You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
should've read the documentation earlier, found out the identifiers scan should be used for this. feel free to merge/close as per your discretion. my thought was this specific scan would enable possible future automation expansion, but that could be also done with the universal identifiers scan. Only benefit here might be more specific response/data handling.
Hi @mich41v4294
thanks for your contribution!
Yea, you can use the identifier scanner to iterate the sa level.
I saw, that you also iterate the payload length to request the seed.
Is there a specific reason why you are doing this?
Do you get different results on different payload lengths?
Do you get different results on different payload lengths?
Yes, that's correct, some ECUs might expect additional information with the SA request and could respond with IncorrectLength. While that response itself is enough to assess the existence of that specific SA level, it is not enough to specify the correct message format (eg. for subsequent seed gathering).
Ok, I see.
Maybe we can split this up?
We like to have simple scanners, which are focused on one thing, in case of the identifiers scanner, finding IDs which are available. A second scanner could then take those IDs and try to find accepted payload lengths. A third could then use the payload length to do fuzzing (where we have a prototype).
Decoupling adds flexibility to run (or re-run) only selected parts and allows combining and reusing the scanners as needed.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added a scan mode to enumerate supported SecurityAccess (0x27) subfunctions/levels in supported sessions.