NefMoto

Technical => Reverse Engineering => Topic started by: ankpyt on May 01, 2024, 02:33:44 AM



Title: Bypass the immobilizer ECU MED17
Post by: ankpyt on May 01, 2024, 02:33:44 AM
Maybe someone will tell me. The Tiguan 2 2021 car is powered by a 1.4 engine. I want to bypass the immobilizer for autorun. I was unloaded from the VW MED17 ECU data with security key 128 bit  , MAC, Power class. How does the ECU and key authorization work? There are suggestions that the data is encrypted with the AES 128 algorithm using the security key(CS). There is CAN bus data, but it is difficult to understand. I would like to understand which messages are in CAN, and how AES 128 is applied to them.

ID 01B | 0A 6C C2 EB F1 8D 2A A8
ID 01A | 2 AD 81 82 2F 0 0 7
         
ID 29E | FA B3 60 D0 74 E3 AF D3
ID 17330A11 | 40 0 1 14   
ID 17FE0114 | 3 40 1 3 AA AA AA AA
ID 29F | C4 E7 D9 45 0 0 0 0

ID 17FC0114 | 10 0B 80 1 6E 29 50 70
ID 17FE0114 | 30 0F 5 AA AA AA AA AA
ID 17FC0114 | 21 95 B4 68 A1 10 AA AA
         
ID 17FE0114 | 10 0B C0 1 80 1F 81 73
ID 17FC0114 | 30 0F 5 AA AA AA AA AA
ID 17FE0114 | 21 30 B6 FA E9 10 AA AA
         
ID 17FC0114 | 10 0B 80 2 17 71 AB CD
ID 17FE0114 | 30 0F 5 AA AA AA AA AA
ID 17FC0114 | 21 52 6A 72 74 10 AA AA
         
ID 17FE0114 | 10 0B C0 2 1C C5 46 7A
ID 17FC0114 | 30 0F 5 AA AA AA AA AA
ID 17FE0114 | 21 7B 22 EA A2 10 AA AA


Title: Re: Bypass the immobilizer ECU MED17
Post by: prj on May 01, 2024, 09:45:00 AM
https://xyproblem.info/ (https://xyproblem.info/)

Patch the immobilizer in flash, done.