2004 to 2020 Mazda 3 Forum and Mazdaspeed 3 Forums banner
6021 - 6040 of 6500 Posts

·
Registered
Joined
·
120 Posts
Hi, Everyone. I am wondering if someone can help me get CastScreen to work. @duguschi, maybe you can help me? I have tried the recommended settings of H264, 800X480 @ 160, 1 Mbps, 127.0.0.1 in Receiver mode. I am connecting to the CMU using a USB connection via MTP connection. My phone is a stock, locked, unrooted AT&T Samsung Galaxy S6 128GB (SM-G920A) on Android 6.0.1 with the December 1, 2016 security patch. My vehicle is a U.S.-market 2017 Mazda3 Grand Touring MT w/ Premium Equipment Package and i-ACTIVSENSE Package running 59.00.441 NA. I am using AIO 2.2.4.

I did not install SSH_bringback (is it even supported for 59.xx.xxx?). Could that be why? Everything else, including Android Auto, seems to be working fine.

Entire Developer Options screenshot:
https://drive.google.com/open?id=0ByZg8dyQLwQrYVp4bVViX3EteTg

I mainly want to get it working to see what it would be like to commute using Waze using CastScreen.

Thanks in advance for your time and help!
 

·
Registered
Joined
·
57 Posts
@All, please consider you have root access to your cmu before running any tweaks. For instance v59 and some of the v56 versions not support the ssh access so I highly recommend you run the ssh bring back script and test you can login to the root user.

If you not do this and the tweak leads to a brick system there is highly no chance you can revert the damage you have done.
@developers.. please consider a script that will revert the sm.conf and opera.ini files if you see errors in start up logs. You can add this in init files or start up scripts.

That will be very handy if it's get into bootloop the system will auto heal by reverting the original files.

Just a doable idea..
 

·
Registered
Joined
·
6 Posts
Hi everyone. I am trying to figure out how to remove the Speedometer & Compass Application. It does not work on my iA. The rest works just fine.
 

·
Registered
Joined
·
2 Posts
Hello everyone,
where can I find the latest version of the Mazda connect to europe?
I currently have installed 56.00.513 EU N.

Thanks very much.
 

·
Registered
Joined
·
513 Posts
Without tweak it won't, because it is disabled since EU 56.00.511. We need someone that has successfully updated to .443 EUR then installed the SSH bringback tweak and finally connected with a SSH client to CMU.
 

·
Registered
Joined
·
513 Posts
@championway Ok if so, then what is the new pass of user "cmu" in v59:

Code:
cmu:$5$phNsaxamJ/6XE4D7$7N55BFA26mj2HtlpxF9cIXzT01GxfgZcWg9UU9vlYo4:0:0:root:/root:/bin/sh
service:x:1001:1001:Service User:/root:/bin/false
hmi:x:1002:1002:HMI User:/root:/bin/false
browser:x:1003:1003:Browser User:/root:/bin/false
user:WxKYMo36qB5CA:1000:1000:Linux User,,,:/tmp/user:/bin/sh
 

·
Registered
Joined
·
513 Posts
Diginix i said no change to users or pass
My FW v59.00.230 has no user CMU, but ROOT. And newer doesn't have user with name root (not level) as you can see in my quoted passwd file. So, my credentials for v56.00.230 doesn't work on e.g. v59 and vice versa.
Or I'm blind. But I don't want an update. That's why it isn't important for me. I'm only interested to know how others can have access without SSH tweak.
 

·
Registered
Joined
·
306 Posts
My FW v59.00.230 has no user CMU, but ROOT. And newer doesn't have user with name root (not level) as you can see in my quoted passwd file. So, my credentials for v56.00.230 doesn't work on e.g. v59 and vice versa.
Or I'm blind. But I don't want an update. That's why it isn't important for me. I'm only interested to know how others can have access without SSH tweak.
up to you ... do you know any about fake flag ?
 

·
Registered
Joined
·
32 Posts

for All users,
put in mind, Mazda technics & warrantee Department. start to take acts regarding electronic parts issue in this case ( CMU ) at any replacement under unusual parts operation ordered staff to backup and inspect any change and the hide log . so don't surprised after period of months or late you find letter from Mazda at your Post Box. what this letter include i don't know..

enjoy driving your Mazda.
Do you have any proof of this at all?

Have you read or received one of these letters? Do you have a TSB or other dealer document mandating anyone attempt to diagnose CMU issues outside of what the in-car system can do?

I find it highly unlikely Mazda is going to tie up service techs who have little to no experience in Linux diagnostics, on an embedded system, to check for software changes. It might happen when a component gets refurbished, but even then it's far fetched.
 

·
Registered
Joined
·
6 Posts
auto uninstall upon USB plug in

1. download uninstall.zip
2. unzip and copy all files to your USB root
3. start your CMU
4. plug it to the USB port and wait for about 30 seconds
5. if you see a dialog pop up on your screen, the uninstallation should be completed

I cant uninstall.
 

·
Registered
Joined
·
57 Posts
@championway Ok if so, then what is the new pass of user "cmu" in v59:

Code:
cmu:$5$phNsaxamJ/6XE4D7$7N55BFA26mj2HtlpxF9cIXzT01GxfgZcWg9UU9vlYo4:0:0:root:/root:/bin/sh
service:x:1001:1001:Service User:/root:/bin/false
hmi:x:1002:1002:HMI User:/root:/bin/false
browser:x:1003:1003:Browser User:/root:/bin/false
user:WxKYMo36qB5CA:1000:1000:Linux User,,,:/tmp/user:/bin/sh
As I kn the cmu password is still unknown ( unless someone in Mazda tech. dept guy can reveal this to us or we run try to do a brute force to find the password. I ran John the ripper for like 5 hours but it seems not able to reveal it.
If someone having a good distributed systems skills we might able to crack it in few days..
it uses following hash algorithm and 256bits.. it's pretty big..
(sha256crypt, crypt(3) $5$ [SHA256 32/32 OpenSSL])
 

·
Registered
Joined
·
57 Posts
As I kn the cmu password is still unknown ( unless someone in Mazda tech. dept guy can reveal this to us or we run try to do a brute force to find the password. I ran John the ripper for like 5 hours but it seems not able to reveal it.
If someone having a good distributed systems skills we might able to crack it in few days..
it uses following hash algorithm and 256bits.. it's pretty big..
(sha256crypt, crypt(3) $5$ [SHA256 32/32 OpenSSL])

I don't think we can crack it.. found the time taken to crack this in another site.
2^240 * 2^-2 = 2^238 ~ 10^72s ~ 3,17 * 10^64 years (LOL)
 

·
Registered
Joined
·
57 Posts
As I kn the cmu password is still unknown ( unless someone in Mazda tech. dept guy can reveal this to us or we run try to do a brute force to find the password. I ran John the ripper for like 5 hours but it seems not able to reveal it.
If someone having a good distributed systems skills we might able to crack it in few days..
it uses following hash algorithm and 256bits.. it's pretty big..
(sha256crypt, crypt(3) $5$ [SHA256 32/32 OpenSSL])
I don't think we can crack it.. found the time taken to crack this in another site.
2^240 * 2^-2 = 2^238 ~ 10^72s ~ 3,17 * 10^64 years (LOL)
 

·
Treveloper
Joined
·
534 Posts
@All, please consider you have root access to your cmu before running any tweaks. For instance v59 and some of the v56 versions not support the ssh access so I highly recommend you run the ssh bring back script and test you can login to the root user.

If you not do this and the tweak leads to a brick system there is highly no chance you can revert the damage you have done.

@developers.. please consider a script that will revert the sm.conf and opera.ini files if you see errors in start up logs. You can add this in init files or start up scripts.

That will be very handy if it's get into bootloop the system will auto heal by reverting the original files.

Just a doable idea..
The only thing about that is you are assuming that the errors happen in sm.conf or opera.ini but I have found you can get bootlooped from a javascript error in any of the core js files. (Non-forward-compatible errors in StatusBarCtrl.js and List4Ctrl.js I have seen cause bootloops). Then there can be a number of config files that can cause a bootloop too so this could be done to an extent. I actually haven't explored the booting up process of the system too deeply since I do a lot of testing using an emulated system. That being said, I can see specifically what errors cause the bootloops that way so I could try and write a script that would react to every possible case but that would be pretty difficult.

I know that @oz_paulb Was working on something like a boot-loader that could be activated with a button press from the steering wheel on boot but I don't know if he is still actively working on that
 

·
Registered
Joined
·
2 Posts
Hello everyone,
where can I find the latest version of the Mazda connect to europe?
I currently have installed 56.00.513 EU N.

Thanks very much.
 

·
Registered
Joined
·
71 Posts
Without tweak it won't, because it is disabled since EU 56.00.511. We need someone that has successfully updated to .443 EUR then installed the SSH bringback tweak and finally connected with a SSH client to CMU.
My FW v59.00.230 has no user CMU, but ROOT. And newer doesn't have user with name root (not level) as you can see in my quoted passwd file. So, my credentials for v56.00.230 doesn't work on e.g. v59 and vice versa.
Or I'm blind. But I don't want an update. That's why it isn't important for me. I'm only interested to know how others can have access without SSH tweak.
You can't access via SSH without the tweak. An unmodified (no SSH tweak) CMU v56+ is locked down. I have v59 NA firmware and the SSH tweak works so it should work for v59 EU firmware. I am confident in this.

I will say that you should run the tweak but the passwd file used should be one where the cmu user is left in place but the password is changed. This is important if you look at what the v56+ firmware upgrade does to the password. Here is the important excerpt from the password update script (used in v56+ firmware upgrades).

Code:
if grep '^root:' /config-mfg/passwd ; then
    # passwd needs updating
    cp /tmp/passwd /tmp/configtmp/passwd
    # authorized_keys needs to be added
    cp /tmp/authorized_keys /tmp/configtmp/authorized_keys
    
else
    cp /tmp/authorized_keys /tmp/configtmp/authorized_keys
fi
What this says is check the passwd file and update it if it starts with the root user. Why is this important? If the script does not find the root user, it will NOT update the passwd file. This means that if you update your passwd file with a new password for the cmu user, the password update script will not update the file. So far this password update script has not been changed since v56 so unless they (JCI/Visteon) make a more robust password update script that always replaces the file or does some other check, your cmu password will persist through firmware upgrades. By having your password persist through upgrades, you will always at least have serial console access.

When new firmware upgrades are released, you just have to check the password update script for that upgrade to see what it does. If they add some other file check, you can preemptively update the password file to potentially meet their script (assuming it's not some sort of file hash check). As long as they don't make it always copy the file over, you will be able to gain access via the serial console (assuming they don't also disable that). You can then update any necessary files to re-gain SSH access.

Honestly, as long as the USB tweak method exists, you will be able to gain SSH access. My point above is more pertinent if they disable the USB tweak method (which they haven't yet, so far so good!).

Attached you will find an updated SSH restore script where the password for the cmu user has been changed back to good ol' jci. You can generate your own password if you desire too.
 

Attachments

6021 - 6040 of 6500 Posts
Top