Products > Test Equipment
Siglent .ads firmware file format
<< < (6/85) > >>
analogNewbie:
Sorry, I post the unpack script few min ago and I've deleted it. I have figured out the ADS file format shared by SDG2000x, SSA3000x etc.

There some other reasons I have not released the code
1) the "upgrade" mechanism for SDG2042x to 120MHz is still working. O0
2) if  siglent fixes the bug. A license can be generated to keep the 120MHz ability. I have made a license generator.
3) if the telnet/ssh connect is blocked someday and a white list is embedded,  a unofficial ADS file can be made to unblock it.
4) I am a little bit worried about the consequences.  |O :palm:   
5) I expect that siglent keeps using this format in the future.

So, if you are the owner of SDG2042x , do not be worried about losing the 120MHz.
If you want to do some research on the options of something like SSA3000x or so, I can send the ELF file to you.



For the 3DES, they implemented the wrong way, here is the algorithm they use.
janekivi:
This is working fine.
As you may know I did handle crypted files with notepad and calculator not knowing anything
about crypt or cryptography or key : ) But with knowing something is always more productive.
I still do not know much...
flynnjs:
> For the 3DES, they implemented the wrong way,

Thanks for that, it would have taken me quite a while to pick through that.
janekivi:
I had an idea to change shadow file contents and crc in both places.
All info was outside crypted area too. But what is in the header before
every file inside the update. SDG2000X P21R2.ADS has only one zip inside.
But if you have SDM3055 transition.ads there is many files.

12 1E B1 8F   59 C5 DA 00   07 00 00 00   00 00 00 00
00 00 00 00   00 00 00 00   00 00 00 00   00 00 00 00
00 00 00 00   00 00 00 00   00 00 00 00   00 00 00 00
00 00 00 00   50 4B 03 04   0A 00 00 00   00 00 42 A0

With 50 4B 03 04 is starting zip file and his length is DA C5 59.
07 may be zip file type, u-boot has there 01, ELF has 03...
First 4 bytes must be related to the following file somehow
I'm staring at this ads reading script in IDA but...
Main 112 byte header is even crazier
analogNewbie:
8fb11e12 is the checksum of current section, 00dac559 is the length, 07 is the section type.

if you just need to unpack the package , the 1st 112 bytes is not needed.

There is a byte exchange process after the decryption. The algorithm is not complex, but it can not be done by comparing different files. You need to play with IDA.

good luck

Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod