Author Topic: Unlocking Siglent SDS1104X-E, step by step  (Read 27295 times)

0 Members and 2 Guests are viewing this topic.

Offline vtwin@cox.net

  • Regular Contributor
  • *
  • Posts: 173
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #150 on: March 06, 2019, 05:55:51 pm »
If IDA is too expensive for you, consider Ghidra

https://www.zdnet.com/article/nsa-release-ghidra-a-free-software-reverse-engineering-toolkit/

lmao yeah, I'm going to download stuff from the NSA and install it on my computer.

Nooooooo chance of it having some spyware or back-door capabilities for the federal government embedded in there. Noooo sireeeeee.
A hollow voice says 'PLUGH'.
 

Offline tinhead

  • Super Contributor
  • ***
  • Posts: 1903
  • Country: 00
    • If you like my hacks, send me a donation
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #151 on: March 10, 2019, 11:34:16 am »
from the NSA and install it on my computer

actually CIA, later NSA. I'm using it since years, still alive, still no drones on the sky. EDIT (Ghidra is really useful, you can always use VM if you care).

I'm more complaint about useless online firmware updates for these DSOs, i don't need it, they are security holes by design, i wish Siglent could spend more time on firmware improvements/fix instead of useless online updates.
« Last Edit: March 10, 2019, 11:35:59 am by tinhead »
I don't want to be human! I want to see gamma rays, I want to hear X-rays, and I want to smell dark matter ...
I want to reach out with something other than these prehensile paws and feel the solar wind of a supernova flowing over me.
 

Offline 48656C6C6F20576F726C6421

  • Newbie
  • Posts: 1
  • Country: de
In a single line of code
« Reply #152 on: April 10, 2019, 07:22:16 pm »
I came across this thread and found it interesting. It looked like a nice puzzle. I thought whether there is any way to put all the previous information into a single line of code (e.g. shell code), so there is no need for:
- patching the firmware
- searching strings in a hex editor
- compiling some search tools with a version of VS you don't have, so you need to change the code before it runs
- messing arround with USB

The following code is for educational purpose. Do not use it if you have not bought the options or bandwith. If you want to play with it, you should first ask Siglent, how to remove/disable an unwanted/unlicenced option which was unlocked by accident while playing with the device.
This is important because they put a lot of time and work in it to disable some functionality. This work need to be paid!
There might be some exceptions (but I'm mot sure):
- if you lost your bought keys, and the device did it too, or you have not entered it before the precious loss
- if the device was delivered in a wrong configuration (i.e. bandwith)
- if your device came in a wrong case or with a wrong label

This code is for the shell (e.g. Telnet):
Code: [Select]
BW_OK="200M"; QuickSearch=500; cat /proc/$(pidof sds1000b.app)/maps | grep heap | while read line; do start=0x$(echo $line | cut -c 0-8); end=0x$(echo $line | cut -c 10-18); dd if=/proc/$(pidof sds1000b.app)/mem bs=4096 skip=$(($start/4096)) count=$( [ -z "$QuickSearch" ] && echo $((($end-$start)/4096)) || echo $QuickSearch) | grep -ohE "[A-Z0-9]{16}" | grep -vhE "([A-Z])\1{2}" | while read line; do echo "LCISL WIFI,$line" | nc -w1 127.0.0.1 5024; echo "LCISL AWG,$line" | nc -w1 127.0.0.1 5024; echo "LCISL MSO,$line" | nc -w1 127.0.0.1 5024; [ $BW_OK != "$(echo "PRBD?" | nc -w1 127.0.0.1 5024 | grep -o $BW_OK)" ] && echo "MCBD $line" | nc -w1 127.0.0.1 5024; done; done

You need to enable Telnet like described in post #67.

Yeah ok, it's not a single line in the meaning of code but in the meaning of a string.

Can this also be put into the web interface? Not directly but it can:
Code: [Select]
SHELLCMD sh -c $'BW_OK="200M" \x3b QuickSearch=500 \x3b cat /proc/$(pidof sds1000b.app)/maps | grep heap | while read line\x3b do start=0x$(echo $line | cut -c 0-8)\x3b end=0x$(echo $line | cut -c 10-18)\x3b dd if=/proc/$(pidof sds1000b.app)/mem bs=4096 skip=$(($start/4096)) count=$( [ -z "$QuickSearch" ] && echo $((($end-$start)/4096)) || echo $QuickSearch) | grep -ohE "[A-Z0-9]{16}" | grep -vhE "([A-Z])\\1{2}" | while read line\x3b do echo "LCISL WIFI,$line" | nc -w1 127.0.0.1 5024\x3b echo "LCISL AWG,$line" | nc -w1 127.0.0.1 5024\x3b echo "LCISL MSO,$line" | nc -w1 127.0.0.1 5024\x3b [ $BW_OK != "$(echo "PRBD?" | nc -w1 127.0.0.1 5024 | grep -o $BW_OK)" ] && echo "MCBD $line" | nc -w1 127.0.0.1 5024\x3b done\x3b done' &

This was a little bit more complicated because the web interface doesn't accept semicolons, so they needed to be masked. There is also a circular dependency for SCPI, which will lock netcat if the script is not running independently, so the ampersand at the end is mandatory.

The variable at the beginning is the bandwith you want to select, and need to be set to a correct string like "200M" or "100M". This can be used if you want to try a different BW (e.g. for benchmarks or so).
I figured out that the keys are at the very beginning of the heap. I put a QuickSearch limit at the beginning of the script, so that it does not need to grep through the whole heap, which would need more then a minute. With the limit of 500 it will run about 5 seconds. If it does not find the keys, you can remove the "500" and it will run through the full heap.
You can watch how the options get unlocked ("xx" instead of a value) if you have this info page opened.
I put an additional filter (grep -vhE "([A-Z])\1{2}") in it to remove found strings (about 50 in the whole heap) with low entropy. This is not really needed, and does not have huge effect on performance but it makes it a little bit more sophisticated. There is a chance of 1/3589 (if I'm right) that this will filter a valid key. You can remove it if you think this is the case.

What do we learn from that at the end?
If you want to use cryptography to check a key, do not calculate the right one in parallel and compare it to the entered one. I also don't understand why they did this if there is nothing to compare. Hmmm, intention?

I hope you have fun and don't forget "Piracy. It's a Crime." ;)
 
The following users thanked this post: bitseeker, sdt, Coldblackice

Offline bugi

  • Frequent Contributor
  • **
  • Posts: 250
  • Country: fi
  • Hobbyist using the ultra slow and unsure method
Re: In a single line of code
« Reply #153 on: April 10, 2019, 08:49:22 pm »
I came across this thread and found it interesting. It looked like a nice puzzle. I thought whether there is any way to put all the previous information into a single line of code (e.g. shell code)
...
Awesome! (In more than one way.)

In couple pages someone will start compressing that from "single line of code" to "half a line of code", somehow, and producing Siglent logo in ASCII graphics as a side-effect. (Obfuscated code contest -style)...

... And in few more pages we have the code golfers doing it all in 17... scratch that, 15 characters. No, 11 is enough if you use the language.... no, 9 if you accept messy output.

:P of course.
 

Offline additude

  • Newbie
  • Posts: 3
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #154 on: May 12, 2019, 09:45:14 am »
Hello,
Thanks to everyone that contributed to this thread.
I was able to easily SHELL the telnet on 9999, telnet in from my Win10 laptop, save a memory dump to a USB drive and use HxD editor to locate 5 codes, two of which were Nut2Butt... then use MCBD on the second code to change my bandwidth to 200M with PRBD? reporting such and all without any reboot.
A few things that I have question of I hope someone can insight me.
I was able to use the 200M code, what are the others for? I do not wish to break something so I ask for knowledge first.
Is it to do with other "Options"? I know post #39 has 100M, 200M, 50M and 70M.... Are the 5 codes I have retrieved strictly related to BW only?

So why 5 codes and not 4? "The one that appears twice is the license key your scope is currently licensed under."
Secondly, can I locate other unlock codes for the other features on my SDS1104X-E? "When you locate the entry with your serial number, you will see a series of (at least) 3 16-character strings. If you have any options already licensed, those keys will appear twice. if you have no options licensed, they only appear once. The keys are, respectively, AWG, WIFI and MSO."
In my own attempt to answer these questions, I rebooted the machine and I ran the latest "One Liner" code via telnet, but even leaving QuickSearch blank I received only:
Code: [Select]
7563+0 records in
7563+0 records out
30978048 bytes (29.5MB) copied, 80.243151 seconds, 377.0KB/s
Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
>>Welcome to the SCPI instrument 'Siglent SDS1204X-E'
....

Running the SCPI SHELL of this with QuickSearch blank I received:
"Device Cannot Be Connected"
With QuickSearch=500 it finished but did not report any results.
Thanks..
--Wes
« Last Edit: May 12, 2019, 01:24:10 pm by additude »
 

Offline e0ne199

  • Regular Contributor
  • *
  • Posts: 50
  • Country: id
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #155 on: May 12, 2019, 07:40:56 pm »
damn so in the end i am wasting my money to buy SDS1204X-E...........if i knew something like this could happen then i wouldn't want to buy my current oscilloscope  :(

does anyone here have a chance to crack SDS1204X-E? i just want to know if there is still a possibility to crack more bandwidth out of this oscilloscope...
« Last Edit: May 14, 2019, 08:39:20 pm by e0ne199 »
 

Offline additude

  • Newbie
  • Posts: 3
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #156 on: May 13, 2019, 02:08:43 pm »
Hey all,
I'm pretty new to electronics and new to this forum, but thought you might find a python port of the FindKeys script useful - I didn't want to mess with visual studio. Disclaimer, it's hacky as hell, barely tested, and skips over the niceties of the original script. But it did successfully pull out all the licenses. Good luck! And feel free to clean it up.
I ran this and compared it to my outputs of key codes from the Hex Editor and this python mod worked fine. It harvested every possible key, just it ends up being a try/fail routine with 40-ish codes.
The program ran for minutes without any errors on a Windows 10 machine.
Thanks Phil.
 

Offline slaupin

  • Newbie
  • Posts: 1
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #157 on: July 02, 2019, 04:24:42 am »
Does anyone know if this general approach works on any other Siglent oscilloscope series? After digging through this whole thread I think it was stated that it would NOT work on the SDS1kX series. What about the SDS2kX series? Thanks for all of the great info!
 

Offline wgoeo

  • Contributor
  • Posts: 10
  • Country: 00
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #158 on: July 24, 2019, 05:34:31 pm »
I haven't fully tested this but the output matches the bandwidth keys in reply #89.
Needs Python 3, just replace the serial and run.

Edit: Update, thanks tinhead!
« Last Edit: July 29, 2019, 01:11:54 am by wgoeo »
 
The following users thanked this post: sdt

Offline Taaning

  • Newbie
  • Posts: 4
  • Country: dk
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #159 on: July 24, 2019, 06:55:51 pm »
Ran the script, and it found all the correct keys for my scope.
Thank you :-)
 

Offline tinhead

  • Super Contributor
  • ***
  • Posts: 1903
  • Country: 00
    • If you like my hacks, send me a donation
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #160 on: July 26, 2019, 05:18:56 pm »
I haven't fully tested this but the output matches the bandwidth keys in reply #89.
Needs Python 3, just replace the serial and run.

almost, for bandwidth SCOPE_ID and for other options S/N is the way to go. With some tricks (generate 500M License - which is not valid for that models but it opens somedoors, add it, generate 300M License, add it, reboot) one can go even to non existing but valid model SDS1304X-E, but for some reason even if shows that model, it defaults filter to 70MHz BW, so not "yet" perfekt hack

« Last Edit: July 27, 2019, 11:48:35 am by tinhead »
I don't want to be human! I want to see gamma rays, I want to hear X-rays, and I want to smell dark matter ...
I want to reach out with something other than these prehensile paws and feel the solar wind of a supernova flowing over me.
 
The following users thanked this post: sdt

Offline wgoeo

  • Contributor
  • Posts: 10
  • Country: 00
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #161 on: July 27, 2019, 01:29:28 am »
It seems there is another way to enable telnet without doing a firmware update. Create a file named siglent_device_startup.sh in the root directory of a FAT formatted USB disk containing the following:
Code: [Select]
#!/bin/sh
/usr/sbin/telnetd -l /bin/sh -p 2323 &
Insert the disk, reboot the scope, then try telnetting to port 2323. If something goes wrong, unplug the disk then reboot.
For 6.1.33 and possibly older versions. Untested as always.
 
The following users thanked this post: sdt

Offline oldcqr

  • Newbie
  • Posts: 3
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #162 on: August 26, 2019, 11:56:11 pm »
Hi Newbie here, but not a newbie.  But I sure feel like one right now!

I read the entire thread, and it appears that all I really need to do is establish a telnet session with the scope and/or use that whiz bang single line thing from the web interface.  I can't get either to work.

I've tried starting the telnet server on the scope using 2 methods - the one in message 67 (
Code: [Select]
SHELLCMD telnetd -l/bin/sh -p9999), and the one in 161 (should be just above this post) using the USB drive.  Neither appear to start the server.  When I try to telnet into the scope, (using PuTTY which I use frequently, or straight up Windows 10 Telnet) it fails:

Microsoft Telnet> o 192.168.1.55
Connecting To 192.168.1.55...Could not open connection to the host, on port 23: Connect failed
Microsoft Telnet> o 192.168.1.55 2323
Connecting To 192.168.1.55...Could not open connection to the host, on port 2323: Connect failed
Microsoft Telnet> o 192.168.1.55 9999
Connecting To 192.168.1.55...Could not open connection to the host, on port 9999: Connect failed

YES, 192.168.1.55 is the static address I assigned to the scope, and I am able to get to the web server on that address (so there is no weird subnet problem/etc. 

Tracing route to 192.168.1.55 over a maximum of 30 hops

  1     2 ms     1 ms    <1 ms  192.168.1.55

Trace complete.




Running the one line update also does nothing. 

So I took another step backwards and just tried to create a memory dump on the USB stick using
Code: [Select]
SHELLCMD cat /dev/mem > /usr/bin/siglent/usr/mass_storage/U-disk0/memdump.bin.  I used both USB ports (the scope recognized the USB stick both places).  Neither time did I get a file of any size (not even an empty one).

So to me, it appears that despite the web interface saying 'command send success', it's not actually doing anything on the scope.  Am I missing something simple?  Do I need to enable something?  With none of this working, I'm a bit gun-shy to revert the firmware (like all the way back in msg 1).

FYI:
 

Offline tv84

  • Frequent Contributor
  • **
  • Posts: 858
  • Country: pt
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #163 on: August 27, 2019, 09:32:55 am »
SHELLCMD doesnt exist in the FW anymore. So you can't use the commands based on that.

I think there is a public .GEL that allows you establish a SSH session or do a memdump.

Re-read this thread at least.
 

Offline e0ne199

  • Regular Contributor
  • *
  • Posts: 50
  • Country: id
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #164 on: August 27, 2019, 02:18:16 pm »
hello everyone, do this unlock steps also work on SDS1204-X? i really want to its unlock bode plot mode anyway
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 15977
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #165 on: August 28, 2019, 05:32:35 am »
hello everyone, do this unlock steps also work on SDS1204-X? i really want to its unlock bode plot mode anyway
Bode plot is a free feature in every way.
All that's required is a sweeping sine wave source that can be controlled from the Bode plot UI within the scope.

Yes that's additional cost of the SAG1021 AWG module or one of Siglent's stand alone AWG's.
SAG1021 has sine to 25 MHz while the stand alone AWG's from the SDG ranges start with the single channel 5 MHz  SDG805 to the 500 MHz 2ch SDG6052X.
An excellent Bode plot pairing would be with SDG2042X or the bit cheaper SDG1032X.
Avid Rabid Hobbyist
 

Offline oldcqr

  • Newbie
  • Posts: 3
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #166 on: August 28, 2019, 05:54:35 pm »
SHELLCMD doesnt exist in the FW anymore. So you can't use the commands based on that.

I think there is a public .GEL that allows you establish a SSH session or do a memdump.

Re-read this thread at least.

Ok, I reread the thread and I came at it differently....

1 - I already have python on this machine (I use it frequently)
2 - I downloaded the script wgoeo posted a couple of messages back
3 - I updated the serial number in the script with my serial number from the back of the unit/System status screen (note - I used the entire serial number, all in caps, starting with SDSM (not sure if that is right nor not)
4 - Ran the script and it generated the keys
5 - In the SCPI web page I entered "MCBD [generatedkey]" (obvs without " or [])
6 -Reboot

Nothing changed.  MCBD? shows no change.  I also tried lower case serial number, as well as changing the 'SDS1000X-E to SDS1104X-E' - which I probably didn't need to do, but tried anyway.  I also tried using Scope ID (from ScopeID? command) both as-is and with removing the hyphens and changing lowercase HEX to uppercase.

Please, can you give me a point in the right direction?

 

Offline tinhead

  • Super Contributor
  • ***
  • Posts: 1903
  • Country: 00
    • If you like my hacks, send me a donation
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #167 on: August 28, 2019, 08:35:30 pm »
Nothing changed... python

for bandwidth license you need to use scope id (scope id is somthing like 007c32...), for other software options the serial number (SDSMMEXA123...).
I don't want to be human! I want to see gamma rays, I want to hear X-rays, and I want to smell dark matter ...
I want to reach out with something other than these prehensile paws and feel the solar wind of a supernova flowing over me.
 
The following users thanked this post: sdt

Offline oldcqr

  • Newbie
  • Posts: 3
  • Country: us
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #168 on: August 28, 2019, 10:47:46 pm »
I thought I had tried all the different Scope ID permutations.  Looks like I didn't.  The one that works is without dashes and leaving any other characters as they are.

For Bandwidth Upgrade (Worked for me on 8.1.6.1.33):
  • Connect Scope to LAN
  • On Scope: In Utility menu -> Page (page 2)-I/O-IP Set
  • Either set a static IP address or enable DHCP-Save
  • Reboot.  If DHCP, use step 2 and get your scope's IP
  • Open Web Browser-input the IP address of scope
  • SCPI button on left.  In the command field: SCOPEID?
    (dont forget or miss the ? at the end.  it is important)
  • Copy the ID shown
  • Download the python script from wgeon just a few messages before this one
  • Open the script in Notepad.  Find the line that starts serial =
  • Delete everything between the two single quote marks, then place your scope ID there.

    NOTE: Your scope ID will probably contain dashes.  Remove them.  All you want are the the numbers and letters without spaces or dashes or anything else.

    Example:
    If SCOPEID? Returns: 1234-fedc-567b-89a0
    then the serial line in the script is:
    serial = '1234fedc567b89a0'

    Just remove the dashes.  Leave the rest alone.

  • Run this python script.  If you have Python already installed on your computer you can run it locally.  Otherwise a quick google search will turn up places to upload/paste the script and run it. (The first link in a Google of 'run python online' works)
  • In the 200M line the script will return a key of 16 characters.  Copy them.
  • Back in the web browser on the web page for the scope, in the SCPI command enter:MCBD (key)
    Don't include the ()s, just the 16 characters like this:  MCBD 0123456789ABCDEF

  • Reboot the scope

Thanks for the clues, and I hope these steps spell it out better for the next poor slob :)
« Last Edit: August 28, 2019, 10:50:54 pm by oldcqr »
 
The following users thanked this post: CustomEngineerer, sdt

Online Fungus

  • Super Contributor
  • ***
  • Posts: 9965
  • Country: 00
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #169 on: August 29, 2019, 05:48:50 am »
...
Example:
If SCOPEID? Returns: 1234-fedc-567b-89a0
then the serial line in the script is:
serial = '1234fedc567b89a0'

Just remove the dashes.  Leave the rest alone.

I've never understood this. Isn't the whole point of computers that they can effortlessly do things like removing dashes from numbers, thus making life easier for everybody?

(apparently not, I've actually written to banking API teams telling them that life would be a lot easier for my customers if they accepted credit card numbers with and without spaces and received corporate-boilerplate replies telling me I need to make it more clear on the web site...)

Thanks for the clues, and I hope these steps spell it out better for the next poor slob :)

Nobody ever reads instructions.

How about getting the slob who wrote the script to fix that?  :popcorn:

 

Offline e0ne199

  • Regular Contributor
  • *
  • Posts: 50
  • Country: id
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #170 on: September 01, 2019, 11:55:28 am »
hello everyone, do this unlock steps also work on SDS1204-X? i really want to its unlock bode plot mode anyway
Bode plot is a free feature in every way.
All that's required is a sweeping sine wave source that can be controlled from the Bode plot UI within the scope.

Yes that's additional cost of the SAG1021 AWG module or one of Siglent's stand alone AWG's.
SAG1021 has sine to 25 MHz while the stand alone AWG's from the SDG ranges start with the single channel 5 MHz  SDG805 to the 500 MHz 2ch SDG6052X.
An excellent Bode plot pairing would be with SDG2042X or the bit cheaper SDG1032X.

do i need to purchase license to activate bode plot? i see there is a 30 day trial for AWG...i am planning to buy a stand alone AWG, so what should i do?
 

Offline Rerouter

  • Super Contributor
  • ***
  • Posts: 4311
  • Country: au
  • Question Everything... Except This Statement
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #171 on: September 01, 2019, 12:03:47 pm »
bode plot is free, to use the AWG for anything other than bode plot needs the AWG license,
 

Online tautech

  • Super Contributor
  • ***
  • Posts: 15977
  • Country: nz
  • Taupaki Technologies Ltd. NZ Siglent Distributor
    • Taupaki Technologies Ltd.
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #172 on: September 01, 2019, 12:12:41 pm »
hello everyone, do this unlock steps also work on SDS1204-X? i really want to its unlock bode plot mode anyway
Bode plot is a free feature in every way.
All that's required is a sweeping sine wave source that can be controlled from the Bode plot UI within the scope.

Yes that's additional cost of the SAG1021 AWG module or one of Siglent's stand alone AWG's.
SAG1021 has sine to 25 MHz while the stand alone AWG's from the SDG ranges start with the single channel 5 MHz  SDG805 to the 500 MHz 2ch SDG6052X.
An excellent Bode plot pairing would be with SDG2042X or the bit cheaper SDG1032X.

do i need to purchase license to activate bode plot?
Nope, not at all. Bode plot works plug and play with all Siglent AWG's
Quote
i see there is a 30 day trial for AWG...i am planning to buy a stand alone AWG, so what should i do?
The trial usage only applies to the SAG1021 AWG module for use as an AWG from within the SDS1*04X-E Function Gen inbuilt interface.
You have 2 options, use a Siglent AWG and have simple no hassle Bode Plot usage or attempt to interface another brand AWG so the Bode Plot feature can control the other AWG. It can be done as I've already given you a link in another earlier reply but not everyone wants to have the hassle of converting the control code to get it all to work.

Any/all the examples I've posted of Bode plot use was with a SDG1032X.
Use the forum Search and 'bode plot example tautech' should find them all.
Avid Rabid Hobbyist
 

Offline sdt

  • Newbie
  • Posts: 4
  • Country: au
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #173 on: September 01, 2019, 11:58:27 pm »
I bought an SDS1104X-E last week, and I have all the same version numbers as oldcqr in reply #162

SHELLCMD doesn't seem to do anything from the SCPI interface, but wgoeo's siglent_device_startup.sh script on a usb stick from reply #161 did. Oddly it didn't seem to work every time, but often enough that it wasn't a big deal.

Dumping out the process memory of sds1000b.app didn't seem to reveal any keys. I could find my scopeid and my serial number, but very few 16-character ascii strings, none of which worked.

The updated python script from wgoeo in reply #158 worked perfectly. Bandwidth, wifi, awg & mso all unlocked without any need for telnet or any other out-of-band mods.

(I ended up needing shell access to manually fix my wpa.conf, but that's another story)

Thanks wgoeo & tinhead, and everyone else who has contributed to this thread  :-+
 

Offline aimc

  • Contributor
  • Posts: 11
  • Country: ca
Re: Unlocking Siglent SDS1104X-E, step by step
« Reply #174 on: September 02, 2019, 07:28:31 pm »
I bought an SDS1104X-E last week, and I have all the same version numbers as oldcqr in reply #162

SHELLCMD doesn't seem to do anything from the SCPI interface, but wgoeo's siglent_device_startup.sh script on a usb stick from reply #161 did. Oddly it didn't seem to work every time, but often enough that it wasn't a big deal.

Dumping out the process memory of sds1000b.app didn't seem to reveal any keys. I could find my scopeid and my serial number, but very few 16-character ascii strings, none of which worked.

The updated python script from wgoeo in reply #158 worked perfectly. Bandwidth, wifi, awg & mso all unlocked without any need for telnet or any other out-of-band mods.

(I ended up needing shell access to manually fix my wpa.conf, but that's another story)

Thanks wgoeo & tinhead, and everyone else who has contributed to this thread  :-+

Agreed! I just got a brand new SDS1104X-E and I am a step away from MCBD'ing the 200M key. But I am a bit of a skeptical nature and wanted to know if it would be possible to reverse-downgrade (for whatever reason) the process to 100M key? The TryKeys GitHub comments suggest that this is not possible with MBCD. Did anyone try this? Also after updating does indeed the model name change?

Thank you guys in advance
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf