search

jagheterfredrik / wallbox-pwn

Gain root access to Wallbox chargers such as Pulsar Plus, Copper SB
13 stars 6 forks source link

How to SSH to WB? #3

Closed andypnz closed 8 months ago

andypnz commented 8 months ago

Hi... Successfully pwnd (thank you!!)

How do I now SSH - error below..... (charger has the latest firmware 5.17.87)

Thank you Andrew


Please choose Wallbox:
0) WB176122 (xx:xx:xx:xx:xx:xx)
> 0
Setting Wallbox to AP mode
Wallbox AP is ready, connect to WB17xxxx-Hotspot using password Xxxxxxxxxx, then press return
>
Sending pwnware
Pwnware was received by Wallbox
Wallbox is processing pwnware...
Wallbox was pwnd successfully!

(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>ssh -i id_rsa root@192.168.x.xx
Unable to negotiate with 192.168.x.xx port 22: no matching host key type found. Their offer: ssh-rsa

(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>```
jagheterfredrik commented 8 months ago

Try adding -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa to your ssh command

andypnz commented 8 months ago

Like this? ssh -i id_rsa root@192.168.x.xx -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa

I get this:

'''(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>ssh -i id_rsa root@192.168.x.xx -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedAlgorithms=+ssh-rsa The authenticity of host '192.168.x.xx (192.168.x.xx)' can't be established. RSA key fingerprint is SHA256:KNTPYH++YWtjxKE6LwG/uErpXhfvwiGxxxxxxxxxxxx. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.x.xx' (RSA) to the list of known hosts. Load key "id_rsa": invalid format root@192.168.x.xx: Permission denied (publickey).

(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>```

jagheterfredrik commented 8 months ago

I think your ssh installation is too recent but try ssh-keygen -f id_rsa -p and then ssh again

andypnz commented 8 months ago 
(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>ssh-keygen -f id_rsa -p
Failed to load key id_rsa: invalid format

I git cloned your repo... my local directory looks ok?


(wallbox) C:\Users\andyp\wallbox\wallbox-pwn>ls
README.md  id_rsa  id_rsa.pub  pwnware.tar  wallbox-pwn.py```
jagheterfredrik commented 8 months ago

Yes. You need to figure out how to get your (relatively new) version of ssh to accept a (relatively old) rsa key

andypnz commented 8 months ago

Thank you - will do some googling.... I am using a new anaconda install, so I guess thats why its a new version of ssh..... Can I use PuTTY to ssh in? Any idea how to use 'id-rsa' as they key?

jagheterfredrik commented 8 months ago

I believe that’s fully doable, not sure how

andypnz commented 8 months ago

Thanks.... I was able to ssh in using a windows command prompt :-)

But unsure what to do now:

C:\Users\andyp\wallbox\wallbox-pwn>ssh -i id_rsa root@192.168.x.xx
root@WBxxxxxx:~# ls
debs  empty_test_db.sql  telemetry  telemetry_unsent.csv
root@WBxxxxxx:~# curl -sSfL https://github.com/jagheterfredrik/wallbox-mqtt-bridge/releases/download/bridge/install.sh > install.sh && bash install.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:06 --:--:--     0
100 5952k  100 5952k    0     0   403k      0  0:00:14  0:00:14 --:--:--  900k
MQTT Host (127.0.0.1):
jagheterfredrik commented 8 months ago

Enter the ip of your mqtt broker

andypnz commented 8 months ago

Ahh... obviously... Thank you!

So the config appears to be done - what is the topic name I need to look for? Just the device name?

jagheterfredrik commented 8 months ago

I add the broker to home assistant and all will be automatically setup

andypnz commented 8 months ago

Thanks.... I was trying to use a stand alone MQTT listening app.... looked at HA, sure enough all is auto configured...

A couple more questions if you don't mind:

  1. To set up a second wallbox, I guess there is nothing special to do? I just re-run all the commands in an identical fashion? I see it uses the serial # in the topic, so there should be no conflicts?
  2. Is there a list of all the topics I can listen to and publish to somewhere, along with the data range for each topic?

Thanks again for all your hard work!

jagheterfredrik commented 8 months ago
  1. Yes
  2. I usually use http://mqtt-explorer.com/ to inspect mqtt which will show you all topics
andypnz commented 8 months ago

Thanks very much.... Just need to change my node-red flow to use this new method and not the WB integration....

Should I ask any questions here, or on the HA WB thread?

My first one is the HA integration provided a state - does the Status via MQTT report in the same way?

STATE 1: Ready 2: Unavailable 3: Charging 4: Disconnected 254: Paused 99: UNKNOWN

jagheterfredrik commented 8 months ago

No, the states are here https://github.com/jagheterfredrik/wallbox-mqtt-bridge/blob/0af1539c8895ac55459e27b8505762b88bd63d03/app/wallbox/wallbox_const.go#L3

first one is 0, second one is 1, etc

andypnz commented 8 months ago

Thank you again.... I am converting my Node Red charger control from using @hesselonline HA integration to instead use your local control - I have most everything working, but can see I will still have a few questions matching up the different states.... but that's a job for tomorrow :-) Thanks again for this great development - the local control is really fast, and such a good idea!

jagheterfredrik commented 8 months ago

Awesome, good luck!