John Deere 6068

[cc18dd]

I have a John Deere 6068 with a VP44, could you help me modify canbus messages going from and to it with a MITM attack? I need to fool the ECM into thinking the pump has no codes. Also, my canbus is only 11 bit and not 29 bit like yours. Did the VP44 or ECM have a higher can ID?

[jlaustill]

Heya, 11 bit isn't going to work as they communicate using the J1939 protocol I've discovered. The error codes follow the standard J1939 protocol, so you have a couple of options depending on how involved you want to get. The VP44 and the ECU are connected directly, so in order to stop the error messages you would need to stick a Teensy or something in between them and have it pass the messages and skip the error ones. I've never tried this, but it sounds fun :) What are you using that has 11 bit canbus exactly?

[cc18dd]

? What should I hook the teensy to? Something faster than an uno? 2002 John Deere 6068

[cc18dd]

0x100 = John Deere - 72 1 0 0 5 9 8B C Fuel commands? (It is the highest priority 0x500 = John Deere - 5E 0 2A 1 D2 2 F8 2 - At all times

• ends in 0 when messages come from the ECU

0x112 = VP44 - 4 0 49 A5 BF F 3B 13 Fuel feedback? 0x512 = VP44 - 6 1 FE 3 30 1 0 0 - DTC Feedback?

• ends in 2 when messages come from the VP44

[cc18dd]

The Error Code is SPN 001077 FMI 12 97 Pump Self Test Error

[jlaustill]

I use a Teensy 4.0 and SN65HVD230 transceiver these days. I'd recommend you look into using my OPCM repo so you can see the J1939 messages. I have some updates to push up to it that will make it MUCH easier to see the messages. I'll let you know when I push them up

[jlaustill]

Ok, I pushed up the code using the J1939 library to OPCM. It should be much easier to use that code to sniff your bus. you'll be interested in src/Data/CumminsBus.cpp. In src/Configuration.h just comment out everything except cummins bus as you won't need the rest of it. The repo is here https://github.com/jlaustill/opcm