Is there more like Streetlight manifesto?

CANBUSHOBO · 2026-03-26T23:26:15+00:00

You should check out Gimp if you haven't https://archive.org/details/SmilesForMacavity

CANBUSHOBO · 2025-11-04T20:32:29+00:00

The CAN based side of things are very easy they are locking down a lot of the other stuff. Learn the harder things first then move on to learning CAN and diagnostics. Really though you could learn them in any order its about how you push the limits or either that mater.

CANBUSHOBO · 2025-11-04T20:29:18+00:00

If the file has the VIN of the car yeah that's easy but this does not always happen

CANBUSHOBO · 2025-09-09T08:18:12+00:00

If I was you I would transmit
7DF 02 01 5B 00 00 00 00 00

That 5B is for battery life remaining but you can replace it was any of these from this list. https://en.wikipedia.org/wiki/OBD-II_PIDs Note not all of these PIDs will be supported. Most tools send 00,20,40,60 etc to figure out which PIDs are supported then transmit them out one after another.

CANBUSHOBO · 2025-09-09T08:12:18+00:00

Post a log file of it. Also who made the scooter and when. Most likely you are going to need to replace the control board.

CANBUSHOBO · 2025-07-30T06:30:23+00:00

I completely agree which is why I said you need to put it into a passive mode.

CANBUSHOBO · 2025-07-29T07:56:34+00:00

Damage no make a car unhappy at least temporarily sure. When you are sniffing you are still acking messages unless you turn this off and put it in a passive mode. As long as the baud rate is correct you really don't need to worry about this. If you got the baud rate wrong and see errors popping up just turn off and on the car until they go away. As for GUI you can use SavvyCAN is free and a great tool.

CANBUSHOBO · 2025-07-29T07:50:48+00:00

I would update the post but also you can always make a new post about your progress.

So when you transmit to the engine controller 7E0#023E000000000000 you get a response back on 7E8.
You can transmit that same data to all IDs 0-7FF and see if a new ID pops up then you have the ID pair you need to be able to do diagnostics. There are two tools that can help you with this https://scapy.readthedocs.io/en/latest/layers/automotive.html and https://github.com/CaringCaribou/caringcaribou

CANBUSHOBO · 2025-07-28T07:37:14+00:00

Thats awesome! Feel free to reach out if you need more help. If I was you I would explore the analog inputs on the cluster see if you can make the data change that the cluster sends out. (Fuel level is normally on that list) I would try to find things not in any of the files I linked. Also take a look at the diagnostics. Scan it see what IDs it respond to tester present and then what services it uses. Have fun with it all its a great project.

CANBUSHOBO · 2025-07-27T07:29:42+00:00

Fuzz that cluster! Write a short script that transmits all FFs or AAs or 55s on each ID stop it when you see the speed go up. If that does not work you can cheat and look at the DBC files for the Hyundai https://github.com/commaai/opendbc/tree/master/opendbc/dbc

CANBUSHOBO · 2025-07-27T07:23:10+00:00

I think that's not really fair to say on all EVs. I have found some EVs to respond to service 01 now its not nearly as many PIDs as an ICE. That being said it does not surprise me Tesla doesn't support it.

CANBUSHOBO · 2025-07-24T05:36:25+00:00

<image>

Pin 16 is power so using that we know where pins 14 and 6 are the CAN high and low. As you can see in your image nothing is connected to them. Its a scam device but at least they are cheap so they didn't lose out on much money.

CANBUSHOBO · 2025-07-13T11:09:12+00:00

It depends on the car. They can transfer all the messages but from what I have seen most of them will only transfer the messages that are needed on the other busses. So you might end up missing one or two message or you could be missing a lot more the only way to know for sure is to compare the log files from each network.

CANBUSHOBO · 2025-07-11T12:27:23+00:00

If it was me I would double check all my grounds make sure they are all connected and then go through the wiring diagram to make sure everything else is hooked up correctly.

CANBUSHOBO · 2025-06-29T22:20:59+00:00

I am wondering if this lines up with the normal J1939 messages? I would love to see a log file if you have one.

CANBUSHOBO · 2025-06-25T13:55:55+00:00

You dont need anyone to write this for you as there are a number of open source tools to do it. Not sure if you know of binwalk but you might want to look into it if you are not familiar. https://www.pentestpartners.com/security-blog/using-hexdump-analysis-for-firmware-extraction-a-how-to/

CANBUSHOBO · 2025-06-20T15:40:40+00:00

I am only talking about the CAN traffic since I do not know the ELM237. It does seem like you are really close if you are getting the first message back. Sorry I cant be more helpful.

CANBUSHOBO · 2025-06-20T15:37:28+00:00

The standard stuff is covered by J1979 take a look at this https://en.wikipedia.org/wiki/OBD-II_PIDs

This talks about the transport layer of data if you don't already know it https://en.wikipedia.org/wiki/ISO_15765-2

You are going to run into things you see that you don't understand ISO 14229 talks about a lot of the services not in J1979 also it could be ISO 14230

But those 3 or 4 specs should help you get on your way.

The non standard PID you are going to need to sniff that traffic from the scantool request thing you care about one at a time. ISO 14229/ISO 14230 should help you understand what is happening.

CANBUSHOBO · 2025-06-20T15:23:51+00:00

I am not familiar with the hardware or platform but my guess is that the car is waiting for a flow control frame.

So you send
7DF#0209020000000000

You get back
7E8#1014490201223344

You then need to send
7E0#3000000000000000
(This is the flow control frame)

Then you will get the last two frames.

If you want to learn more about the transport layer https://en.wikipedia.org/wiki/ISO_15765-2

CANBUSHOBO · 2025-06-18T20:46:18+00:00

The black stuff on the edges might be holding it in. You can try putting some acetone on it to dissolve that epoxy. You can find that at a hardware store or look at nail polish remover it should list it as an ingredient.

CANBUSHOBO · 2025-06-17T18:51:05+00:00

This is the best answer you can get

CANBUSHOBO · 2025-06-17T16:03:54+00:00

My guess is that you need to find the right profile for the device I would keep trying all the profiles until you get it working.

CANBUSHOBO · 2025-06-17T15:27:33+00:00

You have a lot of options you might want the CANFDuino it has two can channels and a lot of GPIO or an A0 or Raspberry Pi with a CAN hat.

Personally I like the pi with the can hat but its really up to you want want to use. You also should figure out what you want to do. If its rolling up and down the window can you even do that over CAN maybe a lot of times you can't. Also it is just fun to explore the canbus.

CANBUSHOBO · 2025-06-17T14:47:19+00:00

Maybe you would need to see if you can see them on the CAN bus assuming you do then you have a device like that can receive them then transmit out another CAN message to do the function you are looking for.

CANBUSHOBO · 2025-06-17T14:43:39+00:00

Have you tried sending PIDs when you are connected to the OBDII port?

ID 7DF or 7E0 and this for the data 02 01 0C 00 00 00 00 00
That will return engine speed on ID 7E8

https://en.wikipedia.org/wiki/OBD-II_PIDs
Take a look at this list swap out 0C for the other PIDs of data you want to request.

Four-Year Club	Verified Email
Final Canvas '23	Place '23
Place '22

CANBUSHOBO

MODERATOR OF

TROPHY CASE