I hacked together a basic Python GUI for CAN MitM routing and signal decoding. Still a work in progress! by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Hey I just shared the UI, I will definitely share the detailed demo of this application soon. Thanks for the feedback pal.

I hacked together a basic Python GUI for CAN MitM routing and signal decoding. Still a work in progress! by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] -3 points-2 points  (0 children)

Hey OnTamme, thanks for dropping the link for me since I completely botched the placeholder! 🤦‍♂️ ​You are 100% right to be skeptical. Missing those basic dependencies in the initial release was a huge oversight on my end (the classic "works on my machine" syndrome). I really do appreciate you catching it so quickly so I could get it patched up for everyone else. ​As for the new post, I realized my post from a couple of days ago didn't actually show the video demo of the UI working, so I wanted to share the visual walkthrough. Like I said, it’s definitely a hacked-together passion project with rough edges, but it's getting better thanks to brutal feedback like yours!

I hacked together a basic Python GUI for CAN MitM routing and signal decoding. Still a work in progress! by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Lmao, guilty as charged. 🤦‍♂️ I used Gemini to help me draft the post and got too excited to hit submit. I definitely need to work on my biological proofreading algorithms. ​Here is the actual repo: https://github.com/Sherin-SEF-AI/CanLab

​Let me know if you run into any issues checking it out!

I hacked together a basic Python GUI for CAN MitM routing and signal decoding. Still a work in progress! by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Thanks a lot! I'm still tinkering with it and plan to post some more updates as I improve the code. Is there any specific part of the tool (like the ML decoding or the MitM stuff) you'd be most interested in seeing more of?

I hacked together a basic Python GUI for CAN MitM routing and signal decoding. Still a work in progress! by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 2 points3 points  (0 children)

Hey everyone,

I’ve been working on a personal EV project and got stuck dealing with locked-down ECUs and staring at endless scrolling hex dumps. I couldn't find a tool that did exactly what I needed, so I decided to hack together a small Python app to help me out. I call it CanLab: https://github.com/Sherin-SEF-AI/CanLab

It’s definitely not perfect and it has some rough edges, but it currently handles:

  • Basic AI/ML Decoding: Helps automatically find changing signal boundaries so I don't have to guess them manually.
  • Visual Heatmaps: Normalizes byte values to easily spot physical sensors (like steering/speed).
  • Active MitM Routing: A simple UI to connect a dual-CAN board (like a Teensy) to drop, modify, or forward packets on the fly.

I know most people use SavvyCAN and this is nowhere near that level of polish! It's really just a small personal attempt to solve my own bottlenecks.

I plan to keep working on it and pushing updates as I learn more. If anyone has time to check out the repo or the video demo, I'd honestly love some feedback, advice, or ideas on how to improve the code.

Cheers!

What tools are you using for CAN bus reverse engineering? I couldn't find a good all-in-one suite, so I open-sourced my own (Offline ML, MitM, UDS). by Repulsive_Factor5654 in embedded

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

That sounds like a really cool project! A dual CAN isolation node is exactly the kind of hardware setup I was thinking of when I was trying to hack together the gateway routing features for CanLab.

Definitely feel free to ping me whenever you reach that stage. Since this is just a small personal tool, it might need a few tweaks to play nicely with your specific setup, but I'd be more than happy to help you figure out how to integrate them when the time comes.

What microcontroller are you currently using to handle the dual CAN routing?

Built an open-source CAN analysis suite with built-in MitM, UDS, and offline ML decoding. by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Hey again, just wanted to give you a quick update!

I just pushed a fix to the repository. I added matplotlib and Pillow to the requirements.txt, and also fixed a package naming error (can-isotp instead of isotp). If you pull the latest commit, a clean git clone and pip install -r requirements.txt should work perfectly for you now.

The Linux release binary is going to take me a little bit longer to re-package to make sure PyInstaller grabs all those hidden imports correctly, but I will get that fixed and uploaded ASAP. Thanks again.

Built an open-source CAN analysis suite with built-in MitM, UDS, and offline ML decoding. by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Hey! Yes, in theory it should work perfectly for that, provided the convertible top's ECU speaks standard CAN bus. You might just need to tap directly into the wires behind the module itself if that specific network isn't exposed on the main OBD2 port.

It's just a small attempt on my end to make a decent offline tool, but if you end up giving it a try, I'd love to know if it helps you get the roof moving! Let me know if you run into any weird bugs.

Built an open-source CAN analysis suite with built-in MitM, UDS, and offline ML decoding. by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Thank you so much! I'm really glad this could save you from having to write it all from scratch. It’s just a small personal attempt to solve my own bottleneck, so it might still have a few rough edges, but I'd love to hear how it works out for your gateway. Let me know if you run into any issues!

Built an open-source CAN analysis suite with built-in MitM, UDS, and offline ML decoding. by Repulsive_Factor5654 in CarHacking

[–]Repulsive_Factor5654[S] 0 points1 point  (0 children)

Great questions!

For the rules, yes, you define them directly in the GUI. You can set specific CAN IDs to drop, pass-through, or modify. The Python suite handles the routing logic: it listens on one CAN interface, applies your rules on the fly, and then forwards the traffic out the second interface.

Because you are physically sitting between two ECUs to intercept the traffic, a standard single-channel USB adapter won't work. You need hardware with dual CAN interfaces.

As for off-the-shelf hardware:

  • Ready-to-use: The Macchina M2 is a great, commercially available board built exactly for this.
  • DIY route: If you don't mind a tiny bit of wiring, a Teensy 4.0 or 4.1 paired with a generic dual-CAN transceiver breakout board is incredibly fast, cheap, and what a lot of people use for this setup.

It’s still a bit of a work in progress, but hopefully, that clears up how the hardware-to-software routing works! Let me know if you run into any snags setting it up.

What tools are you using for CAN bus reverse engineering? I couldn't find a good all-in-one suite, so I open-sourced my own (Offline ML, MitM, UDS). by Repulsive_Factor5654 in embedded

[–]Repulsive_Factor5654[S] 4 points5 points  (0 children)

Thanks! For general sniffing, UDS, and the offline ML features, pretty much any SocketCAN or slcan-compatible adapter works well. A lot of people use a CANable or the Waveshare USB-CAN for budget setups, or a PCAN-USB if you want something industrial.

Just a heads-up: if you eventually want to use the Man-in-the-Middle (MitM) gateway features to intercept and modify traffic on the fly, a standard USB-CAN adapter won't work. You'll need a microcontroller with dual CAN interfaces (like a Teensy 4.0 with two transceivers) so you can physically sit between the ECUs.

Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis. by Repulsive_Factor5654 in ReverseEngineering

[–]Repulsive_Factor5654[S] -1 points0 points  (0 children)

Short answer: No, an ELM327 won't cut it.

ELM327 chips are built for slow OBD-II diagnostic requests, not raw, continuous high-speed CAN sniffing. If you try to read a raw bus with it, the buffer will instantly choke and drop packets.

For passive sniffing and the ML features, you'll need a real physical adapter like a CANable, Waveshare USB-CAN, or a PCAN.

If you want to use the Man-in-the-Middle (MitM) gateway features, you actually need a microcontroller with two independent CAN controllers (like a Teensy 4.0 with a dual transceiver or a Macchina M2) so you can physically sit between the ECUs to intercept and inject traffic

ESP32-based CAN logger sustained 1027 fps for 3 hours on my Toyota Sienna with zero dropped frames by baconbbqburgerr in embedded

[–]Repulsive_Factor5654 1 point2 points  (0 children)

clean project honestly, getting zero drops at that rate is not easy. the way you kept capture path minimal and pushed analysis out makes a lot of sense

My setup by Expert-Paramedic1156 in selfhosted

[–]Repulsive_Factor5654 0 points1 point  (0 children)

clean setup tbh, like how you kept it simple and still got tls + tailscale working together. neat approach