Author Topic: Hack of Sigllent spectrum analyzer ssa3021X?  (Read 467175 times)

0 Members and 4 Guests are viewing this topic.

Offline papousekTopic starter

  • Contributor
  • Posts: 13
  • Country: jp
Hack of Sigllent spectrum analyzer ssa3021X?
« on: May 13, 2016, 07:15:26 am »
I been waiting for reviews and being really interested to buy one since i saw the hack of  ssa3021X from the post: (https://www.eevblog.com/forum/testgear/siglent-ssa3000x-spectrum-analyzers/100/) .

it seems the SSA3021X (Original 2.1G and options closed) are upgraded to 3.2G, full options opened.  :-+ :-+
it's impossible for me to judge if the hack really works since i dont have one,,,,anyone who got one at hand can do me a favor to review or to try the hack?

anyway,, 1600 bucks are not a easy budget for me.
Tks in advance
 

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29599
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #1 on: May 13, 2016, 07:44:02 am »
It seems to me you'd want to grab the current FW update just in case it gets pulled.  :-\
Not sure if it has opened the hole to allow the upgrade but just in case it has here's the link:

http://www.siglentamerica.com/USA_website_2014/Firmware&Software/firmware/SSA-firmware-0705.rar
~7.5 Mb
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29599
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline Deuze

  • Contributor
  • Posts: 15
  • Country: de
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #3 on: May 17, 2016, 01:27:21 am »
Hi Papousek,
Here is some info you may want to know. In order to investigate whether it is a accident event.  I install the old FW again and find out the 'hack' was gone. But when I upgrade to FW07.05 again and do the same thing to it. The 'hack' appeared again! So I think it means people can really hack it with these steps.   ;) Wunderbar
Always on a trip....
 
The following users thanked this post: papousek, Chris Roubis

Offline drieg

  • Regular Contributor
  • *
  • Posts: 85
  • Country: cz
    • Silcon Electronics
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #4 on: June 20, 2016, 02:07:22 pm »
Latest SSA3021X and SSA3032X units are hardware identical and SSA3021X is also calibrated up to 3.2GHz, so yes, SSA3021X is "upgradable" to SSA3032X  ;)
Bricked Rigol? This thread might be of any help.
 
The following users thanked this post: rf-loop, papousek, Chris Roubis

Online nctnico

  • Super Contributor
  • ***
  • Posts: 28246
  • Country: nl
    • NCT Developments
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #5 on: June 20, 2016, 02:19:02 pm »
Hi Papousek,
Here is some info you may want to know. In order to investigate whether it is a accident event.  I install the old FW again and find out the 'hack' was gone. But when I upgrade to FW07.05 again and do the same thing to it. The 'hack' appeared again! So I think it means people can really hack it with these steps.   ;) Wunderbar
The biggest question is whether a future firmware upgrade undoes the 'hack'.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline rf-loop

  • Super Contributor
  • ***
  • Posts: 4134
  • Country: fi
  • Born in Finland with DLL21 in hand
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #6 on: June 20, 2016, 02:47:13 pm »
Hi Papousek,
Here is some info you may want to know. In order to investigate whether it is a accident event.  I install the old FW again and find out the 'hack' was gone. But when I upgrade to FW07.05 again and do the same thing to it. The 'hack' appeared again! So I think it means people can really hack it with these steps.   ;) Wunderbar
The biggest question is whether a future firmware upgrade undoes the 'hack'.

With Rigol this afraid and question have been many years, starting from old times DS1052E. ;)
(I  remember well these RS232 and terminal things what also I have done... and eevery next FW update we afraid if this all have gone... )
EV of course. Cars with smoke exhaust pipes - go to museum. In Finland quite all electric power is made using nuclear, wind, solar and water.

Wises must compel the mad barbarians to stop their crimes against humanity. Where have the (strong)wises gone?
 

Online nctnico

  • Super Contributor
  • ***
  • Posts: 28246
  • Country: nl
    • NCT Developments
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #7 on: June 20, 2016, 05:02:53 pm »
Hi Papousek,
Here is some info you may want to know. In order to investigate whether it is a accident event.  I install the old FW again and find out the 'hack' was gone. But when I upgrade to FW07.05 again and do the same thing to it. The 'hack' appeared again! So I think it means people can really hack it with these steps.   ;) Wunderbar
The biggest question is whether a future firmware upgrade undoes the 'hack'.
With Rigol this afraid and question have been many years, starting from old times DS1052E. ;)
(I  remember well these RS232 and terminal things what also I have done... and eevery next FW update we afraid if this all have gone... )
That may be but if downgrading undoes the 'hack' in the SSA3000 then upgrading is likely to do the same because appearantly the hack doesn't update the memory where the enabled options are stored. If the options where enabled permanently by the hack then they would remain after downgrading.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 
The following users thanked this post: F6DEX

Offline continuo

  • Frequent Contributor
  • **
  • Posts: 303
  • Country: de
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #8 on: June 20, 2016, 06:53:23 pm »
I don't understand, what exactly is the hack on this one? Just an upgrade with the official firmware or is there something else to do? And will this hack enable the Tracking Gen as well?  :-//
 

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29599
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #9 on: June 20, 2016, 07:52:47 pm »
I don't understand, what exactly is the hack on this one? Just an upgrade with the official firmware or is there something else to do? And will this hack enable the Tracking Gen as well?  :-//
First mentioned here:
https://www.eevblog.com/forum/testgear/siglent-ssa3000x-spectrum-analyzers/msg938261/#msg938261

Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 
The following users thanked this post: noobiedoobie

Online nctnico

  • Super Contributor
  • ***
  • Posts: 28246
  • Country: nl
    • NCT Developments
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #10 on: June 20, 2016, 07:56:02 pm »
I don't understand, what exactly is the hack on this one? Just an upgrade with the official firmware or is there something else to do? And will this hack enable the Tracking Gen as well?  :-//
First mentioned here:
https://www.eevblog.com/forum/testgear/siglent-ssa3000x-spectrum-analyzers/msg938261/#msg938261
We still need confirmation the options stay enabled in future firmware updates otherwise it isn't a hack but a bug. It would be sad when people make their purchase based on the availability of the full-featured SA for the base price only to find out they can only use an old firmware version which doesn't have the latest features.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline drieg

  • Regular Contributor
  • *
  • Posts: 85
  • Country: cz
    • Silcon Electronics
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #11 on: June 20, 2016, 08:12:52 pm »
I don't understand, what exactly is the hack on this one? Just an upgrade with the official firmware or is there something else to do? And will this hack enable the Tracking Gen as well?  :-//
First mentioned here:
https://www.eevblog.com/forum/testgear/siglent-ssa3000x-spectrum-analyzers/msg938261/#msg938261
It is possible to turn SSA3021X into SSA3032X and enable all the options unofficially in a different (permanent) way as well ;)
« Last Edit: June 20, 2016, 08:24:59 pm by drieg »
Bricked Rigol? This thread might be of any help.
 

Offline PsychoBoy

  • Contributor
  • Posts: 12
  • Country: pl
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #12 on: June 20, 2016, 08:17:42 pm »
We still need confirmation the options stay enabled in future firmware updates otherwise it isn't a hack but a bug. It would be sad when people make their purchase based on the availability of the full-featured SA for the base price only to find out they can only use an old firmware version which doesn't have the latest features.
I would hardly call it hack since, man - you don't have to do anything, just upgrade FW, wtf :D? It's certainly a bug.
To me what is more important is to test it now if it really is capable of 3.2GHz span on 2.1GHz model and do all these enabled options work as well, because once you know the technical capabilities are the same then we can do hacks on software. Also if it works it's great base to start working on real hack - I mean for example you could dump memory from EEPROM when you had old FW and then dump once again when upgraded to new one, and see what's changed (maybe nothing unfortunately if it's related to real software bug like IDK wrong date checking?). By the way if it is possible to get trial versions for 48h, isn't it possible to manually adjust RTC clock and find and replace date in memory, I know it's pain in ass solution, but anyway.
 

Offline drieg

  • Regular Contributor
  • *
  • Posts: 85
  • Country: cz
    • Silcon Electronics
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #13 on: June 20, 2016, 08:37:02 pm »
..
To me what is more important is to test it now if it really is capable of 3.2GHz span on 2.1GHz model and do all these enabled options work as well, ..
The answer to both your questions is yes.
Bricked Rigol? This thread might be of any help.
 
The following users thanked this post: PsychoBoy

Offline PsychoBoy

  • Contributor
  • Posts: 12
  • Country: pl
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #14 on: June 20, 2016, 08:43:24 pm »
It is possible to turn SSA3021X into SSA3032X and enable all the options unofficially in a different (permanent) way as well ;)
Great info, would you mind to share your method?
The answer to both your questions is yes.
Then this is really nice. All Rigol hackers please take a look at this one!
 

Offline drieg

  • Regular Contributor
  • *
  • Posts: 85
  • Country: cz
    • Silcon Electronics
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #15 on: June 20, 2016, 09:32:03 pm »
I actually can't because I'm a distributor of Siglent (and Rigol) test gear. Sorry for that.
But  don't worry, there are many talented guys who will figure out soon. My guess is, that these units will quickly become very popular due its hackability (like Rigol units).

Small hint: read tinhead's thread;)
« Last Edit: June 20, 2016, 09:41:00 pm by drieg »
Bricked Rigol? This thread might be of any help.
 
The following users thanked this post: PsychoBoy, Chris Roubis

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29599
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #16 on: June 20, 2016, 09:58:08 pm »
I actually can't because I'm a distributor of Siglent (and Rigol) test gear. Sorry for that.
But  don't worry, there are many talented guys who will figure out soon. My guess is, that these units will quickly become very popular due its hackability (like Rigol units).

Small hint: read tinhead's thread;)
Thanks for the hint drieg.
Looking at his threads:
https://www.eevblog.com/forum/profile/?area=showposts;sa=topics;u=2790

Would I be correct the clues are in this one?
https://www.eevblog.com/forum/testgear/hantek-tekway-dso-hack-get-200mhz-bw-for-free/
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 
The following users thanked this post: PsychoBoy

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 781
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #17 on: June 21, 2016, 10:24:30 am »
I actually can't because I'm a distributor of Siglent (and Rigol) test gear. Sorry for that.
I only can recommend Drieg as a distributor/reseller for Rigol and Siglent devices. I know him for years now. He is always very helpful (even months or years after the purchase!) and can help you whenever EVERY other reseller can't. So if you want to purchase such stuff, ask him for a quote.
 

Offline janekivi

  • Frequent Contributor
  • **
  • Posts: 370
  • Country: ee
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #18 on: June 24, 2016, 08:28:38 pm »
Does it have telnet?

You know what I'm thinking here... ;)
 

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29599
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #19 on: June 24, 2016, 09:43:21 pm »
Does it have telnet?

You know what I'm thinking here... ;)
Early in Daves teardown and his only cursory inspection of the processor PCB he identifies a header that he calls as a Jtag and then another for programming.  :-\
https://www.eevblog.com/forum/blog/eevblog-892-siglent-ssa3021x-spectrum-analyser-teardown/
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 

Offline janekivi

  • Frequent Contributor
  • **
  • Posts: 370
  • Country: ee
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #20 on: June 24, 2016, 09:51:16 pm »
Some kind of telnet prompt from LAN port? In shadow may be DES / crypt(3) root password.
 

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 781
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #21 on: June 24, 2016, 10:55:01 pm »
Some kind of telnet prompt from LAN port? In shadow may be DES / crypt(3) root password.
Yes, telnet deamon is active - see screenshot.
But I do not know how to proceed from here.
 

Online nctnico

  • Super Contributor
  • ***
  • Posts: 28246
  • Country: nl
    • NCT Developments
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #22 on: June 24, 2016, 11:47:58 pm »
They didn't remove the banner? Maybe they kept the default Arago password as well: root
« Last Edit: June 24, 2016, 11:49:41 pm by nctnico »
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 781
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #23 on: June 25, 2016, 10:02:48 am »
They didn't remove the banner? Maybe they kept the default Arago password as well: root
I am not a hacker, but  of course I already tried this (and some other) most obvious password without success.
 

Offline janekivi

  • Frequent Contributor
  • **
  • Posts: 370
  • Country: ee
Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #24 on: June 25, 2016, 11:53:41 am »
You can try crack this from SSA3000X_D07P03.ADS
xE062W/htPFyU
UNIX descrypt
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf