EyezOn Forum

Smith wrote:

mikep wrote:

From some googling I got the impression that clicks = Lockout is enabled, but people on the internet can often be confused.

Including, especially me! It was a very long time ago, so go with the internet majority. I don't recall which, I only remember DLS worked and I didn't need to reprogram the entire system...

Right 1616 has 6 zones plus one for each hardwired PK keypad (not sure about the other keypads).

Rightie O. Well, I'm testing blocks of 1000 installer codes now and then. It takes about 2.8 sec per attempt, so 45 min per block. Not sure yet if it will even work in the end but if it would work then it would be a nice feeling

Here is the code I am using now in case anyone is curious, I guess about any linux system (including raspbian or mac) would have perl installed.

So far no keypad lockout despite 1000s of wrong attempts at getting into installer mode (it's a PC5015 board). I'll update here with either 'success' or 'fail'....

Code: Select all

#!/usr/bin/perl

use IO::Socket::INET;
use Time::HiRes qw ( time sleep );
 
# auto-flush on socket
$| = 1;

$socket = new IO::Socket::INET (
   PeerHost => '192.168.---------------------------------ADDRESS OF ENVISALINK---------------------------------',
   PeerPort => '4025',
   Proto => 'tcp',
);

die "cannot connect, $!\n" unless $socket;

print "connected\n";

DSC_get();

DSC_put(DSC_cmd("005", "---------------------------------PASSWORD---------------------------------")); 	# 005 - network login

$response = DSC_get();

foreach ($response) {
   /^5000052A.*5051CB/s && print("correct pass\n");
   /^5000052A.*5050CA/s && print("wrong pass\n") && exit(1);
   /^.*5052CC/s && print("timeout\n") && exit(1);	
}

open OUT, ">log." . zulu() . ".txt";

$t = time;
l0gt();

for ($code = 5000; $code < 5999; $code++) {
   l0gt(); 
   $scode = sprintf("%04d", $code);
   l0g("$scode\n");
   DSC_put(DSC_cmd("071", "1*8"));		# 071 send keys, partition 1, '*8' enter installer mode 
   DSC_get_ww("^922");				# 922 EVL requests installer code
   DSC_put(DSC_cmd("200", $scode));		# 200 send a code
   $r = DSC_get_ww("^6[58]");			# 6XX response 
   l0g($r."\n");
   DSC_put(DSC_cmd("071", "1##"));		# 071 send keys, partition 1, '##' possibly back out of installer menu
   l0g(DSC_get_w()."\n");   
   sleep(0.6);						# wait for messages to be processed, otherwise "Keybus Transmit Buffer Overrun"
   if ($r =~ /^680/) {l0g("success\n"); exit(0); }   
}

close OUT;
$socket->close();


sub l0gt {
   l0g("[" . sprintf("%.3f", time - $t) . "]\n");
}

sub l0g {
   my $s = shift;
   print $s; print OUT $s;
}

sub zulu {
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
   my $yyyymmddhhmmss = sprintf "%.4d%.2d%.2d_%.2d%.2d%.2dZ", $year+1900, $mon+1, $mday, $hour, $min, $sec;
   $yyyymmddhhmmss;
}


sub DSC_cs {
   my @chars = (split//, shift);
   my $cs = 0;
   foreach (@chars) { $cs += ord($_); }
   return sprintf("%.2X", $cs & 0xFF);
};

sub DSC_cmd {
   my $cmd = shift . shift;
   return $cmd.DSC_cs($cmd);
}

sub DSC_get {
   my $response = "";
   $socket->recv($response, 1024);
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   return $response;
}

sub DSC_get_w {		# wait for data
   my $response = "";
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   return $response;
}

sub DSC_get_ww {		# wait for specific data
   my $response = "";
   my $wanted = shift;
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   unless ($response =~ /$wanted/) { goto X; }
   return $response;
}

sub DSC_put {
   my $req = shift . "\r\n";
   my $size = $socket->send($req);
   my $hreq = $req; $hreq =~ s/\n/\\n/g; $hreq =~ s/\r/\\r/g;
   print "sent data '$hreq' (length $size)\n";
}

sacha wrote:Hi,

I have been trying to use the code below but it keeps on failing following the authentication step. I have tried a several passwords but not luck. I was wondering if we need to use the DSC Master password or a password from our Envisalink portal. I am using the PC1616 model. I don't have my installer password since the company went bankrupt. We are looking for an alternative. From reading the reviews, this product sounds promising.

Thank you for your help.

Smith wrote:

mikep wrote: Including, especially me! It was a very long time ago, so go with the internet majority. I don't recall which, I only remember DLS worked and I didn't need to reprogram the entire system...

Right 1616 has 6 zones plus one for each hardwired PK keypad (not sure about the other keypads).

Rightie O. Well, I'm testing blocks of 1000 installer codes now and then. It takes about 2.8 sec per attempt, so 45 min per block. Not sure yet if it will even work in the end but if it would work then it would be a nice feeling

Here is the code I am using now in case anyone is curious, I guess about any linux system (including raspbian or mac) would have perl installed.

So far no keypad lockout despite 1000s of wrong attempts at getting into installer mode (it's a PC5015 board). I'll update here with either 'success' or 'fail'....

Code: Select all

#!/usr/bin/perl

use IO::Socket::INET;
use Time::HiRes qw ( time sleep );
 
# auto-flush on socket
$| = 1;

$socket = new IO::Socket::INET (
   PeerHost => '192.168.---------------------------------ADDRESS OF ENVISALINK---------------------------------',
   PeerPort => '4025',
   Proto => 'tcp',
);

die "cannot connect, $!\n" unless $socket;

print "connected\n";

DSC_get();

DSC_put(DSC_cmd("005", "---------------------------------PASSWORD---------------------------------")); 	# 005 - network login

$response = DSC_get();

foreach ($response) {
   /^5000052A.*5051CB/s && print("correct pass\n");
   /^5000052A.*5050CA/s && print("wrong pass\n") && exit(1);
   /^.*5052CC/s && print("timeout\n") && exit(1);	
}

open OUT, ">log." . zulu() . ".txt";

$t = time;
l0gt();

for ($code = 5000; $code < 5999; $code++) {
   l0gt(); 
   $scode = sprintf("%04d", $code);
   l0g("$scode\n");
   DSC_put(DSC_cmd("071", "1*8"));		# 071 send keys, partition 1, '*8' enter installer mode 
   DSC_get_ww("^922");				# 922 EVL requests installer code
   DSC_put(DSC_cmd("200", $scode));		# 200 send a code
   $r = DSC_get_ww("^6[58]");			# 6XX response 
   l0g($r."\n");
   DSC_put(DSC_cmd("071", "1##"));		# 071 send keys, partition 1, '##' possibly back out of installer menu
   l0g(DSC_get_w()."\n");   
   sleep(0.6);						# wait for messages to be processed, otherwise "Keybus Transmit Buffer Overrun"
   if ($r =~ /^680/) {l0g("success\n"); exit(0); }   
}

close OUT;
$socket->close();


sub l0gt {
   l0g("[" . sprintf("%.3f", time - $t) . "]\n");
}

sub l0g {
   my $s = shift;
   print $s; print OUT $s;
}

sub zulu {
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
   my $yyyymmddhhmmss = sprintf "%.4d%.2d%.2d_%.2d%.2d%.2dZ", $year+1900, $mon+1, $mday, $hour, $min, $sec;
   $yyyymmddhhmmss;
}


sub DSC_cs {
   my @chars = (split//, shift);
   my $cs = 0;
   foreach (@chars) { $cs += ord($_); }
   return sprintf("%.2X", $cs & 0xFF);
};

sub DSC_cmd {
   my $cmd = shift . shift;
   return $cmd.DSC_cs($cmd);
}

sub DSC_get {
   my $response = "";
   $socket->recv($response, 1024);
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   return $response;
}

sub DSC_get_w {		# wait for data
   my $response = "";
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   return $response;
}

sub DSC_get_ww {		# wait for specific data
   my $response = "";
   my $wanted = shift;
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   print "response: '$hresponse' (length " . length($response) .")\n";
   unless ($response =~ /$wanted/) { goto X; }
   return $response;
}

sub DSC_put {
   my $req = shift . "\r\n";
   my $size = $socket->send($req);
   my $hreq = $req; $hreq =~ s/\n/\\n/g; $hreq =~ s/\r/\\r/g;
   print "sent data '$hreq' (length $size)\n";
}

#!/usr/bin/perl

use IO::Socket::INET;
use Time::HiRes qw ( time sleep );

############################
# Edit the variables below #
############################

# This is the IP of your EnvisaLink 
# eg. 192.168.0.X, 10.0.0.X, etc.
$ip = "---------------------------------ADDRESS OF ENVISALINK---------------------------------"; 

# This is your EnvisaLink password.  The default is user if you haven't changed it. 
$password = "user";

# Range which you want to test 
$code_start = "0000";
$code_end = "9999";

###############################################
# You shouldn't need to modify the code below #
###############################################

# auto-flush on socket
# force a flush after every write/print 
$| = 1;

# Opens a new network socket on port 4025 (default port of EnvisaLink)
$socket = new IO::Socket::INET (
   PeerHost => $ip,
   PeerPort => '4025',
   Proto => 'tcp',
);

die "DEBUG: Cannot connect to EnvisaLink. REASON: $!\n" unless $socket;

# Start logging
# open OUT, ">log." . currenttime() . ".txt";
open(OUT, '>', "log." . currenttime() . ".txt") or die $!;

l0gt("DEBUG: Connected to EnvisaLink");

DSC_get();

DSC_put(DSC_cmd("005", $password));    # 005 - network login

$response = DSC_get();

foreach ($response) {
   /^5000052A.*5051CB/s && l0gt("DEBUG: Correct EnvisaLink password");
   /^5000052A.*5050CA/s && l0gt("DEBUG: Incorrect EnvisaLink password") && exit(1);
   /^.*5052CC/s && l0gt("DEBUG: Timeout") && exit(1);   
}

$t = time;

for ($code = $code_start; $code <= $code_end; $code++) {
   l0gt("DEBUG: Start installer mode entry cycle");
   DSC_put(DSC_cmd("071", "1*8"));      # 071 send keys, partition 1, '*8' enter installer mode
   DSC_get_ww("^922");            #  Wait for 922 (EVL requests installer code)
   $scode = sprintf("%04d", $code); # Pad code with leading 0s if <1000
   l0gt("DEBUG: Attempting $scode");
   DSC_put(DSC_cmd("200", $scode));      # 200 send a code

   # if the code is wrong you will get a 670 response and it will request another installer code via 922
   # on my system it will only let you try again once via a 922 
   # 650=partition ready, 670=invalid access code, 680=system is in installer mode 

   $r = DSC_get_ww("^922|^6[58]"); #look for retry or ready or installer mode code  

   # try again if given opportunity via 922
   while ($r =~ /^922/) {
      l0gt("DEBUG: Trying again within same cycle");
      $code++;
      $scode = sprintf("%04d", $code);
      l0gt("DEBUG: Attempting $scode");
      DSC_put(DSC_cmd("200", $scode));
      $r = DSC_get_ww("^922|^6[58]"); #look for retry or ready or installer mode code
   }

   l0gt("DEBUG: If we're in installer mode, back out to main menu");
   DSC_put(DSC_cmd("071", "1##"));      # 071 send keys, partition 1, '##' possibly back out of installer menu
   DSC_get_w();
   sleep(0.6);                  # wait for messages to be processed, otherwise "Keybus Transmit Buffer Overrun"
   if ($r =~ /^680/) {l0gt("SUCCESS: $scode is the installer code"); exit(0); }   
   l0gt("DEBUG: End installer mode entry cycle");
}

close OUT;
$socket->close();

# This will create a timestamp in localtime
sub l0gt {
   my $s = shift;
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
   l0g("[" . sprintf("%.4d%.2d%.2d_%.2d%.2d%.2d", $year+1900, $mon+1, $mday, $hour, $min, $sec) . "] $s");
}

# This prints to STDOUT as well as logfile
sub l0g {
   my $s = shift;
   print "$s\n";
   print OUT "$s\n";
}

sub currenttime {
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
   my $yyyymmddhhmmss = sprintf "%.4d%.2d%.2d_%.2d%.2d%.2d", $year+1900, $mon+1, $mday, $hour, $min, $sec;
   $yyyymmddhhmmss;
}

# Converts text to ASCII values 
sub DSC_cs {
   my @chars = (split//, shift);
   my $cs = 0;
   foreach (@chars) { $cs += ord($_); }
   return sprintf("%.2X", $cs & 0xFF);
};

# Formats command 
sub DSC_cmd {
   my $cmd = shift . shift;
   return $cmd.DSC_cs($cmd);
}

# Logs a response 
sub DSC_get {
   my $response = "";
   $socket->recv($response, 1024);
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   return $response;
}

# Waits for response(s) and logs it
sub DSC_get_w {      # wait for data
   my $response = "";
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   return $response;
}

# Waits for a specific response and logs it
sub DSC_get_ww {      # wait for specific data
   my $response = "";
   my $wanted = shift;
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   unless ($response =~ /$wanted/) { goto X; }
   return $response;
}

# Sends a command and logs it
sub DSC_put {
   my $req = shift . "\r\n";
   my $size = $socket->send($req);
   my $hreq = $req; $hreq =~ s/\n/\\n/g; $hreq =~ s/\r/\\r/g;
   l0gt("sent data '$hreq' (length $size)");
}

Smith wrote:

mikep wrote:

From some googling I got the impression that clicks = Lockout is enabled, but people on the internet can often be confused.

Including, especially me! It was a very long time ago, so go with the internet majority. I don't recall which, I only remember DLS worked and I didn't need to reprogram the entire system...

Right 1616 has 6 zones plus one for each hardwired PK keypad (not sure about the other keypads).

Rightie O. Well, I'm testing blocks of 1000 installer codes now and then. It takes about 2.8 sec per attempt, so 45 min per block. Not sure yet if it will even work in the end but if it would work then it would be a nice feeling

Here is the code I am using now in case anyone is curious, I guess about any linux system (including raspbian or mac) would have perl installed.

So far no keypad lockout despite 1000s of wrong attempts at getting into installer mode (it's a PC5015 board). I'll update here with either 'success' or 'fail'....

edirol wrote:Hi Smith,

Thanks for posting this code as it helped me recover my installer code after purchasing a home with an existing DSC system.

I've modified it a bit with:
- major: will retry code entry immediately if presented option
- minor: some more comments
- minor: more debug output
- minor: logs in localtime vs zulu

On my DSC system, it allows 2 attempts every 30s, so this code modification doubled the testing rate.

Thanks,
- Edirol

Here's the updated code:

Code: Select all

#!/usr/bin/perl

use IO::Socket::INET;
use Time::HiRes qw ( time sleep );

############################
# Edit the variables below #
############################

# This is the IP of your EnvisaLink 
# eg. 192.168.0.X, 10.0.0.X, etc.
$ip = "---------------------------------ADDRESS OF ENVISALINK---------------------------------"; 

# This is your EnvisaLink password.  The default is user if you haven't changed it. 
$password = "user";

# Range which you want to test 
$code_start = "0000";
$code_end = "9999";

###############################################
# You shouldn't need to modify the code below #
###############################################

# auto-flush on socket
# force a flush after every write/print 
$| = 1;

# Opens a new network socket on port 4025 (default port of EnvisaLink)
$socket = new IO::Socket::INET (
   PeerHost => $ip,
   PeerPort => '4025',
   Proto => 'tcp',
);

die "DEBUG: Cannot connect to EnvisaLink. REASON: $!\n" unless $socket;

# Start logging
# open OUT, ">log." . currenttime() . ".txt";
open(OUT, '>', "log." . currenttime() . ".txt") or die $!;

l0gt("DEBUG: Connected to EnvisaLink");

DSC_get();

DSC_put(DSC_cmd("005", $password));    # 005 - network login

$response = DSC_get();

foreach ($response) {
   /^5000052A.*5051CB/s && l0gt("DEBUG: Correct EnvisaLink password");
   /^5000052A.*5050CA/s && l0gt("DEBUG: Incorrect EnvisaLink password") && exit(1);
   /^.*5052CC/s && l0gt("DEBUG: Timeout") && exit(1);   
}

$t = time;

for ($code = $code_start; $code <= $code_end; $code++) {
   l0gt("DEBUG: Start installer mode entry cycle");
   DSC_put(DSC_cmd("071", "1*8"));      # 071 send keys, partition 1, '*8' enter installer mode
   DSC_get_ww("^922");            #  Wait for 922 (EVL requests installer code)
   $scode = sprintf("%04d", $code); # Pad code with leading 0s if <1000
   l0gt("DEBUG: Attempting $scode");
   DSC_put(DSC_cmd("200", $scode));      # 200 send a code

   # if the code is wrong you will get a 670 response and it will request another installer code via 922
   # on my system it will only let you try again once via a 922 
   # 650=partition ready, 670=invalid access code, 680=system is in installer mode 

   $r = DSC_get_ww("^922|^6[58]"); #look for retry or ready or installer mode code  

   # try again if given opportunity via 922
   while ($r =~ /^922/) {
      l0gt("DEBUG: Trying again within same cycle");
      $code++;
      $scode = sprintf("%04d", $code);
      l0gt("DEBUG: Attempting $scode");
      DSC_put(DSC_cmd("200", $scode));
      $r = DSC_get_ww("^922|^6[58]"); #look for retry or ready or installer mode code
   }

   l0gt("DEBUG: If we're in installer mode, back out to main menu");
   DSC_put(DSC_cmd("071", "1##"));      # 071 send keys, partition 1, '##' possibly back out of installer menu
   DSC_get_w();
   sleep(0.6);                  # wait for messages to be processed, otherwise "Keybus Transmit Buffer Overrun"
   if ($r =~ /^680/) {l0gt("SUCCESS: $scode is the installer code"); exit(0); }   
   l0gt("DEBUG: End installer mode entry cycle");
}

close OUT;
$socket->close();

# This will create a timestamp in localtime
sub l0gt {
   my $s = shift;
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
   l0g("[" . sprintf("%.4d%.2d%.2d_%.2d%.2d%.2d", $year+1900, $mon+1, $mday, $hour, $min, $sec) . "] $s");
}

# This prints to STDOUT as well as logfile
sub l0g {
   my $s = shift;
   print "$s\n";
   print OUT "$s\n";
}

sub currenttime {
   my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
   my $yyyymmddhhmmss = sprintf "%.4d%.2d%.2d_%.2d%.2d%.2d", $year+1900, $mon+1, $mday, $hour, $min, $sec;
   $yyyymmddhhmmss;
}

# Converts text to ASCII values 
sub DSC_cs {
   my @chars = (split//, shift);
   my $cs = 0;
   foreach (@chars) { $cs += ord($_); }
   return sprintf("%.2X", $cs & 0xFF);
};

# Formats command 
sub DSC_cmd {
   my $cmd = shift . shift;
   return $cmd.DSC_cs($cmd);
}

# Logs a response 
sub DSC_get {
   my $response = "";
   $socket->recv($response, 1024);
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   return $response;
}

# Waits for response(s) and logs it
sub DSC_get_w {      # wait for data
   my $response = "";
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   return $response;
}

# Waits for a specific response and logs it
sub DSC_get_ww {      # wait for specific data
   my $response = "";
   my $wanted = shift;
X: sleep(0.1);
   $socket->recv($response, 1024);
   if ($response eq "") { goto X; }
   my $hresponse = $response; $hresponse =~ s/\n/\\n/g; $hresponse =~ s/\r/\\r/g;
   l0gt("response: '$hresponse' (length " . length($response) .")");
   unless ($response =~ /$wanted/) { goto X; }
   return $response;
}

# Sends a command and logs it
sub DSC_put {
   my $req = shift . "\r\n";
   my $size = $socket->send($req);
   my $hreq = $req; $hreq =~ s/\n/\\n/g; $hreq =~ s/\r/\\r/g;
   l0gt("sent data '$hreq' (length $size)");
}

Smith wrote:

mikep wrote: Including, especially me! It was a very long time ago, so go with the internet majority. I don't recall which, I only remember DLS worked and I didn't need to reprogram the entire system...

Right 1616 has 6 zones plus one for each hardwired PK keypad (not sure about the other keypads).

Rightie O. Well, I'm testing blocks of 1000 installer codes now and then. It takes about 2.8 sec per attempt, so 45 min per block. Not sure yet if it will even work in the end but if it would work then it would be a nice feeling

Here is the code I am using now in case anyone is curious, I guess about any linux system (including raspbian or mac) would have perl installed.

So far no keypad lockout despite 1000s of wrong attempts at getting into installer mode (it's a PC5015 board). I'll update here with either 'success' or 'fail'....

...
[20200619_185630] DEBUG: Correct EnvisaLink password
[20200619_185630] DEBUG: Start installer mode entry cycle
[20200619_185630] sent data '0711*82B\r\n' (length 10)
[20200619_185630] response: '5000712D\r\n' (length 10)
[20200619_185631] response: '51080FE\r\n' (length 9)
[20200619_185631] response: '9229D\r\n' (length 7)
[20200619_185631] DEBUG: Attempting 0000
[20200619_185631] sent data '200000052\r\n' (length 11)
[20200619_185631] response: '50020027\r\n' (length 10)
[20200619_185631] response: '6701CE\r\n' (length 8)
[20200619_185634] response: '9229D\r\n' (length 7)
[20200619_185634] DEBUG: Trying again within same cycle
[20200619_185634] DEBUG: Attempting 0001
[20200619_185634] sent data '200000153\r\n' (length 11)
[20200619_185634] response: '50020027\r\n' (length 10)
[20200619_185635] response: '6701CE\r\n' (length 8)
[20200619_185656] response: '51081FF\r\n' (length 9)
[20200619_185657] response: '6501CC\r\n' (length 8)
[20200619_185657] DEBUG: If we're in installer mode, back out to main menu
[20200619_185657] sent data '0711##0F\r\n' (length 10)
[20200619_185657] response: '5000712D\r\n' (length 10)
[20200619_185657] DEBUG: End installer mode entry cycle
[20200619_185657] DEBUG: Start installer mode entry cycle
...

Wicky wrote:Hi Edirol,

Thanks for your code. I am trying yours now in my DSC 5010, Envisalink 4, Pi Raspbian. Two days now still running no luck. How do I know what is current progress from screen output? Is it working as it should be?

Post some of the screen output here:

[20200619_085258] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_085604] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_085615] response: '61000229\r\n' (length 10)
[20200619_085615] response: '6501CC\r\n' (length 8)
[20200619_085707] response: '51110F8\r\n51080FE\r\n8490C18\r\n' (length 27)
[20200619_085707] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_085739] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_085740] response: '61000229\r\n' (length 10)
[20200619_085741] response: '6501CC\r\n' (length 8)
[20200619_090044] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_090045] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_090057] response: '60900231\r\n' (length 10)
[20200619_090058] response: '6531CF\r\n' (length 8)
[20200619_090101] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_090116] response: '51110F8\r\n51080FE\r\n8490C18\r\n' (length 27)
[20200619_090117] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_090328] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_090339] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_090526] response: '51110F8\r\n51080FE\r\n8490C18\r\n' (length 27)
[20200619_090526] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_090935] response: '51110F8\r\n51080FE\r\n8490C18\r\n' (length 27)
[20200619_090935] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_091157] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091158] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091202] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091204] response: '61000229\r\n' (length 10)
[20200619_091205] response: '6501CC\r\n' (length 8)
[20200619_091206] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091216] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091225] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091234] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091240] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091243] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091344] response: '51110F8\r\n51080FE\r\n8490C18\r\n' (length 27)
[20200619_091345] response: '8411CE\r\n51100F7\r\n5109100\r\n6501CC\r\n8401CD\r\n' (length 42)
[20200619_091410] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091413] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091430] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091439] response: '61000229\r\n6501CC\r\n' (length 18)
[20200619_091454] response: '60900231\r\n6531CF\r\n' (length 18)
[20200619_091458] response: '61000229\r\n6501CC\r\n' (length 18)

Wicky