| Products > Test Equipment |
| New Rigol DS7000 |
| << < (58/72) > >> |
| Leon23:
Did you manage to unlock your 7014? :o |
| jealcuna:
--- Quote from: Leon23 on May 18, 2020, 07:59:02 pm ---Did you manage to unlock your 7014? :o --- End quote --- Almost, hahaha. Well I could disassemble appentry file and I check the offset suggested by mabl in mso5k thread, and it has the same instruction. However I am not sure if the complete behavior is the same. I can not assume that mso5k and mso7k with different fw versions has the same behavior. It could be a coincidence or not, anyway, I will not take risks so I have not performed any modification. I decided to use the promotion license of rigol, and I am happy with all functionalities. It does not enable more memory and bw, but for my immediate work, it's enough. I was playing with waveform generator in arbitrary mode and I save some .arb files to usb. I create a python script in order to create custom signals and save it in the same format as oscilloscope. The only thing that I have not figured out is the interpolation mode. This is my first oscilloscope so I am really exiting for all the features. So any advice, or hint, that you can share, I will be deeply thankful. |
| tv84:
--- Quote from: jealcuna on May 18, 2020, 08:40:16 pm ---Well I could disassemble appentry file and I check the offset suggested by mabl in mso5k thread, and it has the same instruction. However I am not sure if the complete behavior is the same. I can not assume that mso5k and mso7k with different fw versions has the same behavior. It could be a coincidence or not, anyway, I will not take risks so I have not performed any modification. --- End quote --- I say it again: "the MSO5000 patching is almost the same but with different offsets." Anyone who is able to see what is patched in the MSO5000 can easily find the same disassembly in the 7000. BTW, the risk of bricking the scope is negligible because there is always the bootloader update method. |
| fact:
I just installed fresh firmware in my MSO7000. This text is from the release notes: ---------------------------------- [Supported Model] All the MSO/DS7000 Series Digital Oscilloscopes [Latest Revision Date] 2020/06/18 [Updated Contents] -------------------- v00.01.02.00.06 2020/06/18 - In the calibration part, fine delay calibration between channels is added ---------------------------------- No major changes, XY-operation still a blob moving over the screen, no Bode plot, ..... |
| memeruiz:
I tried "upgrading" the MSO7014 to all upgrade options using the MSO5000 guides and recommendations from here. It didn't work. Although I know I still have to try something else (more work). I just want to let everybody know about this experience. 1) Use the gel file from https://www.eevblog.com/forum/testgear/new-rigol-ds7000/msg2930476/#msg2930476 to get ssh running. This worked fine. One thing that I wanted to do was to get ssh _always_ running without needing to use the USB key just in case something went south with the appEntry executable and then I couldn't get to the device again (because I didn't even get appEntry program running at all!!!). I mean, the plan is to tweak a binary directly. This is kind of insane (easy to screw things up). 1.1) EXTRA STEP: Get ssh always running!!! In the MSO5000 thread I read somewhere that at /etc/init.d/rcS ssh was previously started, but rigol removed this in newer firmware versions. I looked at the file and I saw "#/usr/sbin/sshd" commented out. Tried removing the comment, reboot: did't work. I think the reason is because the "/" rootfs of the device is some sort of union filesystem that stores changes in RAM only. Only things changed in /rigol are permanent. Reading more, I found that after /etc/init.d/rcS /rigol/shell/start.sh is executed. In this file I added /usr/sbin/sshd at the beginning of the file. This worked perfectly. The nice thing about this is that sshd is loaded before appEntry is executed, if appEntry fails, sshd will still be running and I could restore from an old appEntry file easily and then try fast with many appEntry versions as possible. Everybody should do this! It is nice to have ssh always running!!! 2) backup I just used this. https://www.eevblog.com/forum/testgear/new-rigol-ds7000/msg2757408/#msg2757408 Both the normal backup and the nand backup I also did a scp of /rigol directory 3) Get appEntry modified correctly. I couldn't find an already modified version of an appEntry for a MSO7000. Suggestions from @tv84 https://www.eevblog.com/forum/testgear/new-rigol-ds7000/msg3070602/#msg3070602 are that one must "find" the "offsets". Well. Reading more I guessed they were referring to the bytes changed on the appEntry binary file. The suggestion appears to go in this direction: a) go find a MSO5000 patch file b) get the corresponding original appEntry file c) patch d) compare original appEntry vs patched version and find out the patched data. e) search for that same binary data on my MSO7000 appEntry file f) modify data on MSO7000 appEntry file to be the same as the patched MSO5000 content on those "offsets" g) copy new patched file to the MSO7000 instead of the original file (optionally: generate a patch file and put it in the forum) I did all this and it didn't work. Actually my oscilloscope came with several packages already activated and they got deactivated. I put the original appEntry file back again, and the licenses are still deactivated. Result: total failure!!!! My firmware version: 01.01.02.00.06 (which is a weird version by the way, I can only find 00.01.02.00.06 on rigol webpage, I'm guessing it is the same, for some reason it is showing 01 at the beginning). The offsets I found are the following: 0x0017E4C8 : 4 bytes modified 0x0017E4E4 : 4 bytes modified 0x0036DDE0 : 4 bytes modified 0x0036DDFC : 4 bytes modified 0x001cc0e4 : 8 bytes modified In the last offset the data was already "patched". My guess is that because of the already activated licenses maybe something was already activated there. But not sure. Binary file shouldn't be different in my opinion. Next steps: disassembly/decompile. This takes a lot of analysis time. Not my idea when I decided to buy the oscilloscope. So, for normal people, or people without time: Don't buy this oscilloscope thinking it is easily upgradable for free: it is not: unless someone does this work and puts the patch here. Get the MSO5000 instead. Also, another word of advise, a next firmware version they may change the appEntry file so much that previous patches may not be "adjustable with finding out offsets" like pointed out before. This should apply to both generation of oscilloscopes (less of a problem with the more popular MSO5000 that people are more willing to put the patches freely online). I'll get back if I'm getting any results with disassembly. I will be looking for a mentioned famous license checking function in it. Don't hold your breath, it could be that it changes to another function number totally different on the MSO7000. I have played a bit with ghidra before. I couldn't do much. The task then was very complicated. I hope this one is easier. |
| Navigation |
| Message Index |
| Next page |
| Previous page |