Format for dongles

**jvvh5897** · 08-30-2014, 07:53 PM

I took apart a few files for the hero box and others to look for the format of the serial comms to the dongle. Seems there was a major format change around 2011 or a little earlier, but not sure of the number for the dongle as I don't own kbox receiver or any dongle. Looks like the older style dongle used 19200 baud where the newer does 115200 baud. Older dongle uses sync byte of 0x2f then 0x77 0x2. Newer dongle you see:0xca 0x62 0x1 sequence at start of "KandJ_SendCmd". cmd bytes are rather different between the two too.
In the hero file k1plus_170_20090109 you find:

cmd/res cmd (* indicates baud rate 19.2k)
*38/32 or 3c
*f1/f3
*f2/f4
*24/2e
*25/2f
*60/6a
*35/36
*f5/f6
*30/a0 then a1, a2, a3, a4, a5
*65/6f
*64/6e
*62/6c
*63/6d
*76/77
*31/32
*0/a7 or 1
*74/75
*20
*21
*54/5e
*50/5a
*10
*11
*12
*13
*14
*52/5c
*53/5d

But in the plus file PSplus_103_20110303_nopassword
cmd/resp cmd
76/77
80/81
82/83
85/86
87/88
35/36
30/a1 then a2, a3, a4, 6a, aa, a6
76/77 version query
0/a7
50
10
11
12
13
14/a7 or a8
ee/ef
55/56
58/59 connect
40

Most commands have no extra bytes sent besides the first three, cmd byte and single byte XOR sum. But some cmds do exchange more. By and large, for all commands sent the box expects an acknowledge of similar start sequence and xor sum (but you will note a few in the above lists do not show an obvious response). Without a capture of the serial comms, I'm not all that sure of what commands do what, so if any want to explore doing sv style dongle emulation then somone will have to build an rs232 "spy" cable and run a line to a PC to capture box/dongle exchanges.

**danny** · 09-01-2014, 04:55 PM

Originally Posted by jvvh5897

I took apart a few files for the hero box and others to look for the format of the serial comms to the dongle. Seems there was a major format change around 2011 or a little earlier, but not sure of the number for the dongle as I don't own kbox receiver or any dongle. Looks like the older style dongle used 19200 baud where the newer does 115200 baud. Older dongle uses sync byte of 0x2f then 0x77 0x2. Newer dongle you see:0xca 0x62 0x1 sequence at start of "KandJ_SendCmd". cmd bytes are rather different between the two too.
In the hero file k1plus_170_20090109 you find:

cmd/res cmd (* indicates baud rate 19.2k)
*38/32 or 3c
*f1/f3
*f2/f4
*24/2e
*25/2f
*60/6a
*35/36
*f5/f6
*30/a0 then a1, a2, a3, a4, a5
*65/6f
*64/6e
*62/6c
*63/6d
*76/77
*31/32
*0/a7 or 1
*74/75
*20
*21
*54/5e
*50/5a
*10
*11
*12
*13
*14
*52/5c
*53/5d

But in the plus file PSplus_103_20110303_nopassword
cmd/resp cmd
76/77
80/81
82/83
85/86
87/88
35/36
30/a1 then a2, a3, a4, 6a, aa, a6
76/77 version query
0/a7
50
10
11
12
13
14/a7 or a8
ee/ef
55/56
58/59 connect
40

Most commands have no extra bytes sent besides the first three, cmd byte and single byte XOR sum. But some cmds do exchange more. By and large, for all commands sent the box expects an acknowledge of similar start sequence and xor sum (but you will note a few in the above lists do not show an obvious response). Without a capture of the serial comms, I'm not all that sure of what commands do what, so if any want to explore doing sv style dongle emulation then somone will have to build an rs232 "spy" cable and run a line to a PC to capture box/dongle exchanges.

Can this be applied to KBox K2 HD, to get this box going.

**jvvh5897** · 09-02-2014, 04:44 PM

It should. I have looked at other kbox files and they were from after 2011 and used the second of the two formats above ( the 0xca 0x62 0x01 start bytes). Now, the info is just a starting point--it has to have capture of the dongle/box comms and then build emulation of the dongle along the same lines as was done with sv dongles or by building a little emulation that used vertual serial port and something like hub4com to send the data to rq-sssp client. As posted before I will do all that I can, but have no way to test the box/dongle or IKS stuff (I don't do IKS).

**danny** · 09-02-2014, 04:52 PM

Originally Posted by jvvh5897

It should. I have looked at other kbox files and they were from after 2011 and used the second of the two formats above ( the 0xca 0x62 0x01 start bytes). Now, the info is just a starting point--it has to have capture of the dongle/box comms and then build emulation of the dongle along the same lines as was done with sv dongles or by building a little emulation that used vertual serial port and something like hub4com to send the data to rq-sssp client. As posted before I will do all that I can, but have no way to test the box/dongle or IKS stuff (I don't do IKS).

That will be nice. Hopefully somebody can use your work to get it going.

**jvvh5897** · 09-03-2014, 04:28 PM

Yes, but just hoping for someone to do the work for you means that it will not happen for months or years, if ever. Odds are that this post will get buried and any who would try will not find it.

**danny** · 09-03-2014, 04:51 PM

Originally Posted by jvvh5897

Yes, but just hoping for someone to do the work for you means that it will not happen for months or years, if ever. Odds are that this post will get buried and any who would try will not find it.

I wish I could contribute, but have no knowledge in software programming nor am I computer savy.

**KIDWCKED** · 09-03-2014, 11:42 PM

Originally Posted by danny

I wish I could contribute, but have no knowledge in software programming nor am I computer savy.

ur flogging a dead horse....lol.....gl...

**jvvh5897** · 09-04-2014, 04:25 PM

Care to explain, KIDWCKED?

**KIDWCKED** · 09-04-2014, 08:49 PM

the modules where mostly bad...overheating and burning out cpu....there was an 8psk conversion..but needed a source of cool air as well....converting to ilink hd...unsuccessful..due to ip issues...the newer models would be better suited for what he (danny)...wants to do.....jmo...and this box also hasnt worked since nag3 was implemented...

**jvvh5897** · 09-07-2014, 07:30 PM

Well, the comment about the box not working since N3 implimented, that is pretty much what the thread aims to correct. As for modules mostly bad--I'm guessing you are talking about the dongles--the point of the thread is to eliminate the kbox dongles for something better. If talking about 8psk modules, I'm not sure the post is about 8psk--SD only.

**KIDWCKED** · 09-07-2014, 08:39 PM

Originally Posted by jvvh5897

Well, the comment about the box not working since N3 implimented, that is pretty much what the thread aims to correct. As for modules mostly bad--I'm guessing you are talking about the dongles--the point of the thread is to eliminate the kbox dongles for something better. If talking about 8psk modules, I'm not sure the post is about 8psk--SD only.

ok...cheers mang..

**pchop6t9** · 12-10-2014, 03:50 AM

is it possible to use the commands to fake the bin to think that the khub is version 4 instead of 3 and force an upgrade from 3 to 5? (i can create a rs232 spy cable, but i only have usb to serial for this functionality (i believe it should behave the same).
Once i can force an upgrade from 3 to 5 we can use the Private Server connection monitoring to be able to emulate the khub.

**jvvh5897** · 12-15-2014, 04:16 PM

You will have to answer that yourself. I don't have any khub, kbox or do IKS so if you want to figure stuff like that out, you have to test. If you have questions that might be in disassembly then I could answer, but the idea is that I do a little work and others do a little and eventually something is figured out.

Thread: Format for dongles

Thread Tools

Format for dongles

The Following 2 Users Say Thank You to jvvh5897 For This Useful Post:

The Following User Says Thank You to danny For This Useful Post:

The Following 3 Users Say Thank You to jvvh5897 For This Useful Post:

The Following User Says Thank You to KIDWCKED For This Useful Post:

The Following User Says Thank You to jvvh5897 For This Useful Post:

Posting Permissions