Hah, you can't root your car with T-can. Its CAN diagnostic tool, work with CAN network. It have features to get diagnostic modes, but not more. You can't change config with this.
Root FAQ
- Thread starter Hydrocarbon302
- Start date
rooter
Member
C'mon gwxfer, let's be helpful.
We are trying to have a civilization here, peoples...
We are trying to have a civilization here, peoples...
IndyToronto
Member
For this idea to work, you need to setup a path to connect to the actual tesla OS via a telnet/putty type interface than opens a shell command line interface (maybe), then you need some means to open up a new file system (perhaps on the USB) and that you can then copy files over --- you will also need a compiler toolkit that will generate binary compatible to the CPU (Tegra or intel) in a format that it will recognize that can be loaded [is it linux? Don't know] .
I don't know if any of those paths are left open. Sure, the Tesla will have an IP address when it connects to your home wifi but you have to try a whole bunch of tools to see if any port/protocol is left open --- something probably is there listening on some port, so it would be interesting to see what works.
Even if you do find a port and protocol that might work I doubt it's easily hacked --- probably heavily protected with really nasty encryption. Might be a fun project to someone with enough time on his hands.
I don't know if any of those paths are left open. Sure, the Tesla will have an IP address when it connects to your home wifi but you have to try a whole bunch of tools to see if any port/protocol is left open --- something probably is there listening on some port, so it would be interesting to see what works.
Even if you do find a port and protocol that might work I doubt it's easily hacked --- probably heavily protected with really nasty encryption. Might be a fun project to someone with enough time on his hands.
rooter
Member
Actually, there's now an app on github by Gekzy called nikola, which lets you remotely control your car from your phone. Works over a reverse SSH connexion directly to the car.
So far I've set up regular status reporting of the car to my home server, as well as backup of critical files, but haven't had time to experiment with nikola. Wish I did have the time.
I have extended and secured many of Gekzy's scripts and am grateful for his trailblazing work.
So far I've set up regular status reporting of the car to my home server, as well as backup of critical files, but haven't had time to experiment with nikola. Wish I did have the time.
I have extended and secured many of Gekzy's scripts and am grateful for his trailblazing work.
Thanks guys, but as @gwxfer say: "T-CAN is diagnostic tool and work with CAN network" .. I know tjat must be LAN.
I think I know how to do more less.
I need to get to the Tesla LAN network,
- I know the connector is on the left or right pillar.
- I know there is an RJ45 connector there, which is an ordinary network connector.
- I can connect with my laptop,
- scan the LAN network, and then knowing the IP class, I can assign myself an IP address ie: 192.172.176.43 from the same pool to my laptop's ethernet adapter.
Then I can scan the ports in my car.
If SSH port 22 is open, I can try to hackit, but Tesla could have changed the port, it could be different. There are about 65k ports + security systems like firewall etc ...
OK, let's say I found an ssh, telnet,etc... port and hacked.
I have a root password.
So, I can put .... sudo ps-aux to see what the running processes are, edit files, etc....
Cool, all of this can be done, but attacking your own Tesla is stuoid, illogical and time consuming.
I'm looking for a different way.
I am not sure,Tesla is based on Linux or a similar Unix system but where it is physically ???? and it is possible to take it out on the bench ?, It is posiible to run it in password recovery mode like Linux ?
I've done this many times as a network administrator, but I had physical access to the computer.
I don't know Tesla. that's why I asked politely here for help.
Maybe there is an easier way, maybe there is some bug?
I think I know how to do more less.
I need to get to the Tesla LAN network,
- I know the connector is on the left or right pillar.
- I know there is an RJ45 connector there, which is an ordinary network connector.
- I can connect with my laptop,
- scan the LAN network, and then knowing the IP class, I can assign myself an IP address ie: 192.172.176.43 from the same pool to my laptop's ethernet adapter.
Then I can scan the ports in my car.
If SSH port 22 is open, I can try to hackit, but Tesla could have changed the port, it could be different. There are about 65k ports + security systems like firewall etc ...
OK, let's say I found an ssh, telnet,etc... port and hacked.
I have a root password.
So, I can put .... sudo ps-aux to see what the running processes are, edit files, etc....
Cool, all of this can be done, but attacking your own Tesla is stuoid, illogical and time consuming.
I'm looking for a different way.
I am not sure,Tesla is based on Linux or a similar Unix system but where it is physically ???? and it is possible to take it out on the bench ?, It is posiible to run it in password recovery mode like Linux ?
I've done this many times as a network administrator, but I had physical access to the computer.
I don't know Tesla. that's why I asked politely here for help.
Maybe there is an easier way, maybe there is some bug?
murphyS90D
Member
@murphyS90D "......A Controller Area Network (CAN bus) is a robust vehicle bus standard designed to allow microcontrollers and devices to communicate with each other's applications without a host computer...."
LAN - Wikipedia
--------------------------------
"....A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, ...." and ie:. Tesla
Today guys I found a website and I want to share it with you and will quote:
"...
"...After logging into the IC with these credentials, we immediately found that the account was a sudoer and we were able to become root ..."
"... We used this token from the IC to log into the CID as “tesla1,” which was also a sudoer. We then had root on both the CID and the IC. ..."
please also take a look at the pictures below, will help you understand each network in Tesla.
link to full article:
Hacking a Tesla Model S: What we found and what we learned
I am going to test it this weekend.
the only problem, I need the wiring diagram to connect to the network ,mens 4-pin ethernet cable (2RX + 2TX)
I'm getting closer to rooting my tesla
LAN - Wikipedia
--------------------------------
"....A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, ...." and ie:. Tesla
Today guys I found a website and I want to share it with you and will quote:
"...
- Memory Cards: One of the memory cards contained a file, carkeys.tar, which included the car’s OpenVPN credentials, specifically an x509 certificate, an RSA private key, and an OpenVPN static key. The car keys of tomorrow, are apparently cryptographic in nature. The other contained a large amount of mapping data..."
"...After logging into the IC with these credentials, we immediately found that the account was a sudoer and we were able to become root ..."
"... We used this token from the IC to log into the CID as “tesla1,” which was also a sudoer. We then had root on both the CID and the IC. ..."
please also take a look at the pictures below, will help you understand each network in Tesla.
link to full article:
Hacking a Tesla Model S: What we found and what we learned
I am going to test it this weekend.
the only problem, I need the wiring diagram to connect to the network ,mens 4-pin ethernet cable (2RX + 2TX)
I'm getting closer to rooting my tesla
This all info from website is not work anymore.@murphyS90D "......A Controller Area Network (CAN bus) is a robust vehicle bus standard designed to allow microcontrollers and devices to communicate with each other's applications without a host computer...."
LAN - Wikipedia
--------------------------------
"....A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, ...." and ie:. Tesla
Today guys I found a website and I want to share it with you and will quote:
"...
- Memory Cards: One of the memory cards contained a file, carkeys.tar, which included the car’s OpenVPN credentials, specifically an x509 certificate, an RSA private key, and an OpenVPN static key. The car keys of tomorrow, are apparently cryptographic in nature. The other contained a large amount of mapping data..."
"...After logging into the IC with these credentials, we immediately found that the account was a sudoer and we were able to become root ..."
"... We used this token from the IC to log into the CID as “tesla1,” which was also a sudoer. We then had root on both the CID and the IC. ..."
please also take a look at the pictures below, will help you understand each network in Tesla.
link to full article:
Hacking a Tesla Model S: What we found and what we learned
I am going to test it this weekend.
the only problem, I need the wiring diagram to connect to the network ,mens 4-pin ethernet cable (2RX + 2TX)
I'm getting closer to rooting my tesla
bacila4666
Member
Tcan can work with can and if you use LAN *INTEL by AP 103 Tegra by IC 101* or (BroadReach ...103 model3) you can use LAN functions. I do not add config and miles editing becouse ......maybe later it is not that way for me on this moment.
Hi Bacila.
Thank you for your mega work.
I think there is no need in config changing in Tcan. Strong side is CAN network access that can make a lot in last Patreon update.
Similar threads
