Hi, i firstly don't know if what i'm gonna ask is possible, but why not ?
My HTC Breeze only boots on Bootloader, so i guess i can't unlock the CID anymore. But i know the CID of my phone (VODAP102), so my question is :
How modify the CID of a NBH upgrade files so that the CID of the NBH would match with the CID in my phone.
IF EVERYONE HAS A BETTER SOLUTION FOR MY MTEOR WHICH DOESN'T WORK ANYMORE, YOU'RE WELCOME . Thanks. ++
http://forum.xda-developers.com/showpost.php?p=1060829&postcount=407
What does it miean exactly ? That it is illegal ? That there exists a program useful for my problem ? Thank you for your help. ++
My Mteor can't upgrade wth the last firmware beacause the CID of the new upgrade doesn't match with the CID in my phone (VODAP304). I'm looking for a solution where i could modify the CID in the firmware upgrade file. Thanks a lot. Plz answer.
i think there is a simple script to change the CID but Mods in this forum dont want it to announce for that HTC will know this weakness point and then will change it in next updates or devices. or another reason to keep us under thier mercy for asking for cid unlocker for our devices as well as to keep donations running.
Thank you for your answer
The problem is that i find some CID unlocker but they imply that the phone is still running. For this reason i'm looking for a CID changer to modify the CID on the upgrade file.
Here are the files is an NBH upgrade file :
IPL.nb
PrimarySplash.nb
Radio.nb
SecondarySplash.nb
SPL.nb
Windows.nb
Does anyone know is which file should i looking for ? Thanks a lot. +++
Hi..One needs to Sign the nbh properly or shd Hv a Bootloader which will accept unsigned Code.
For more details pls see the Hermes Selection
Hi,
Could you find a solution for this issue?
I'm going through the exact same problem with a Breeze I just got. Any advice would be highly appreciated.
thanks.
Related
Has anyone tried this yet, One of my friends got it last night form a friend in T-Mobile its ment to be the latest Beta for T-Mobile but it contains a proper BT stack.
Has anyone heard anything about it?
when i get it tonight i will of corse post it here
John
I have not tried it because I don't know where to download it...
Can you give us a link...?
Thanks
Panja
my friend will email it to me tonight and i will post it here, I am pleased that you know of it, do you know how good the new BT stack is ment to be ( what new profiles have been added)
John
Hey John,
I don't know.
Nice you're going to post it!
Thanks in advance
here is the file, i have not tried it yet,
Please let us know how you get on with it
john
Sweet! Downloading right now
I am getting Country ID error when I am trying to install it
As per my usual request...
If anyone DOES manage to get it installed, can they run Cleartype and see if it is 'GOOD' Cleartype, like the O2 ROMS, or useless, garbled and coloury Cleartype, as per the Orange ROMS please?
As for the Country Code error, is it a T-Mobile or UK device you are installing on?
if not, you'll need to edit the nbf files for the correct country.
How to edit those files? TIA
NBF files are passworded, can't seem to open them in editor
ID64 said:
I am getting Country ID error when I am trying to install it
Click to expand...
Click to collapse
Follow this guide for switching roms.
http://forum.xda-developers.com/viewtopic.php?t=8205
applecom
Thanks for posting.
Panja said:
ID64 said:
I am getting Country ID error when I am trying to install it
Click to expand...
Click to collapse
Follow this guide for switching roms.
http://forum.xda-developers.com/viewtopic.php?t=8205
applecom
Thanks for posting.
Click to expand...
Click to collapse
Sorry probably it wont work because this T-Mobile roms comes with HimaUpgradeUt.exe version 1.1.0.0...
Mental block Not working for me, prolly too hot today If anyone cold post modified nbf's for FIDO network I'll really appreciate it.
TIA
the rom attached works perfectly
use ER2003Edit to unlock the nbf files
it's the fastest rom i've ever installed on my mdaII!
the 3 files included are:
rom 1.72
radio 1.12
extrom 1.72.04
sorry to be a dumb newbie, but can this work on an O2 UK XDA II? i dont need a walkthrough just a point in the right diretion
Thanks
pablo said:
the rom attached works perfectly
use ER2003Edit to unlock the nbf files
it's the fastest rom i've ever installed on my mdaII!
the 3 files included are:
rom 1.72
radio 1.12
extrom 1.72.04
Click to expand...
Click to collapse
ER2003Edit gives me errors- ERROR ACESSING IMAGE FILES when try to open ROM, however I can change country, but still getting Country error when I am trying to load them. :roll:
use the latest version of ER2003Edit and these password to unlock the 3 files
ms_.nbf 0x20040305
NK.nbf 0x20040304
radio_.nbf 0x20040306
Finally, changed nbf files etc, loading was in prgress and then - AGAIN WRONG COUNTRY CODE! How it stucked in Bootloader screen! Arghhh... Help
Phew! Fixed. Loading image now 21% done
Hi ID 64 what is your country ID ?
me I have a french Qtel 2020 with now the WWE 1.66 rom.
I have now the country error with the 1.72.
How you fix it ?
thanks
Hello!
Im and others are looking for the possibility to change the language of our hw6915's After reading a bunch of threads I realized that no one has ever hacked the hw6915 (HTC Sable) upgrade process and .nbf ROM update compleatly (You're the one who got the closest).
As you said in this thread http://forum.xda-developers.com/showthread.php?t=325051&page=3
But now there is a chance for all of the hw6915 users to change the language, cook and play with their phones but it all depends on YOU!
With a huge input of b0ris747 who's hacked the RUU, cooked bunch of ROMs (even though not entirely successfully) and figured out how to change the .nb (raw dumps using pdocread) to flashable .nbf files now wee need a CID unlock tool/instruction.
Its vital for pdocwrite ing the raw backups if anything goes wrong or a method to update a rom. And of course for the RUU ROM updates to work w/o bricking the phones.
As b0ris747 does not have a hw6915 at his disposal Im willing to do all the testing and sending reports.
For now Im considering all the pros and cons about upgrading my Spanish hw6915 to a french orange:
http://www.mobilite.fr.orange-business.com/public/oev4/html/fr/pme/mobiles/ba/dl.php?mi=192&pi=2510
Hoping for the best (just locking my phone to orange not bricking it)
Please give us the info/tool/hack for CID unlocking or any other info we might need for that matter
PM for my FTP's address where you can dump some files
Of course anyone's else input will bee greatly appreciated.
JumpSPL is a WinCE application that allows to place a custom file on device's RAM memory and execute the arbitrary code contained on it by jumping into its physical memory address.
This method is tipically used to load a patched bootloader in RAM and execute it, so with JumpSPL you can potentially bypass any bootloader protections put by the manufacturer on a Windows Mobile based device, but you have to patch the bootloader yourself.
I'll be updating comment #2 with links to patched SPLs and future projects using JumpSPL, if you use JumpSPL in your project please post a comment or PM me.
JumpSPL should work on any WinCE device (not necessarily manufactured by HTC), although I have only tested it on HTC devices.
For more details and usage instructions please see the included README file.
DONATIONS:
Your donations are a strong incentive to continue research on new devices, if you find JumpSPL useful please cosider making a PayPal donation. Any donation amount is greatly appreciated
Patched SPLs
Notes on patching & testing custom SPLs:
Disassemble the SPL using radare (free) or IDA Pro (commercial).
You need to press the bootloader buttons after loading your custom SPL with JumpSPL, otherwise device will reboot. You can also patch the SPL to enter bootloader mode automatically, so you don't have to press the buttons.
Some devices require that you unplug and re-plug the USB cable after the SPL has been loaded.
On some devices (TI OMAP) you'll see a white screen instead of the usual tri-color screen, don't worry about that, you're in bootloader mode.
Use patched SPLs with caution, try to flash splash screens to do the initial tests and avoid bricking your device.
To know the jump address you can use itsutils 'pmemdump -p' and try to find a copy of the SPL in memory. You can find the virtual address with dumpromx.exe.
Projects using JumpSPL:
HTC Kaiser SSPL v1 and HardSPL v1
Attached SPL patches:
Kaiser Jump address is 0x00000000
Artemis & Herald Jump address is 0x10000000
Dude. If you can get this to work on the T-Mobile Wing, you will be my own personal hero.
@Mi|enko: Patched SPL for T-Mobile Wing (Herald) attached to comment #2
So ... its possible this way to CID unlock a Prophet G4 ? Can you make a version for prophet?
@kalavera: I don't own a Prophet, but yes should be possible to CID unlock it using this tool. Olipro and the-equinoxe have patched the Wizard's G4 SPL, which should be very close to prophet's, they will be able to help you with the SPL patches.
what patch is compatible to wizard?
Finally I could convert Dopod C800 into a fully working Atlas.Long live POF
Good work Pof!! This could have saved me a bit of time custom compiling my own HaRET for the Titan Hard-SPL. I'm sure it will speed up the unlocking of many future devices!
thanks again my friend!!
you did it again
Good jobs
What its adress to Htc Oxygen? Thanx
How about ATOM PURE, can i use this safely for CID unlock then i can use now sharkindark pagepool changer?
generalriden said:
How about ATOM PURE, can i use this safely for CID unlock then i can use now sharkindark pagepool changer?
Click to expand...
Click to collapse
which I can modify with jumpspl in herald?
os is ok,but how about others?
SPL
IPL
EXTEND_ROM
SPLASH
and modify SPL IPL seems to be quite dangerous...since I bricked herald before.
Geo2000 said:
What its adress to Htc Oxygen? Thanx
Click to expand...
Click to collapse
It's an OMAP device, so I guess the address will be also 0x10000000.
generalriden said:
How about ATOM PURE, can i use this safely for CID unlock then i can use now sharkindark pagepool changer?
Click to expand...
Click to collapse
You need to patch a bootloader first, and find the jump address.
yangchao8115 said:
which I can modify with jumpspl in herald?
Click to expand...
Click to collapse
You can modify any rom part once you can flash unsigned code, but as you say be careful with IPL & SPL. Also try to not screw the OS part if you don't have a ROM matching your CID, otherwise you'll be stuck in bootloader.
Sir i dont know to patch the bootloader and find the jump address..how?
pof said:
You can modify any rom part once you can flash unsigned code, but as you say be careful with IPL & SPL. Also try to not screw the OS part if you don't have a ROM matching your CID, otherwise you'll be stuck in bootloader.
Click to expand...
Click to collapse
yes,but there no tool for herald to edit splash and extend rom.....
and one of my friend bricked with a radio upgraded
Nice job, pof.
fluxist
Hi Pof,
We have a Quanta manufactured device. a.k.a. Atom / Atom Pure / Atom Exec / Atom Life. CID can easily be bypassed in our devices by simply upgrading it in bootloader mode OR do SD CARD flashing. Our problem really pertains to RAPI tools than to upgrade our device with any ROM.
We really don't know if CID is the cause for RAPI tools not to work. The only working tool is to PDOCREAD the device and see its memory layout.
Hope you could shed some light as to how we can patch the bootloader to CID unlock. My knowledge for ARM assembly is very limited...
Thanks,
Jiggs
Okay, I am willing to pay CASH for this if it is what i think it is..
my XDA Terra (Herald) is bricked because I tried to flash it from Touch-It 1.1 to Touch it 2.0. Now, I need the RUU of the XDA Terra which is branded by the provider O2. O2 however does not provide any ROM yet so I am stuck in the united states with a bricked GErman phone I cant even send it in.
Can this jump SPL help me somehow??
please, I will be eternally thankful !!!!
yangchao8115 said:
yes,but there no tool for herald to edit splash and extend rom.....
Click to expand...
Click to collapse
Use the same tools as in Artemis or Elf, splash format is exactly the same, and ExtROM format too, you can edit it with winimage.
fluxist said:
On a (somewhat) related note, would the admins protest if I released a (multi-device) IMEI changing util?
Click to expand...
Click to collapse
I don't think they will protest as long as HTC (or any operator) protests. But make it clear to the end-user to consult local laws before attempting to use your tool, and make sure to put a disclaimer to exempt you of any responsibilities for illegal use of the tool.
jiggs said:
CID can easily be bypassed in our devices by simply upgrading it in bootloader mode OR do SD CARD flashing. Our problem really pertains to RAPI tools than to upgrade our device with any ROM.
We really don't know if CID is the cause for RAPI tools not to work. The only working tool is to PDOCREAD the device and see its memory layout.
Hope you could shed some light as to how we can patch the bootloader to CID unlock. My knowledge for ARM assembly is very limited...
Click to expand...
Click to collapse
Sorry but my knowledge of Atom and Quanta devices is very limited too.
If you want some help, please send me a quanta bootloader and tell me the exact message you get from bootloader (not from RUU) when you try to flash an Atom ROM not intended for your device (ie: not matching your CID, or language...).
exxi said:
Can this jump SPL help me somehow??
Click to expand...
Click to collapse
JumpSPL is a WinCE application, it won't help if you can't boot OS.
Hi, i installed Hard-SPL 1.40 Olinex Developer Edition-unsigned on my MDA compact IV. Then i tried to install QMR_RUU_Diamond_HTC_NLD_1.93.404.1_ but after 1% it says my device has the wrong model id.
I used the search and i found that it could be something called a CID lock? I found the thread about unlocking it using NBHUtil but my rom doesnt have a NBH file with it. can anybody help me?
Thanks alot.
Bart
Hi i´m new with the diamond but maybe you have to look here.
http://forum.xda-developers.com/showthread.php?t=414835
I don't really get it. In this sticky thread: http://forum.xda-developers.com/showthread.php?t=414835 they say that you have to pay to fix the wrong model id error,
but in this thread: http://forum.xda-developers.com/showthread.php?t=409425 they say you can do it with a free tool called NBH util.
Are these 2 different things?
Yes, first one is SIM unlock, you have to pay for that.
Second one is the one you have to try ...
Ok thanks, i understand now. I got another rom working now.
Hello guys,
I have a couple of questions which i aint getting an answer to when searching the forums. (google didnt work eather) .
first i'am a total noob in flashing roms tho i do have great knowledge about computers / programming etc...
My configuration is :
MDA compact IV (which is a DIAMOND200)
IT is also cid locked and simlocked by T-mobile
the ROM is 1.93.xxx.x
The SPL is a 1.93
radio is a 1.00.00.25 (or somthing like that cant remember )
What i want ?
What i want is a ROM which is fast and has the looks of the real htc touch diamond. And i also want it signed by olinex.
What iam searching for ?
Iam searching for a 1.93 signed HARDSPL. The problem is that i managed to find one which is unsigned but when iam in RUU it says Iam upgrading
FROM: 1.93.xxx.x <-- this is my rom not my spl right ?
TO: 1.00.DIAMOND <--- LIKE WTF ? shouldnt it be 1.93 ?
So first step is to get the right HARDSPL installed correctly :/ And iam also worried my MDA compact IV will have problems when installing the hardspl :S (because of the DIAMOND200 tag)
Would anyone so kind answer my questions.
Thanks in advance,
Qwin
So nobody has an answer to my questions ? I mean is it that hard to answer ?
No, and manners cost nothing either .
The signed Hard SPL isn't the best choice. It limits the number of ROMs you can use, becase OliNex arn't (AFAIK) keeping up to date with signing. Use the un-signed Hard SPL.
As for the RUU, just ignore it, it's only showing you the version on the NBH file - this contains 1 or more NB files which is what's actual flashed to your phone.
What the RUU tell's you is pretty much irelevant (other than error codes).
Dave