriteLine($"[!] Exception while sending {messageAsString} : {ex.Message}");
TransactionInProgress = false;
return(response);
}
// reset the heartbeat timer
TesterPresentTimer.Stop();
TesterPresentTimer.Start();
// read response from ecu
Stopwatch sw = new Stopwatch();
sw.Start();
bool waitingForPacket = true;
while (waitingForPacket)
{
if (sw.ElapsedMilliseconds > 2500) // is this P2_TIMEOUT? initially picked 2000 since that is the minimum for tester presence
{
Console.WriteLine($"[!] Internally timed out: {messageAsString}");
sw.Stop();
break;
}
GetMessageResults readResult = ConnectionChannel.GetMessage();
if (readResult.Result == ResultCode.STATUS_NOERROR)
{
foreach (Message row in readResult.Messages)
{
if (row.Data.Length < 4)
{
Console.WriteLine($"[!] Discarding received message (invalid size): {BitUtility.BytesToHex(row.Data, true)}");
continue;
}
byte[] identifier = row.Data.Take(4).ToArray();
if (!identifier.SequenceEqual(RxCanIdentifier))
{
if (identifier.SequenceEqual(CanIdentifier))
{
// quietly ignore if it is our can id, usually empty packet
continue;
}
Console.WriteLine($"[!] Discarding received message (unknown sender): {BitUtility.BytesToHex(row.Data, true)} expects {BitUtility.BytesToHex(RxCanIdentifier, true)}");
continue;
}
// skip can identifier
byte[] rxMessageBody = row.Data.Skip(4).ToArray();
if (rxMessageBody.Length == 0)
{
continue;
}
if (!quiet)
{
// LogPacket(rxMessageBody, false);
}
response = rxMessageBody;
waitingForPacket = false;
break;
//Console.WriteLine($"ECU: {BitUtility.BytesToHex(messageBody, true)}");
}
}
else if (readResult.Result == ResultCode.BUFFER_EMPTY)
{
// nothing in the mailbox, try again
Console.WriteLine($"[!] Retrying: empty buffer: {readResult.Result} for request {BitUtility.BytesToHex(message.ToArray())}");
}
else
{
Console.WriteLine($"[!] Error in receive result: {readResult.Result}");
break;
}
}
CommunicationsLogHighLevel.Append($"R {BitUtility.BytesToHex(response.ToArray(), true)}\r\n");
TransactionInProgress = false;
return(response);
}