Siglent SDS1000X-E license recovery

I know I am late to the “recover your license keys for your Siglent oscilloscope” party, but since I recently went through this to recover my license keys, there is a much easier approach that people don’t seem to be aware of.

There are several forum topics and blog posts on the subject of recovering license keys for the Siglent SDS1000X-E series.

Most of the methods described involve extracting the cramfs, modifying the password hash of the root user, and flashing the modified image as an update.

There is a much easier way to obtain the bandwidth and option licenses of the scope while using only official Siglent firmware images.

  1. Download the firmware 6.1.25R2
  2. Extract the archive and copy the ADS file SDS1004X_E_6.1.25R2.ADS to a FAT32 formatted USB device
  3. Follow the instructions in the 6.1.25R2 archive to “update” (downgrade) the scope firmware to 6.1.25R2
  4. Navigate to the SCPI control page of the web management interface of the scope
  5. Run the following SCPI command: SHELLCMD telnetd -l/bin/sh -p9999
  6. telnet to the scope’s IP address on port 9999
  7. Dump the memory to the USB device: cat /dev/mem > /usr/bin/siglent/usr/mass_storage/U-disk0/memdump
  8. sync and umount /usr/bin/siglent/usr/mass_storage/U-disk0
  9. On a PC, run this python script with your scope_id, serial, and the path to the memory dump
    python3 --serial SDSXXXXXXX9999 --sid 012a3456789bc012 --dump /media/usb0/memdump.bin
  10. Install the 200MHz bandwidth license through the SCPI control page using the command MCBD
  11. Install the options licenses SCPI control page using the commands:
    • LCISL AWG,<code>
    • LCISL WIFI,<code>
    • LCISL MSO,<code>
  12. Reboot the scope to apply the changes
  13. After verifying that the bandwidth and option licenses are installed, update the scope firmware to the latest release (6.1.37R8 at the time of writing)

There is no need to repack the cramfs with a new shadow file containing a known root password. Additionally, the license key extraction from memory doesn’t appear to work (or at least, did not provide valid license keys for options on my scope) so I’ve borrowed the contents of a python script from the SDS2000X thread to provide option license keys for the SDS1000X-E. The script is available here.

Note that the 6.1.25R2 firmware has the root password siglent_sds1000x_e. However the password is not required in any of the above steps.

Leave a Reply

Your email address will not be published.