CoCalc -- getvinfo.rb

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/post/hardware/automotive/getvinfo.rb
Views: ¹¹⁷⁸⁴

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  include Msf::Post::Hardware::Automotive::UDS
8
  include Msf::Post::Hardware::Automotive::DTC
9

10
  def initialize(info = {})
11
    super(
12
      update_info(
13
        info,
14
        'Name' => 'Get the Vehicle Information Such as the VIN from the Target Module',
15
        'Description' => %q{
16
          Post Module to query DTCs, Some common engine info and Vehicle Info.
17
          It returns such things as engine speed, coolant temp, Diagnostic
18
          Trouble Codes as well as All info stored by Mode $09 Vehicle Info, VIN, etc
19
        },
20
        'License' => MSF_LICENSE,
21
        'Author' => ['Craig Smith'],
22
        'Platform' => ['hardware'],
23
        'SessionTypes' => ['hwbridge']
24
      )
25
    )
26
    register_options([
27
      OptInt.new('SRCID', [true, 'Module ID to query', 0x7e0]),
28
      OptInt.new('DSTID', [false, 'Expected reponse ID, defaults to SRCID + 8', 0x7e8]),
29
      OptInt.new('PADDING', [false, 'Optinal end of packet padding', nil]),
30
      OptBool.new('FC', [false, 'Optinal forces flow control', nil]),
31
      OptBool.new('CLEAR_DTCS', [false, 'Clear any DTCs and reset MIL if errors are present', false]),
32
      OptString.new('CANBUS', [false, 'CAN Bus to perform scan on, defaults to connected bus', nil])
33
    ])
34
  end
35

36
  def run
37
    opt = {}
38
    opt['PADDING'] = datastore['PADDING'] if datastore['PADDING']
39
    opt['FC'] = datastore['FC'] if datastore['FC']
40
    pids = get_current_data_pids(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
41
    if pids.empty?
42
      print_status('No reported PIDs. You may not be properly connected')
43
    else
44
      print_status("Available PIDS for pulling realtime data: #{pids.size} pids")
45
      print_status("  #{pids.inspect}")
46
    end
47
    if pids.include? 1
48
      data = get_monitor_status(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
49
      print_status("  MIL (Engine Light) : #{data['MIL'] ? 'ON' : 'OFF'}") if data.key? 'MIL'
50
      print_status("  Number of DTCs: #{data['DTC_COUNT']}") if data.key? 'DTC_COUNT'
51
    end
52
    if pids.include? 5
53
      data = get_engine_coolant_temp(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
54
      print_status("  Engine Temp: #{data['TEMP_C']} \u00b0C / #{data['TEMP_F']} \u00b0F") if data.key? 'TEMP_C'
55
    end
56
    if pids.include? 0x0C
57
      data = get_rpms(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
58
      print_status("  RPMS: #{data['RPM']}") if data.key? 'RPM'
59
    end
60
    if pids.include? 0x0D
61
      data = get_vehicle_speed(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
62
      print_status("  Speed: #{data['SPEED_K']} km/h  /  #{data['SPEED_M']} mph") if data.key? 'SPEED_K'
63
    end
64
    if pids.include? 0x1C
65
      print_status("Supported OBD Standards: #{get_obd_standards(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)}")
66
    end
67
    dtcs = get_dtcs(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
68
    unless dtcs.empty?
69
      print_status('DTCS:')
70
      dtcs.each do |dtc|
71
        msg = dtc
72
        msg += ": #{DTC_CODES[dtc]}" if DTC_CODES.key? dtc
73
        print_status("  #{msg}")
74
      end
75
    end
76
    frozen_dtcs = get_frozen_dtcs(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
77
    unless frozen_dtcs.empty?
78
      print_status('Frozen DTCS:')
79
      frozen_dtcs.each do |dtc|
80
        msg = dtc
81
        msg += ": #{DTC_CODES[dtc]}" if DTC_CODES.key? dtc
82
        print_status("  #{msg}")
83
      end
84
    end
85
    pids = get_vinfo_supported_pids(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
86
    print_status("Mode $09 Vehicle Info Supported PIDS: #{pids.inspect}") if !pids.empty?
87
    pids.each do |pid|
88
      # Handle known pids
89
      if pid == 2
90
        vin = get_vin(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
91
        print_status("VIN: #{vin}")
92
      elsif pid == 4
93
        calid = get_calibration_id(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
94
        print_status("Calibration ID: #{calid}")
95
      elsif pid == 0x0A
96
        ecuname = get_ecu_name(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
97
        print_status("ECU Name: #{ecuname}")
98
      else
99
        data = get_vehicle_info(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], pid, opt)
100
        data = response_hash_to_data_array(datastore['DSTID'].to_s(16), data)
101
        print_status("PID #{pid} Response: #{data.inspect}")
102
      end
103
    end
104
    if datastore['CLEAR_DTCS'] == true
105
      clear_dtcs(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
106
      print_status('Cleared DTCs and reseting MIL')
107
    end
108
  end
109
end
110

111

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place.

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.