NefMoto

Technical => Reverse Engineering => Topic started by: chackiem on January 05, 2023, 12:18:11 PM



Title: bosch mg1 security access
Post by: chackiem on January 05, 2023, 12:18:11 PM
Hi,
I'm researching mg1 ecu and now stuck on security access, actually on two.
I can talk with ecu on bench and read mcu id, boot and security versions using 0x21 command. I believe it's sboot.
First security access request is done by sending 0x27 0x7F and getting 14 random bytes + one static byte, response to that is 0x27 0x80 with 128 bytes payload, where only last 20 are different each time.
Second security access is done by 0x27 0x01 and getting 4 random bytes, where response is 0x27 0x02 + 4 bytes answer.

Need help :)


Title: Re: bosch mg1 security access
Post by: prj on January 05, 2023, 04:14:16 PM
If you have the full dump of the ECU already then reverse the comms stack.
Or post it in services and ask if someone will sell it to you.

Not sure what you are looking for, since it seems like you've done zero reversing so far and just sniffed comms.


Title: Re: bosch mg1 security access
Post by: chackiem on January 06, 2023, 06:33:20 AM
I'm looking for an algo and keys for security access in this unit.
@prj, do you have such information ? I started reverse but it's not something that could be done in a minute.
Service section seems to be dead, so if anyone have something to offer - dm me.


Title: Re: bosch mg1 security access
Post by: terminator on January 06, 2023, 05:39:47 PM
Did you figure out the compression/encryption method? I mean after SA you can read it but the data is encrypted.


Title: Re: bosch mg1 security access
Post by: unicornux on January 08, 2023, 05:29:10 AM
Please send your ecu dump file to do a preliminary check. This can be very helpful.
So, according to the your message you could figure out first seed/key algo. do you want the second one now?
Do you have a sample for verification?


Title: Re: bosch mg1 security access
Post by: Geremia on January 08, 2023, 06:20:06 AM
...response to that is 0x27 0x80 with 128 bytes payload, where only last 20 are different each time.

if this doesn't trigger any idea in your head, it explains me certainly one thing: you choosed the wrong target for a quick&dirt "sniff a tool and replicate the trick", there are so many things that you are missing and a lot more will come later after you pass sk, sorry.


Title: Re: bosch mg1 security access
Post by: terminator on January 08, 2023, 07:28:35 AM
Please send your ecu dump file to do a preliminary check. This can be very helpful.

I'm not sure but I think the algo is related to the processor's model.


Title: Re: bosch mg1 security access
Post by: chackiem on January 08, 2023, 12:26:44 PM
Did you figure out the compression/encryption method? I mean after SA you can read it but the data is encrypted.
Plain data transfer is available.

Please send your ecu dump file to do a preliminary check. This can be very helpful.
So, according to the your message you could figure out first seed/key algo. do you want the second one now?
Do you have a sample for verification?
Nope, first one looks more complicated, trying to figure out structure of that 128 bytes data ...

if this doesn't trigger any idea in your head, it explains me certainly one thing: you choosed the wrong target for a quick&dirt "sniff a tool and replicate the trick", there are so many things that you are missing and a lot more will come later after you pass sk, sorry.
I'm not sure about what "idea" you are talking about, could you please share your thoughts on that ? I could guess, maybe do you think it's rsa1024 because of 128 bytes ?


Title: Re: bosch mg1 security access
Post by: instantioc on October 03, 2023, 12:37:10 PM
Any progress on this?


Title: Re: bosch mg1 security access
Post by: janek51a on November 11, 2023, 02:40:12 PM
Try this …


Title: Re: bosch mg1 security access
Post by: prj on November 11, 2023, 02:55:03 PM
I'm not sure what the point is of posting a random dll which relies on the official method.
The official method is clear, you need a smartcard, which can do the private/public key crypto.