I am pretty sure that today that link is encrypted with a code that changes on each access. So if you capture the code it will not work a second time. You need to use one that is valid and for that you need the encryption key.palmermd said:I found the "skeleton key" that fits any car.
I'm pretty sure this is the preferred one for most thieves. Why go to all the trouble to learn can codes for all these cars and then try to get inside the car to gain access to the CAN. Heck, it would probably be far easier to just capture the signal from the RFID in the key itself and build a copy of the key. Just walk close to the person with the key in their pocket and have your laptop have a little conversation with the key in their pocket such that the key thinks its talking to the car.
Turbo3 said:palmermd said:I am pretty sure that today that link is encrypted with a code that changes on each access. So if you capture the code it will not work a second time. You need to use one that is valid and for that you need the encryption key.
Well that is disappointing. Something in the car is "listening" for the unlock from the key so there must be a way but perhaps not over CAN.The ECU that controls the doors does not respond to the CAN when the Leaf is off.
Thank goodness and Nissan for at least a slightly secure locking system.kevinleaf said:... to unlock and start but it hooks to more than the OBD-II port. They somehow tap into the immobilizer and probably the lock wires. Seems with OBD-II alone it won't be doable.
kevinleaf said:Update on this:
During the Leaf / EV Hackathon we investigated this a bit more. There is a company out there http://www.getlocalmotion.com" onclick="window.open(this.href);return false; that has a device that will remotely enable a LEAF (and other cars) to unlock and start but it hooks to more than the OBD-II port. They somehow tap into the immobilizer and probably the lock wires. Seems with OBD-II alone it won't be doable.
Not necessarily: I am willing to lock my car without arming if this is possible, so I can also unlock without disarming. In cases where I am actively charging I'd just lock my car in this remote way without setting the alarm. If possible...Short version is unlock by can without disarm is useless.
Yes, one PTS push wakes up the CAR-CAN for a little over 40 seconds.kevinleaf said:Interesting. So pushing the PTS button wakes up the CAN bus even if no keys are in the car? This would be interesting to experiment with.
Enter your email address to join: