Форум LetsMoto - Показать сообщение отдельно

Nizzzia · 25.08.2007, 16:36

ericandersen23, the translation:
People!!! My congratulations to ya'll!!! No more sufferings with all this dissection of phones and dismantling of protection screens!!!
You may express your gratitude to me - Xav4ik and KAMTOS.
A special thanks to BeZ for explaining how the processes should be well monitored.
Also thanks to testers of this method jCancer and GALL.

After the testing was finished it was found it's desirable to switch off the RSA check.

In a nutshell, the essence of the method lies in the fact that a phone can be shifted to BLANK programmatically (through software).
This method is only for 08.D0 and 08.A0 boots. It may not 100% work with 09.02, 08.E0, 0A.30 , and 0A.52.
The point is in CG1, where the change of only 8 bites will suffice to shift a phone to BLANK.

Editing CG1 manual:
Let's do it on the example of 0A.30 boot

1) Open CG1 in a hex editor (e.g. WinHex) and write 00 00 00 00 instead of the first 4 bites
2) Then go to offset AC (i.e. 000000AC), see 4 bites 12FE0000. replace them with 100049BC
The second should be looked for in the boot with a hex editor. Search for succession 1000e800000000b1. The value has to be the offset where the succession is located.
For the 0A.30 boot the offset should be 49BC. Then add at the beginning 1000 and now it should look like this 100049BC. The value should be located in the direction AC (т.е. 000000AC).
3) save the edited firmware, then pack a reflash CG1+CG3+CG7+CG18 and write it with P2k Easy Tool 3.9.
4) After the reflash writing is succesfully finished, take out the cable and battery from the phone.
Put the battery back again and connect the phone to the cable. As a result the phone is detected as S Blank Neptune LTE2.
In order to make the phone work it's sufficient to write an ordinary reflash CG1+CG3+CG7+CG18 again with P2k Easy Tool 3.9.
DO NOT try to write a backup into the phone via RSD Lite, it won't see the phone correctly.
For those who understand little in all this stuff I made autopatchers in the .exe format.
There is a special patch for each of the boots.

ericandersen23, enjoy!!!

25.08.2007, 16:36	#2
Nizzzia Мотоспец Регистрация: 24.07.2007 Адрес: Киев Phone: A1200e Прошивка: Antarex Сообщений: 565 Уровень респекта: 320	ericandersen23, the translation: People!!! My congratulations to ya'll!!! No more sufferings with all this dissection of phones and dismantling of protection screens!!! You may express your gratitude to me - Xav4ik and KAMTOS. A special thanks to BeZ for explaining how the processes should be well monitored. Also thanks to testers of this method jCancer and GALL. After the testing was finished it was found it's desirable to switch off the RSA check. In a nutshell, the essence of the method lies in the fact that a phone can be shifted to BLANK programmatically (through software). This method is only for 08.D0 and 08.A0 boots. It may not 100% work with 09.02, 08.E0, 0A.30 , and 0A.52. The point is in CG1, where the change of only 8 bites will suffice to shift a phone to BLANK. Editing CG1 manual: Let's do it on the example of 0A.30 boot 1) Open CG1 in a hex editor (e.g. WinHex) and write 00 00 00 00 instead of the first 4 bites 2) Then go to offset AC (i.e. 000000AC), see 4 bites 12FE0000. replace them with 100049BC The second should be looked for in the boot with a hex editor. Search for succession 1000e800000000b1. The value has to be the offset where the succession is located. For the 0A.30 boot the offset should be 49BC. Then add at the beginning 1000 and now it should look like this 100049BC. The value should be located in the direction AC (т.е. 000000AC). 3) save the edited firmware, then pack a reflash CG1+CG3+CG7+CG18 and write it with P2k Easy Tool 3.9. 4) After the reflash writing is succesfully finished, take out the cable and battery from the phone. Put the battery back again and connect the phone to the cable. As a result the phone is detected as S Blank Neptune LTE2. In order to make the phone work it's sufficient to write an ordinary reflash CG1+CG3+CG7+CG18 again with P2k Easy Tool 3.9. DO NOT try to write a backup into the phone via RSD Lite, it won't see the phone correctly. For those who understand little in all this stuff I made autopatchers in the .exe format. There is a special patch for each of the boots. ericandersen23, enjoy!!! Последний раз редактировалось Nizzzia; 26.08.2007 в 12:54.