Decompilation of software to repair an old solar inverter

It’s a fact of life that electronic devices become obsolete after a few years. Sometimes it’s because the technology has moved on, but it can also happen that a fully functional device becomes nearly useless simply because the original manufacturer no longer supports it. When [Buy It Fix It] found a pair of used Power-One Aurora solar inverters, he ran into a problem where he needed to access the service menu, which happened to be password protected. The original manufacturer had ceased to exist and the current brand owner was unable to help, so [Buy It Fix It] had to resort to reverse engineer to find the password.

Thanks to the Wayback Machine on the Internet Archive, [Buy It Fix It] was able to download the PC software package originally supplied with the inverters. But to access all features required a password which could only be obtained by registering the device with the manufacturer. It wasn’t going to happen, so [Buy It Fix It] released dnSpy, a decompiler and debugger for .NET programs. After a bit of research, he found the section that verified the password, and by simply copying that section into a new program, he was able to create his own key generator.

With the service password now available, [Buy It Fix It] was able to set the inverter to the correct voltage setting and hook it up to his solar panels. Interestingly, the program code also had references to “PONG”, “Tetris”, and “tiramisu” in various places; these turned out to be easter eggs in the code, containing simple versions of these two games as well as a picture of the Italian dessert.

Also inside the software archive was another program that allowed low-level functions to be programmed into the UPS, things that few users would ever need to touch. This program was not written in .NET but in C or something similar, so it required the use of x32dbg to examine the machine code. Again, this program was password protected, but the master password was simply stored as unencrypted “91951” – the last five digits of the manufacturer’s old phone number.

The inverter was not actually working when [Buy It Fix It] received it first, and his repair video (also embedded below) is also worth a look if you’re into power electronics repair. Hacking Solar Inverters to enable more features is often possible, but of course it’s much easier if all design is open source.