Recently I have been able to dedicate some time again to this project.
I decided to look for reverse engineering tools that could allow us to listen to the packet received from the Canbus and store and show them.
This is the first step for reverse engineering the messages from the car. We need to associate each message to each actions performed on the car and possibly recognize other useful information passing on the Can Bus.
I had a second look at the tools I talked about in a previous post. I downloaded the socketcan project files again and noticed that it had a lot of changes. Apparently they have been quite active. I set the test can bus up again a began some tests. Cansend and Candump programs are still working and everything seems like before.
I then went on with my search for tools to sniff the bus and reverse engineer the information. I looked at Wireshark tool (formerly known as Ethereal) and I tried it on the local test canbus but it gave me an error. I searched around and found some patches for libpcap (that is used by wireshark to sniff packets) that enabled it to sniff CAN packets.
I downloaded the latest libpcap and tried to apply the patch only to discover that it has already been applied. So if libpcap is CAN ready, why wireshark can't sniff CAN packets?
I went to the wireshark website and discovered a much newer version and decided to try it.
As I am a Debian GNU/Linux user, my first place to look has been the debian repository. Luckily, debian 6 (squeeze) has just been released, and this allowed the newest packages to enter the new debian testing, which is the one I'm using.
So I did apt-get install -t testing wireshark to get it updated to version 1.4.3 and tried again with the can bus. Luckily I did not get the error this time and immediately tried with some packets from cansend. It worked like a charm as you can see in this picture:
Nice and very readable. With a tool as handy and mature as wireshark, reverse engineering will be much easier. Next thing we will have to do is figure a way to collect can packets from our PICs connected to the serial port to the can bus. Stay tuned!