Author Topic: Need help hacking DP832 for multicolour option.  (Read 61147 times)

0 Members and 1 Guest are viewing this topic.

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 2549
  • Country: hr
Re: Need help hacking DP832 for multicolour option.
« Reply #200 on: April 09, 2019, 09:06:10 pm »
just a short note for those who are "upgrading" to a DP832A. I had a very old firmware revision (1.04) on my DP832. With this old firmware, the hack was not working. I then updated to 1.16 (first 1.11. then 1.16) and then the hack worked.
However, somewhere during this process my DP832 lost all the calibration, thus a complete re-calibration was needed. This takes a while, so make sure you have enough time in case this happens to you too.

Mine didn't lost the calibration when upgraded from DP832 to DP832, but the firmware was already at 1.14.

Couldn't find the info in the DP800 User Manual, it say to contact Rigol.
What is the password and the procedure for DP800 manual calibration, please?


2012
 
The following users thanked this post: Spork Schivago, RoGeorge

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 650
Re: Need help hacking DP832 for multicolour option.
« Reply #201 on: April 09, 2019, 09:16:31 pm »
Quote
Couldn't find the info in the DP800 User Manual, it say to contact Rigol.
What is the password and the procedure for DP800 manual calibration, please?
I added a link in my post above. See at the first page of the link, there are links to the calibration procedure.  The automatic calibration by a python script (if you have a SCPI/LXI ready-DMM available) is using the password "11111"; for the manual calibration "2012" will be the correct one.
Though I tried the manual calibration first and was annoyed quickly about the long and pesky procedure. I then used the python script posted several times here in the forum (e.g. see link above). Instead of manually reading and entering the numbers for two hours I decided to dig into the python stuff (which took longer than 2 hours ... but I learned something new by this, so it was worth it).
« Last Edit: April 09, 2019, 09:18:02 pm by Pinkus »
 
The following users thanked this post: Spork Schivago, RoGeorge

Offline _Wim_

  • Frequent Contributor
  • **
  • Posts: 822
  • Country: be
Re: Need help hacking DP832 for multicolour option.
« Reply #202 on: April 10, 2019, 03:54:50 pm »
I took a quick look at a DG1032Z firmware I found somewhere. I think it's version 1.06. It has a very similar check for the same magic value at sector 0x78EC.

Could someone eager to hack (or brick) their DG1032Z send these commands to it, preferably via USB, and post the results here? The keyfile.bin I made for DP832 should work.

:PROJ:STAT MCALTIMES,QUERY
*IDN?
:PROJ:STAT MODEL,DG1062Z
*IDN?

I can do this, but only next week.
« Last Edit: April 10, 2019, 03:58:58 pm by _Wim_ »
 

Online tv84

  • Super Contributor
  • ***
  • Posts: 1444
  • Country: pt
Re: Need help hacking DP832 for multicolour option.
« Reply #203 on: April 10, 2019, 05:10:46 pm »
I think it's better to not mess with:

:PROJ:STAT MCALTIMES,QUERY

Just do the:

:PROJ:STAT MODEL,DG1062Z

And you'll have a new model!
 

Offline _Wim_

  • Frequent Contributor
  • **
  • Posts: 822
  • Country: be
Re: Need help hacking DP832 for multicolour option.
« Reply #204 on: April 10, 2019, 07:18:55 pm »
I think it's better to not mess with:

:PROJ:STAT MCALTIMES,QUERY

Just do the:

:PROJ:STAT MODEL,DG1062Z

And you'll have a new model!

Thanks. I will give this a try when I am back at home.
 

Offline stj

  • Super Contributor
  • ***
  • Posts: 2156
  • Country: gb
Re: Need help hacking DP832 for multicolour option.
« Reply #205 on: April 10, 2019, 08:27:58 pm »
has anybody tried this on the scopes?

on the ds1000z series, it may be usefull in the future to switch it to the MSO variant.
also, although i'm not sure, it was the case that Riglol didnt work on the 2000 and 4000 series.
 
The following users thanked this post: Spork Schivago

Offline TurboTom

  • Frequent Contributor
  • **
  • Posts: 748
  • Country: de
Re: Need help hacking DP832 for multicolour option.
« Reply #206 on: April 10, 2019, 08:38:51 pm »
I doubt that the hack will work on DS/MSO 2000 and 4000 platforms since these are based on Blackfin DSPs (just like the DG4000) and not the iMX SOCs that are used in the machines that are apparantly/proven to be hackable with the described approach. Yet, turning the DS1000Z into an MSO may appear attractive to some, especially since there is this parallel thread approaching a "DIY" probe adapter for the MSO1000Z and MSO5000 platforms.

Cheers,
Thomas
 

Online tv84

  • Super Contributor
  • ***
  • Posts: 1444
  • Country: pt
Re: Need help hacking DP832 for multicolour option.
« Reply #207 on: April 10, 2019, 10:09:51 pm »
has anybody tried this on the scopes?

on the ds1000z series, it may be usefull in the future to switch it to the MSO variant.
also, although i'm not sure, it was the case that Riglol didnt work on the 2000 and 4000 series.

It's almost guaranteed that you can convert a DS1000Z into a MSO but, in the end, you need the additional HW.

They use the same FW, although each one uses a licensing scheme/functions different. But both methods are present in the FW.

Of course you would have to flash a key_block into the DS in order for it to behave as a MSO. Remember all the "rigup machines" take their private keys from a block that's in their flash.

As the DS doesnt have that block, you would have to create it besides "changing model".

It could be that the simple insertion of the key_block (in the flash) is the trigger to a model change!

 

Offline Spork Schivago

  • Frequent Contributor
  • **
  • Posts: 387
  • Country: us
Re: Need help hacking DP832 for multicolour option.
« Reply #208 on: April 12, 2019, 01:36:44 pm »
Out of curiosity, what does the :PROJ:STAT MCALTIMES,QUERY command do?   I searched the net and all I could find was something from this thread on page 7 that has been edited or is missing from some other reason.   Google Cache was no help.

Does it query calibration times?   What's the M for I wonder?  Also, why would that command be a bad idea to run?
 

Offline WhichEnt2

  • Regular Contributor
  • *
  • Posts: 98
  • Country: ru
Re: Need help hacking DP832 for multicolour option.
« Reply #209 on: April 12, 2019, 01:52:30 pm »
I searched the net and all I could find was something from this thread on page 7 that has been edited or is missing from some other reason.   Google Cache was no help.
I bet it's the last post on page 6 has been moved from page 7 by someone deleting post somwhere in the thread.
Compare it's contents: cat: /dev/usbtmc1: Connection timed out ~$ echo ":PROJ:STAT MCALTIMES,QUERY" vs https://www.eevblog.com/forum/testgear/need-help-hacking-dp832-for-multicolour-option/msg2324442/#msg2324442
Short pieces, high value, small period, huge amount, long delay.
 

Offline tossu

  • Contributor
  • Posts: 19
  • Country: 00
Re: Need help hacking DP832 for multicolour option.
« Reply #210 on: April 12, 2019, 02:39:46 pm »
Out of curiosity, what does the :PROJ:STAT MCALTIMES,QUERY command do?   I searched the net and all I could find was something from this thread on page 7 that has been edited or is missing from some other reason.   Google Cache was no help.

Does it query calibration times?   What's the M for I wonder?  Also, why would that command be a bad idea to run?

It just prints the values of two variables. I'd guess it's counting how many times a manual calibration is done. I don't see why running the command would break anything but it would be completely unnecessary. People had problems upgrading their DG1000Z's, so I wanted to see if the :PROJ:STAT command would work at all. That post was by no means intented to be a guide.
 

Offline WhichEnt2

  • Regular Contributor
  • *
  • Posts: 98
  • Country: ru
Re: Need help hacking DP832 for multicolour option.
« Reply #211 on: April 15, 2019, 04:29:21 pm »
With the public key 586E719859AF6C  you might upgrade riglol and generate the official license for Arb16M.
Doesn't it requrie additional research for obtaining option code(s) from firmware?
Short pieces, high value, small period, huge amount, long delay.
 

Online tv84

  • Super Contributor
  • ***
  • Posts: 1444
  • Country: pt
Re: Need help hacking DP832 for multicolour option.
« Reply #212 on: April 15, 2019, 05:07:57 pm »
Doesn't it requrie additional research for obtaining option code(s) from firmware?

Arb16M option code is JBNE.
 
The following users thanked this post: WhichEnt2

Offline WhichEnt2

  • Regular Contributor
  • *
  • Posts: 98
  • Country: ru
Re: Need help hacking DP832 for multicolour option.
« Reply #213 on: May 01, 2019, 01:45:21 pm »
With the public key 586E719859AF6C  you might upgrade riglol and generate the official license for Arb16M.
Looks like this task is not just too straight and involves recovering private key from a public key.
Short pieces, high value, small period, huge amount, long delay.
 

Offline BLF Lexel

  • Contributor
  • Posts: 9
  • Country: de
Re: Need help hacking DP832 for multicolour option.
« Reply #214 on: May 02, 2019, 07:11:02 am »
I got the problem getting a connection with my DP811

I can ping it at 192.168.178.22 but when I use Telnet on port 5555 I get no connection

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Windows\system32>ping 192.168.178.22

Ping wird ausgeführt für 192.168.178.22 mit 32 Bytes Daten:
Antwort von 192.168.178.22: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.178.22: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.178.22: Bytes=32 Zeit<1ms TTL=64
Antwort von 192.168.178.22: Bytes=32 Zeit<1ms TTL=64

Ping-Statistik für 192.168.178.22:
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms

C:\Windows\system32>telnet 192.168.178.22 5555
Verbindungsaufbau zu 192.168.178.22...Es konnte keine Verbindung mit dem Host he
rgestellt werden, auf Port 5555: Verbindungsfehler
« Last Edit: May 02, 2019, 07:43:31 am by BLF Lexel »
 

Offline BLF Lexel

  • Contributor
  • Posts: 9
  • Country: de
Re: Need help hacking DP832 for multicolour option.
« Reply #215 on: May 02, 2019, 08:30:54 am »
I get no connection
I also installed IVI and tried USB
 

Online PA0PBZ

  • Super Contributor
  • ***
  • Posts: 4341
  • Country: nl
Re: Need help hacking DP832 for multicolour option.
« Reply #216 on: May 02, 2019, 08:38:29 am »
I think the interfaces are optional for the DP811, same as DP832?
Keyboard error: Press F1 to continue.
 

Offline Pinkus

  • Frequent Contributor
  • **
  • Posts: 650
Re: Need help hacking DP832 for multicolour option.
« Reply #217 on: May 02, 2019, 08:51:34 am »
Quote
I think the interfaces are optional for the DP811, same as DP832?
Exactly what I thought: did you enable the options before (especially Rigol DP8-INTERFACE)?
 

Offline BLF Lexel

  • Contributor
  • Posts: 9
  • Country: de
Re: Need help hacking DP832 for multicolour option.
« Reply #218 on: May 02, 2019, 11:17:19 am »
just RS232 is unofficial with Riglol rest is enabled
 

Offline BLF Lexel

  • Contributor
  • Posts: 9
  • Country: de
Re: Need help hacking DP832 for multicolour option.
« Reply #219 on: May 09, 2019, 12:58:31 pm »
I revived a very old PC in basement and now got my
DP811
DP832
and new DG1022Z
fully upgraded

seemy my network did not like Telnet at all
 

Offline volkimel

  • Contributor
  • Posts: 10
  • Country: 00
Re: Need help hacking DP832 for multicolour option.
« Reply #220 on: May 15, 2019, 12:05:20 pm »
That's wonderful news! :-+
Thanks a lot for putting in the effort and sharing it, tossu!
I had almost given up on this, because the last bit of disassembly skills are missing!
And now, after a while not looking at it, huge progress was made!

Of course I had to try it out and it worked a treat. Got a DP832A with all options now!  :)

Used a rather old SanDisk Cruzer mini 512MB USB stick and connected with PuTTY via LAN. Really, really simple!

The software on my DP832 was and is still 00.01.13.00.01. This will change now as well.
Thanks to everyone who spend time and effort on this topic!

Cheers!
 

Offline Smokey

  • Super Contributor
  • ***
  • Posts: 1613
  • Country: us
Re: Need help hacking DP832 for multicolour option.
« Reply #221 on: May 21, 2019, 02:05:38 am »
...I wonder if the random reboots that DP832 owners suffer from for absolutely no rhyme or reason will vanish when software converting to a DP832A...

I had the random reboot problem and sent the thing in for repair.  They replaced boards, so I'd doubt it's purely a software issue that you can fix like this.  Bummer.
 

Offline starec

  • Contributor
  • Posts: 5
  • Country: sk
Re: Need help hacking DP832 for multicolour option.
« Reply #222 on: May 24, 2019, 11:40:24 am »
With the public key 586E719859AF6C  you might upgrade riglol and generate the official license for Arb16M.
Doesn't it requrie additional research for obtaining option code(s) from firmware?

i've calculated the private key for you: 7412E98108CAB0
but it isn't so straight to generate license using riglol because of slight modified algorithms used in DG1000Z

 
The following users thanked this post: thm_w

Online tv84

  • Super Contributor
  • ***
  • Posts: 1444
  • Country: pt
Re: Need help hacking DP832 for multicolour option.
« Reply #223 on: May 24, 2019, 03:49:44 pm »
slight modified algorithms used in DG1000Z

= riglol 1.03d
 

Offline starec

  • Contributor
  • Posts: 5
  • Country: sk
Re: Need help hacking DP832 for multicolour option.
« Reply #224 on: May 24, 2019, 04:33:22 pm »
= riglol 1.03d
Ok, this one is almost working. You need however change some things:
B32 alphabet - ascii_map[] = "MNBVCXZASDFGHJKLPUYTREWQ23456789"
and arrays in fn format_license_dp832_109 as follows
    const int map1[] = {3, 0xE, 0x13, 9, 0x1A, 5, 7, 0x11, 0xC, 0x18, 6, 0x16};
    const int map2[] = {4, 0xB, 0x10, 0x17, 0, 8, 0x14, 0x1B, 2, 0xD, 0xF, 0x15};
    const int map3[] = {1, 0xA, 0x12, 0x19};
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf