Author Topic: Hack of Sigllent spectrum analyzer ssa3021X?  (Read 188737 times)

0 Members and 1 Guest are viewing this topic.

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #650 on: May 01, 2019, 04:24:03 am »
TV84,

How does one "remove the hack"? ( I can see logging-in and copying the backed-up files back to the operating files. Perhaps you meant that?

I performed the upgrade on my new SSA3021X, but I see my SN has been 'X'd out.

Any way to get the feature set and retain the proper serial number?

Thanks, in advance!

Shane
 

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: pt
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #651 on: May 01, 2019, 11:08:06 am »
You can reinsert the S/N via SCPI.

Try something like

:SRLN <serial_num>

(I don't remember if this is the right command for the SSA but should be here in the forum...)
« Last Edit: May 01, 2019, 11:10:29 am by tv84 »
 

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #652 on: May 02, 2019, 04:03:38 am »
Thank you, TV84. I don't seem to.be able to get an http session with the SA at this time.

I found a manual on the SCPI commands for the SA, but I don't see any command that allows configuring the S/N for the SA.

Best Regards,
Shane
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 16167
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #653 on: May 02, 2019, 05:39:43 am »
Thank you, TV84. I don't seem to.be able to get an http session with the SA at this time.

I found a manual on the SCPI commands for the SA, but I don't see any command that allows configuring the S/N for the SA.

Best Regards,
Shane
Of course, it's a hidden undocumented command.

From P7 of the programming manual:
https://www.siglentamerica.com/wp-content/uploads/dlm_uploads/2017/10/SSA3000X_ProgrammingGuide_PG0703X_E04A.pdf
Telnet mode. The telnet SCPI service is available on port 5024.
Avid Rabid Hobbyist
 

Offline TTH

  • Newbie
  • Posts: 4
  • Country: gb
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #654 on: May 05, 2019, 12:32:40 pm »
TV84 is correct:

:SRLN <serial_num>

... is the correct SCPI command to set the serial number (note the space after :SRLN)

Thanks to TV84 :)
 

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #655 on: May 06, 2019, 12:57:29 am »
Thank you TauTech and TTH!

I have successfully logged-in as you suggested, but I'm having difficulty getting the SN set.

I have tried:

:SLRN SSA3XABC1t2682

:SYST:SLRN SSA3XABC1t2682

:SYSTCONF:SYST:SLRN SSA3XABC1t2682 (Number changed to protect the innocent)

Nothing seems to set the serial number... Should I enter some sort of save command to fix the change into the SSA???

I skimmed through the manual- perhaps I missed the details???

Your hints are very helpful!

Thank you, again!
Shane
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 16167
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #656 on: May 06, 2019, 01:18:00 am »
I have successfully logged-in as you suggested, but I'm having difficulty getting the SN set.
Sanity check *IDN?
Does this return the correct answer ?

For SCPI it's always a good idea to prove you have a valid connection first.....especially if you're a programming novice like me.  :-[
Avid Rabid Hobbyist
 
The following users thanked this post: ShaneEEV

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #657 on: May 06, 2019, 02:38:50 am »
Hi TauTech,

Yes, *IDN? returns the scope model and SNXXXXXXXXXX, 1.2.9.2.a
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 16167
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #658 on: May 06, 2019, 02:58:32 am »
Hi TauTech,

Yes, *IDN? returns the scope model and SNXXXXXXXXXX, 1.2.9.2.a
See the little 't' in your SN# ? That doesn't look right to me. Double triple check it belongs there.
Avid Rabid Hobbyist
 

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #659 on: May 06, 2019, 03:43:52 am »
That's not the real SN of my SSA. When I do the *IDN? I get all X's for the SN.
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 16167
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #660 on: May 06, 2019, 04:00:06 am »
That's not the real SN of my SSA.
Yes I know but it should be SSA3X***#R####
Quote
When I do the *IDN? I get all X's for the SN.
Yes, when they are hacked XXX...... is the SN#.

Someone here will pop by and rescue you.  :)
They go just fine without a SN# so no need to worry unduly.
Avid Rabid Hobbyist
 
The following users thanked this post: ShaneEEV

Offline ShaneEEV

  • Contributor
  • Posts: 12
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #661 on: May 06, 2019, 04:05:38 am »
Tautech-

Thank you- my SSA has the SN of this form:
SSA3X***2R####

I hope to be rescued! Ha ha! It would be good to put the SN right, even though it doesn't affect the function of the analyzer.

I appreciate your kind replies!

Best Regards,
Shane
 

Offline Emo

  • Regular Contributor
  • *
  • Posts: 73
  • Country: nl
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #662 on: May 06, 2019, 06:26:22 am »
Thank you TauTech and TTH!

I have successfully logged-in as you suggested, but I'm having difficulty getting the SN set.

I have tried:

:SLRN SSA3XABC1t2682

:SYST:SLRN SSA3XABC1t2682

:SYSTCONF:SYST:SLRN SSA3XABC1t2682 (Number changed to protect the innocent)

Nothing seems to set the serial number... Should I enter some sort of save command to fix the change into the SSA???

I skimmed through the manual- perhaps I missed the details???

Your hints are very helpful!

Thank you, again!
Shane

Just for the record and for others that might want to use this method.
In your SCPI commands you seem to have made a typo; :SLRN, should be :SRLN
 
The following users thanked this post: ShaneEEV

Offline rf-loop

  • Super Contributor
  • ***
  • Posts: 3069
  • Country: cn
  • Starting with DLL21
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #663 on: May 06, 2019, 06:58:47 am »
Thank you TauTech and TTH!

I have successfully logged-in as you suggested, but I'm having difficulty getting the SN set.

I have tried:

:SLRN SSA3XABC1t2682

:SYST:SLRN SSA3XABC1t2682

:SYSTCONF:SYST:SLRN SSA3XABC1t2682 (Number changed to protect the innocent)

Nothing seems to set the serial number... Should I enter some sort of save command to fix the change into the SSA???

I skimmed through the manual- perhaps I missed the details???

Your hints are very helpful!

Thank you, again!
Shane

Just for the record and for others that might want to use this method.
In your SCPI commands you seem to have made a typo; :SLRN, should be :SRLN

Also, regardless of whether it worked or not. Until today, I have not seen Siglent serial numbers what include other than capital letters and numbers.
If practice and theory is not equal it tells that used application of theory  is wrong or the theory itself is wrong.
It is much easier to think an apple fall to the ground than to think that the earth and the apple will begin to move toward each other and collide.
 
The following users thanked this post: ShaneEEV

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: pt
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #664 on: May 06, 2019, 08:54:53 am »
It's been a long time but I think when you force the S/N to be the one you want with the SCPI command, you automatically disable the hack that most people use.

After activated, if I remember correctly, the hack works by checking if the S/N is XXXXXXXXX.

But I could be wrong...
 
The following users thanked this post: ShaneEEV

Offline TTH

  • Newbie
  • Posts: 4
  • Country: gb
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #665 on: May 07, 2019, 02:38:46 pm »
TV84 is correct:
The SCPI command
:SRLN SSA3X*********
... changes the serial number
... but results in the creation of a new NSP_sn_bandwidth.xml file (and backup)
... populated with  the serial number - but no option licence keys : (
It does appear that you have to live with the XXX serial number if you want all the options.
 
The following users thanked this post: ShaneEEV

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: pt
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #666 on: May 07, 2019, 05:49:22 pm »
TV84 is correct:
The SCPI command
:SRLN SSA3X*********
... changes the serial number
... but results in the creation of a new NSP_sn_bandwidth.xml file (and backup)
... populated with  the serial number - but no option licence keys : (
It does appear that you have to live with the XXX serial number if you want all the options.

It looks like Alzheimer hasn't catch me yet...  I had this idea from what I saw in my code analysis although I didn't asked nobody to test. Now it's confirmed!
 
The following users thanked this post: ShaneEEV

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 604
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #667 on: May 08, 2019, 07:54:36 am »
However, there is one drawback: AFAIR, Siglents software EasySpectrum will not work without the serial number. If you would like to use the analyzer for doing pre-compliance measurements, the software saves a lot of time and makes things much easier.
However: I cannot test/confirm this, as my unit does have serial number and all options. Maybe somebody can double check this.
But I am pretty sure that EasySpectrum was very sensitive about the connected analyzer.
 
The following users thanked this post: ShaneEEV

Offline TTH

  • Newbie
  • Posts: 4
  • Country: gb
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #668 on: May 29, 2019, 08:08:51 pm »
Easy Spectrum functionality works (both Monitor and EMI) with Serial XXXXXXXXXX
 

Offline electronic_eel

  • Regular Contributor
  • *
  • Posts: 187
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #669 on: May 29, 2019, 10:26:13 pm »
There is a new firmware 1.2.9.3a out.

This one seems to block telnet access to the device. It is not available on the regular port 23, and also not on 10101 (which some other Siglent products use).

Downgrading to 1.2.9.2a is possible, but does not bring telnet access back!

So I wouldn't recommend to install this update for now.
 

Offline BillB

  • Supporter
  • ****
  • Posts: 569
  • Country: us
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #670 on: May 29, 2019, 11:10:11 pm »
Seems like Siglent is starting to secure their product line.  :(
 

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: pt
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #671 on: May 31, 2019, 05:37:04 pm »
The new FW SSA3000X_v1.2.9.3a has 2 interesting files, besides new versions of the common ones.

See attached.

And, of course, SHELLCMD was removed from the main app.  ;)
« Last Edit: May 31, 2019, 05:54:30 pm by tv84 »
 

Offline markus_jlrb

  • Regular Contributor
  • *
  • Posts: 87
  • Country: de
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #672 on: May 31, 2019, 06:07:57 pm »
@tv,

how to mod the lines from

rm -f to echo rm -f
or  from         
rm -f to # rm -f

Any ide?

Markus
 

Offline electronic_eel

  • Regular Contributor
  • *
  • Posts: 187
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #673 on: May 31, 2019, 06:50:24 pm »
how to mod the lines from
You'd have to package a modified ADS update file. The format is obfuscated and sometimes also encrypted. You can find some info here: https://www.eevblog.com/forum/testgear/siglent-ads-firmware-file-format/. But while the descriptions there are probably enough to get someone determined on the right track, they are not simple recipes you can just follow along. tv84 seems to have mastered this though.

Just an idea: if someone creates a modified ads file, wouldn't it be better to create one that just re-enables the telnet service and doesn't do anything else, like replacing ecomb? This way you could just install the regular update and install the re-enabler.ads afterwards. When Siglent releases the next update, it will most probably disable telnet again, so you could use the same re-enabler again and wouldn't have to do modifications again.
 

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 908
  • Country: pt
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #674 on: May 31, 2019, 06:56:04 pm »
rm -f to echo rm -f

Test at your own risk.

This is the official ADS with additional.sh "slightly" modded.

If you already installed the official update, you already had telnetd deleted, so in that case this won't work.
« Last Edit: May 31, 2019, 07:14:23 pm by tv84 »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf