Products > Test Equipment
Sniffing the Rigol's internal I2C bus
corax:
This was mentioned earlier in the thread, but you don't need to use the Ultra Sigma software to use these hacks.
If you have an ethernet connection to the scope (and the scope's TCP/IP settings are useable), you can use telnet to send SCPI commands:
(utility->I/O Setting->LAN set for TCP/IP setup and/or to see what DHCP address was assigned)
telnet <scopeaddress> 5555
Once connected, send the SCPI command:
*IDN?
... and you'll get the scope's ID string (and keys in the case of the hacked firmware).
That said, a scan with NMAP shows that the scope is also listening on other TCP ports:
root@raven:~# nmap -sS 192.168.1.198
...
80/tcp open http
111/tcp open rpcbind
5555/tcp open
5566/tcp open
6666/tcp open irc
MAC Address: 00:19:AF:28:17:08 (Rigol Technologies)
Port 80 and 5555 are expected (www and SCPI).
Looks like LXI uses RPC on port 111.
I wonder how ports 5566 and 6666 are used.
tsmith35:
--- Quote from: corax on February 22, 2014, 09:32:30 pm ---6666/tcp open irc
--- End quote ---
Listening on 6666 isn't a good idea. It's a very popular port for malware and hackers to try and gain access to a machine. Strange that Rigol would choose to use that port...
Rigby:
--- Quote from: tsmith35 on February 22, 2014, 11:51:43 pm ---
--- Quote from: corax on February 22, 2014, 09:32:30 pm ---6666/tcp open irc
--- End quote ---
Listening on 6666 isn't a good idea. It's a very popular port for malware and hackers to try and gain access to a machine. Strange that Rigol would choose to use that port...
--- End quote ---
malware often scans all ports, not just the common ones. besides, vulnerability depends entirely on what has the port open. if you telnet and get a prompt, that's bad. if you telnet and get disconnected, not so bad.
Giggy:
Thanks for the feedback Dave92F1,
1-3. I've reworded and added some pictures for clarity
4. ???? Haha
5. The link i've provided shows version 01.01.10? They must have updated the page.
6. I installed the program as is, I did see something about an additional runtime, but I don't believe I had to install anything (Although I did have some NI software already?)
7-8. I've also reworded this and added some more information like you have.
Thanks a lot.
Considering the attention and now feedback my upload has had (582 downloads), I've revised the document.
- All word processed (no more hand written notes)
- More illustrations (improved image contrasts)
- Revised structure of document
- Added uninstall command at the end
DS2072A Unlocking Guide rev 1.0
http://www.mediafire.com/view/lk5fla8ib1w2mc1/D2072A_Unlocking_Guide.pdf
Rigby:
SkyDrive/OneDrive
Dropbox
mega.co.nz
Google Drive
...
There are far better free ways to share files than Mediafire.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version