Related
When I was messing with BitPim earlier, I tried out the Protocol Analyser and got this:
18:52:09.717 Other CDMA Phone: Listing files in dir: '.efs_private'
18:52:09.717 Other CDMA Phone: sendbrewcommand Data - 20 bytes
<#! phones.p_brew.listfilerequest !#>
00000000 59 0b 00 00 00 00 0d 2e 65 66 73 5f 70 72 69 76 Y.......efs_priv
00000010 61 74 65 00 ate.
18:52:09.765 Other CDMA Phone: brew response Data - 17 bytes
<#! phones.p_brew.listfileresponse !#>
00000000 13 0b 00 00 00 0d 2e 65 66 73 5f 70 72 69 76 61 .......efs_priva
00000010 74 t
18:52:09.765 Other CDMA Phone: Failed to list files in dir .efs_private
18:52:09.780 Other CDMA Phone: Listing subdirs in dir: '.efs_private'
18:52:09.780 Other CDMA Phone: X recurse=0
18:52:09.780 Other CDMA Phone: sendbrewcommand Data - 20 bytes
<#! phones.p_brew.listdirectoryrequest !#>
00000000 59 0a 00 00 00 00 0d 2e 65 66 73 5f 70 72 69 76 Y.......efs_priv
00000010 61 74 65 00 ate.
18:52:09.780 Other CDMA Phone: brew response Data - 17 bytes
<#! phones.p_brew.listdirectoryresponse !#>
00000000 13 0a 00 00 00 0d 2e 65 66 73 5f 70 72 69 76 61 .......efs_priva
00000010 74 t
18:52:09.780 Other CDMA Phone: Failed to list dir .efs_private
18:52:11.015 Other CDMA Phone: Listing files in dir: 'CGPS_ME'
18:52:11.015 Other CDMA Phone: sendbrewcommand Data - 15 bytes
<#! phones.p_brew.listfilerequest !#>
00000000 59 0b 00 00 00 00 08 43 47 50 53 5f 4d 45 00 Y......CGPS_ME.
18:52:11.030 Other CDMA Phone: brew response Data - 47 bytes
<#! phones.p_brew.listfileresponse !#>
00000000 59 0b 00 00 00 00 00 0f 00 01 00 93 1a e0 00 00 Y...............
00000010 6c 00 00 bb 1a e0 00 08 16 43 47 50 53 5f 4d 45 l........CGPS_ME
00000020 2f 43 47 50 53 43 65 6c 6c 44 42 46 69 6c 65 /CGPSCellDBFile
18:52:11.030 Other CDMA Phone: sendbrewcommand Data - 15 bytes
<#! phones.p_brew.listfilerequest !#>
00000000 59 0b 01 00 00 00 08 43 47 50 53 5f 4d 45 00 Y......CGPS_ME.
18:52:11.046 Other CDMA Phone: brew response Data - 55 bytes
<#! phones.p_brew.listfileresponse !#>
00000000 59 0b 00 01 00 00 00 0f 00 01 00 93 1a e0 00 2c Y..............,
00000010 00 00 00 bb 1a e0 00 08 1e 43 47 50 53 5f 4d 45 .........CGPS_ME
00000020 2f 43 47 50 53 43 65 6c 6c 44 42 4f 74 61 50 6f /CGPSCellDBOtaPo
00000030 73 52 65 63 6f 72 64 sRecord
18:52:11.046 Other CDMA Phone: sendbrewcommand Data - 15 bytes
<#! phones.p_brew.listfilerequest !#>
00000000 59 0b 02 00 00 00 08 43 47 50 53 5f 4d 45 00 Y......CGPS_ME.
18:52:11.062 Other CDMA Phone: brew response Data - 47 bytes
<#! phones.p_brew.listfileresponse !#>
00000000 59 0b 00 02 00 00 00 0f 00 01 00 93 1a e0 00 3c Y..............<
00000010 00 00 00 bb 1a e0 00 08 16 43 47 50 53 5f 4d 45 .........CGPS_ME
00000020 2f 67 70 73 6f 66 66 73 65 74 73 2e 62 69 6e /gpsoffsets.bin
18:52:11.062 Other CDMA Phone: sendbrewcommand Data - 15 bytes
<#! phones.p_brew.listfilerequest !#>
00000000 59 0b 03 00 00 00 08 43 47 50 53 5f 4d 45 00 Y......CGPS_ME.
18:52:11.078 Other CDMA Phone: brew response Data - 3 bytes
<#! phones.p_brew.listfileresponse !#>
00000000 59 0b 1c Y..
18:52:11.092 Other CDMA Phone: Listing subdirs in dir: 'CGPS_ME'
18:52:11.092 Other CDMA Phone: X recurse=0
18:52:11.092 Other CDMA Phone: sendbrewcommand Data - 15 bytes
<#! phones.p_brew.listdirectoryrequest !#>
00000000 59 0a 00 00 00 00 08 43 47 50 53 5f 4d 45 00 Y......CGPS_ME.
18:52:11.092 Other CDMA Phone: brew response Data - 3 bytes
<#! phones.p_brew.listdirectoryresponse !#>
00000000 59 0a 1c Y..
18:52:12.953 Other CDMA Phone: Getting file contents 'CGPS_ME/gpsoffsets.bin'
18:52:12.953 Other CDMA Phone: sendbrewcommand Data - 27 bytes
<#! phones.p_brew.readfilerequest !#>
00000000 59 04 00 17 43 47 50 53 5f 4d 45 2f 67 70 73 6f Y...CGPS_ME/gpso
00000010 66 66 73 65 74 73 2e 62 69 6e 00 ffsets.bin.
18:52:12.983 Other CDMA Phone: brew response Data - 71 bytes
<#! phones.p_brew.readfileresponse !#>
00000000 59 04 00 00 00 3c 00 00 00 3c 00 ff ff 38 00 00 Y....<...<...8..
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000040 00 00 00 00 00 00 00 .......
Near the beginning of these, it says things about being unable to open up the .efs_private directory, along with its subfolders. If someone were able to open these, we may find something interesting. Hope this helps!
i got interest in:
p_brew.readfileresponse
if brew lets you load things. i can do test like i did with mtp, through raw USB.
I wondered the same thing about the listing of "brew" there. Can't wait to see if John finds anything.
Using BitPim, which (I believe, from my google searches) references QPST content, the .efs_private folder seems to be specific to QPST. If we're seeing an error trying to list that area, it's probably because bitpim is designed to look for some standard folders, which the Kin does not have.
if we had a worthwhile alternative to BitPim, we may be able to see what's in there. And when you said QPST, does that have anything to do with Qualcomm? I was also looking at the configuration settings for the phone's modem, and i think it mentioned that. So this file could contain hardware, storage, and other files that we could use to break through the restrictions on the phone.
Yes, many phones use Qualcomm hardware or functionality, including Verizon ones. Bitpim simply takes advantage of some common functionality between these phones.
Which file did you mean?
Hello.
I'm currently investigating the ZundDB.dat file located in \My Documents\Zune on the phone, this because I need to be able to edit the information in it for my new project (izPictureTool) for the purpose of organizing pictures on-device, in stead of syncing with Zune, organizing, and syncing it back.
If this file is understood and a library is built for editing its content, it will also make it possible to add music to the Zune player ON-DEVICE, which has been wanted for some time, it will also make it able to edit the tags for tracks ON-DEVICE.
Is there anyone with any knowledge about this file that could be useful?
The file "type/identifier" or what ever it's called is "ZMDB" which I believe is an acronym for Zune Media DataBase.
Here are the data bound to the picture albums I've synced to my phone, including the information about the pictures. Albumnames in BOLD/ITALIC and filenames in ITALIC.
Code:
4:7B40h: [B][I]4D 69 73 63[/I][/B] 00 00 00 00 14 00 00 4B 00 00 00 00 [B][I]Misc[/I][/B].......K....
4:7B50h: 00 52 6E E1 36 E5 CC 01 32 30 31 32 5F 30 32 00 .Rná6åÌ.2012_02.
4:7B60h: D2 00 00 43 C0 01 00 05 C3 01 00 0B 00 00 00 00 Ò..CÀ...Ã.......
4:7B70h: DD E2 01 00 00 52 6E E1 36 E5 CC 01 [I]43 61 6E 6F[/I] Ýâ...Rná6åÌ.[I]Cano[/I]
4:7B80h: [I]6E 20 50 6F 77 65 72 53 68 6F 74 20 53 58 31 31 n PowerShot SX11 [/I]
4:7B90h: [I]30 20 49 53 2E 6A 70 67[/I] 00 E0 A5 5D 59 00 00 00 [I]0 IS.jpg[/I].à¥]Y...
4:7BA0h: 00 00 00 00 00 00 00 00 00 10 14 01 00 00 00 04 ................
4:7BB0h: 15 80 02 00 00 04 01 82 CB 01 00 00 04 01 83 01 .€.....‚Ë.....ƒ.
4:7BC0h: 00 00 00 04 1E 5C 00 4D 00 79 00 20 00 44 00 6F .....\.M.y. .D.o
4:7BD0h: 00 63 00 75 00 6D 00 65 00 6E 00 74 00 73 00 5C .c.u.m.e.n.t.s.\
4:7BE0h: 00 5A 00 75 00 6E 00 65 00 5C 00 43 00 6F 00 6E .Z.u.n.e.\.C.o.n
4:7BF0h: 00 74 00 65 00 6E 00 74 00 5C 00 30 00 33 00 30 .t.e.n.t.\.0.3.0
4:7C00h: 00 30 00 5C 00 30 00 31 00 5C 00 74 00 68 00 75 .0.\.0.1.\.t.h.u
4:7C10h: 00 6D 00 62 00 73 00 5C 00 63 00 31 00 5F 00 74 .m.b.s.\.c.1._.t
4:7C20h: 00 68 00 75 00 6D 00 62 00 2E 00 6A 00 70 00 67 .h.u.m.b...j.p.g
4:7C30h: 00 00 00 6E 01 8B 00 00 C7 00 00 43 C0 01 00 05 ...n.‹..Ç..CÀ...
4:7C40h: C3 01 00 0B 00 00 00 00 41 20 00 00 80 BF A1 15 Ã.......A ..€¿¡.
4:7C50h: AF EA CC 01 [I]45 6B 65 6E C3 A4 73 73 74 75 67 61[/I] ¯êÌ.[I]Ekenässtuga[/I]
4:7C60h: [I]6E 2E 6A 70 67[/I] 00 F9 AA 2F 62 00 00 00 00 00 00 [I]n.jpg[/I].ùª/b......
4:7C70h: 00 00 00 00 00 00 10 14 01 00 00 00 04 15 DE 00 ..............Þ.
4:7C80h: 00 00 04 01 82 3A 00 00 00 04 01 83 01 00 00 00 ....‚:.....ƒ....
4:7C90h: 04 1E 5C 00 4D 00 79 00 20 00 44 00 6F 00 63 00 ..\.M.y. .D.o.c.
4:7CA0h: 75 00 6D 00 65 00 6E 00 74 00 73 00 5C 00 5A 00 u.m.e.n.t.s.\.Z.
4:7CB0h: 75 00 6E 00 65 00 5C 00 43 00 6F 00 6E 00 74 00 u.n.e.\.C.o.n.t.
4:7CC0h: 65 00 6E 00 74 00 5C 00 30 00 33 00 30 00 30 00 e.n.t.\.0.3.0.0.
4:7CD0h: 5C 00 30 00 31 00 5C 00 74 00 68 00 75 00 6D 00 \.0.1.\.t.h.u.m.
4:7CE0h: 62 00 73 00 5C 00 63 00 32 00 5F 00 74 00 68 00 b.s.\.c.2._.t.h.
4:7CF0h: 75 00 6D 00 62 00 2E 00 6A 00 70 00 67 00 00 00 u.m.b...j.p.g...
4:7D00h: 6E 01 8B 00 14 00 00 4B 00 00 00 00 80 39 2E 04 n.‹....K....€9..
4:7D10h: E3 F5 CA 01 32 30 31 30 5F 30 35 00 BE 00 00 43 ãõÊ.2010_05.¾..C
4:7D20h: C0 01 00 05 C4 01 00 0B 00 00 00 00 92 B0 01 00 À...Ä.......’°..
4:7D30h: 80 39 2E 04 E3 F5 CA 01 [I]56 43 2B 2B 2E 6A 70 67[/I] €9..ãõÊ.[I]VC++.jpg[/I]
4:7D40h: 00 1C E8 26 31 00 00 00 00 00 00 00 00 00 00 00 ..è&1...........
4:7D50h: 00 10 14 01 00 00 00 04 15 92 04 00 00 04 01 82 .........’.....‚
4:7D60h: DC 05 00 00 04 01 83 01 00 00 00 04 1E 5C 00 4D Ü.....ƒ......\.M
4:7D70h: 00 79 00 20 00 44 00 6F 00 63 00 75 00 6D 00 65 .y. .D.o.c.u.m.e
4:7D80h: 00 6E 00 74 00 73 00 5C 00 5A 00 75 00 6E 00 65 .n.t.s.\.Z.u.n.e
4:7D90h: 00 5C 00 43 00 6F 00 6E 00 74 00 65 00 6E 00 74 .\.C.o.n.t.e.n.t
4:7DA0h: 00 5C 00 30 00 33 00 30 00 30 00 5C 00 30 00 31 .\.0.3.0.0.\.0.1
4:7DB0h: 00 5C 00 74 00 68 00 75 00 6D 00 62 00 73 00 5C .\.t.h.u.m.b.s.\
4:7DC0h: 00 63 00 33 00 5F 00 74 00 68 00 75 00 6D 00 62 .c.3._.t.h.u.m.b
4:7DD0h: 00 2E 00 6A 00 70 00 67 00 00 00 6E 01 8B 00 00 ...j.p.g...n.‹..
4:7DE0h: 0C 00 00 45 9F 01 00 05 00 00 00 00 ...EŸ.......
Regards
Izaac
Have you tried using the CE database functions? The typical file extension for old CE databases is .VOL and for the new ones (Embedded Database) it's .EDB, but it doens't have to be those. If it works using either type of DB, that would give an easy and quick programmatic access.
I've already got a test library cooked up that can poke a database volume and figure out what tables it contains. I could try pointing it at this file...
Hello. Yes please do so and tell me what you find
Done some research to find out if it's an old CEDB or a newer EDB but I don't think it is, but I'm not sure thou, at least the first data in the file is ZMDB as you can see down below.
Code:
0000h: [B]5A 4D 44 42[/B] 01 00 00 00 90 4A 03 00 AC 07 00 00 [B]ZMDB[/B]....J..¬...
0010h: 92 00 00 00 C4 42 03 00 80 01 00 00 00 00 00 00 ’...ÄB..€.......
0020h: 5A 4D 65 64 05 00 00 00 D8 01 00 00 1D 04 00 00 ZMed....Ø.......
0030h: 00 00 00 00 4C F4 76 08 5A 41 72 72 00 D0 08 00 ....Lôv.ZArr.Ð..
0040h: 31 00 00 00 40 1F 00 00 D0 07 00 00 5A 41 72 72 [email protected]Ð...ZArr
0050h: 00 E0 04 00 00 00 00 00 A0 0F 00 00 D4 01 01 00 .à......*...Ô...
0060h: 5A 41 72 72 01 E0 04 00 00 00 00 00 A0 0F 00 00 ZArr.à......*...
0070h: 58 40 01 00 5A 41 72 72 02 E0 04 00 00 00 00 00 [email protected]à......
0080h: E8 03 00 00 DC 7E 01 00 5A 41 72 72 03 E0 04 00 è...Ü~..ZArr.à..
Regards
Izaac
ZMDB - Zune Music Database?
ZArr - Zune Artist information or Zune Album art?
Just guessing, no need to answer
As I said before
IzaacJ said:
The file "type/identifier" or what ever it's called is "ZMDB" which I believe is an acronym for Zune Media DataBase.
Click to expand...
Click to collapse
This database stores music, videos and pictures
Regards
Izaac
Sorry, missed it
From other side I think it can be more useful to search API to access that DB inside DLLs?
Yeah, but I doubt there'll be some functions for creating new albums and moving pictures to an other album, but I could be wrong.
Regards
Izaac
EDIT: Found some API calls in zuneapi.dll (requires ossvcs.dll to load in IDA Pro).
MediaApi_AddPhoto
MediaApi_AddPhotoFile
Really not that used to doing this kind of stuff, but I'm learning Didn't find anything related to deleting a picture/album, nor anything about creating an album or moving a picture from an album, but that's easy as adding the picture to the destination album, and deleting it from the previous one, when there are enough information to manage to do that
Regards
Izaac
it's also can be exposed as COM interface for example . . .
Can the DLL be imported via the DLLImport project, i would love to have it imported.
I wanna ask,
is galaxy w need link2sd installed?
what setting that would be good if installing link2sd?
Actually it depends on how much applications you want being installed on your phone but yes it worths installing it for at least 5 reasons:
Being able to mount to your computer your SD cards using the debug mode without stopping the applications that you should have moved to the SD card using the native App2SD.
Not being limited by the size of the /data partition because of the *.dex files generated for the dalvik cache.
You can move any kind of applications even those that are not movable to SD!
Link2SD includes free utilities like conversion of system application to user application (and vice versa) that you'll have to pay for with other solutions like Titanium Backup.
Avoiding slow downs because of the loop mounts created (Just run the "mount" command from an adb shell or terminal and you'll see).
Indeed I noticed a global slow down of my phone after I've started getting more and more applications being installed and beside I'm using some other tool to avoid push services and other unwanted background processes to be started by some applications, I've come to the conclusion that too many loop mounts because of the native App2SD is not good either (I suspect it takes over the RAM).
Actually the Link2SD FAQ will give you all the good reasons why to use it:
http://www.link2sd.info/faq
Recommendations:
I'd like to also share share my experience (I may move the following to another thread):
Recommend microSD cards:
Regarding the microSD card you can use even a 32 GB class 10.
The ones I recommend (32 GB class 10) are Samsung, SanDisk, Transcend (Those Transcend ones made in Korea are logically made by Samsung, the ones made in China are made by SanDisk).
Partitionning and formatting:
The tough part is the partitioning and formatting.
Out of the box, all the microSD cards are partitioned and formatted so that they are aligned with their erase block size (it can be 8 MiB, 12 MiB...)
Thus you'll have to consult so you'll know the erase block size:
the Linaro flash card survey:
https://wiki.linaro.org/WorkingGroups/Kernel/Projects/FlashCardSurvey
the corresponding flashbench mailing list
http://lists.linaro.org/mailman/listinfo/flashbench-results
You can also use the flashbench tool to figure it out.
The problem is that you cannot create or resize the FAT32 partition using Windows (even with minitool partition or paragon partition manager), nor with Linux by using gparted or other because you won't get your partitions aligned with the erase blocks and thus you'll get bad performances and faster wearing of your card.
Backup:
Before formatting do a raw backup of the first 16 MiB (for the partitions table and the FAT32 description) using busybox dd on the phone itself or dd on Linux.
For example on the phone:
dd if=/dev/block/mmcblk1 of=/sdcard/mmcblk1-orig-1st-16MiB.img bs=4M count=4
Also you must keep using the default cluster size of 32 kiB because of optimization done at the level of Android and because smaller cluster size will mean more memory taken from the RAM - Actually the FAT is loaded in the RAM, so you must keep it not too big.
Formulas:
Then decide how much you need for the Link2SD partition - You can start with 1 GiB or so, personally I use about 2 GiB. You can check how much space is taken by the asec images to decide...
Now here comes some math (The formulas are to be used in LibreOffice Calc):
Partitioning:
We need to define the new size for the FAT32 partition at the beginning so it is aligned with the erase block size and so that the File Allocation Tables are located between the special offsets (especially true with SanDisk - for example the FAT must be located between the offsets at 4 MiB and 12 MiB, that's why most SD card have 4 MiB unpartitioned free space at the beginning).
Code:
new_fat32_partition_size = MROUND(whole_microsd_size - wanted_link2sd_partition_size + fat32_start_offset ; erase_block_size) - fat32_start_offset
With:
whole_microsd_size: The actual total size of the card - You can get it using fdisk.
wanted_link2sd_partition_size: The size you'd like for the Link2SD partition.
fat32_start_offset: The offset where the 1st FAT32 partition starts.
erase_block_size: The erase block size.
So for example for a SanDisk microSDHC 32 GB Class 10, we have an erase block size of 12 MiB (actually 3 times 4 MiB) and a FAT description that has to start at the offset at 4 MiB and then next erase block that starts at the offset at 12 MiB.
Therefore you'll have:
Code:
new_fat32_partition_size = MROUND(30,101,504 kiB - 1,061,376 kiB + 4,194,304 kiB ; erase_block_size) - 12 582 912 kiB = 30,101,504 kiB
Therefore using fdisk you should get something like the following when printing the partitions (p) - Don't forget to disable the DOS compatibility flag and use the sector as the unit:
Code:
Disk /dev/mmcblk0: 31.9 GB, 31914983424 bytes
4 heads, 16 sectors/track, 973968 cylinders, total 62333952 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x9a064f9d
Device Boot Start End Blocks Id System
/dev/mmcblk0p1 8192 60211199 30101504 c W95 FAT32 (LBA)
/dev/mmcblk0p2 60211200 62333951 1061376 83 Linux
FAT32 formatting:
In order to use mkdosfs 3.0.9 or later with the right amount of reserved sectors so the root directory and data will start exactly at the next erase block offset.
The idea is to make so that the FATs ends exactly before that offset, but for that we need to know the size of one FAT.
Here is the formula based on mkdosfs source code, to calculate that needed number of reserved sectors:
Code:
total_number_of_sectors = total_number_of_blocks * block_size / sector_size
number_of_sectors_for_fats_and_data = total_number_of_sectors - MROUND(default_number_of_reserved_sectors ; cluster_size)
number_of_clusters = (number_of_sectors_for_fats_and_data * sector_size + number_of_fats * 8) / (cluster_size * sector_size + number_of_fats * 4)
fat_size = MROUND(CEILING((number_of_clusters + 2) * 4 / sector_size ; 1) ; cluster_size)
root_directory_offset = default_number_of_reserved_sectors + number_of_fats * fat_size
aligned_root_directory_offset = MROUND(root_directory_offset ; erase_block_size * 1024^2 / sector_size)
number_of_reserved_sectors = aligned_root_directory_offset - root_directory_offset + default_number_of_reserved_sectors
With:
sector_size: 512 bytes (Standard value)
block_size: 1,024 bytes (Standard value)
total_number_of_blocks: new_fat32_partition_size in kiB
default_number_of_reserved_sectors: 64 (can be 32)
cluster_size: 64 sectors (i.e. 32 kiB)
number_of_fats: 2 (Standard value)
So for example for that same card you'll get:
Code:
total_number_of_sectors = 60,203,008
number_of_reserved_sectors = 1,664
Therefore here is the command to format the FAT32 partition:
Code:
$> sudo mkdosfs -F 32 -s 64 -R 1664 -n EXTERNAL_SD -v /dev/mmcblk0p1
mkdosfs 3.0.9 (31 Jan 2010)
/dev/mmcblk0p1 has 4 heads and 16 sectors per track,
logical sector size is 512,
using 0xf8 media descriptor, with 60203008 sectors;
file system has 2 32-bit FATs and 64 sectors per cluster.
FAT size is 7360 sectors, and provides 940416 clusters.
There are 1664 reserved sectors.
Volume ID is 8aa89e36, volume label EXTERNAL_SD.
You can see that each FAT takes less than 3.6 MiB, so with 2 FATs and the reserved sector the FAT description takes less than 8 MiB.
You can then check using hexdump if indeed the root directory starts at the the 12 MiB offset (knowing that the partition begin at the 4 MiB offset - indeed 12 = 4 + 8).
For that let's read the first 13 MiB of the card:
Code:
$> sudo hd -n $[13*1024*1024] /dev/mmcblk0
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 82 |................|
000001c0 03 00 0c f8 95 a3 00 20 00 00 00 a0 96 03 00 f8 |....... ........|
000001d0 96 a3 83 1b f3 28 00 c0 96 03 00 64 20 00 00 00 |.....(.....d ...|
000001e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00000200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400000 eb 58 90 6d 6b 64 6f 73 66 73 00 00 02 40 80 06 |[email protected]|
00400010 02 00 00 00 00 f8 00 00 10 00 04 00 00 00 00 00 |................|
00400020 00 a0 96 03 c0 1c 00 00 00 00 00 00 02 00 00 00 |................|
00400030 01 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00400040 00 00 29 e5 a5 dc 46 45 58 54 45 52 4e 41 4c 5f |..)...FEXTERNAL_|
00400050 53 44 46 41 54 33 32 20 20 20 0e 1f be 77 7c ac |SDFAT32 ...w|.|
00400060 22 c0 74 0b 56 b4 0e bb 07 00 cd 10 5e eb f0 32 |".t.V.......^..2|
00400070 e4 cd 16 cd 19 eb fe 54 68 69 73 20 69 73 20 6e |.......This is n|
00400080 6f 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 64 69 |ot a bootable di|
00400090 73 6b 2e 20 20 50 6c 65 61 73 65 20 69 6e 73 65 |sk. Please inse|
004000a0 72 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 66 6c |rt a bootable fl|
004000b0 6f 70 70 79 20 61 6e 64 0d 0a 70 72 65 73 73 20 |oppy and..press |
004000c0 61 6e 79 20 6b 65 79 20 74 6f 20 74 72 79 20 61 |any key to try a|
004000d0 67 61 69 6e 20 2e 2e 2e 20 0d 0a 00 00 00 00 00 |gain ... .......|
004000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400200 52 52 61 41 00 00 00 00 00 00 00 00 00 00 00 00 |RRaA............|
00400210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004003e0 00 00 00 00 72 72 41 61 7e 59 0e 00 03 00 00 00 |....rrAa~Y......|
004003f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400c00 eb 58 90 6d 6b 64 6f 73 66 73 00 00 02 40 80 06 |[email protected]|
00400c10 02 00 00 00 00 f8 00 00 10 00 04 00 00 00 00 00 |................|
00400c20 00 a0 96 03 c0 1c 00 00 00 00 00 00 02 00 00 00 |................|
00400c30 01 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00400c40 00 00 29 e5 a5 dc 46 45 58 54 45 52 4e 41 4c 5f |..)...FEXTERNAL_|
00400c50 53 44 46 41 54 33 32 20 20 20 0e 1f be 77 7c ac |SDFAT32 ...w|.|
00400c60 22 c0 74 0b 56 b4 0e bb 07 00 cd 10 5e eb f0 32 |".t.V.......^..2|
00400c70 e4 cd 16 cd 19 eb fe 54 68 69 73 20 69 73 20 6e |.......This is n|
00400c80 6f 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 64 69 |ot a bootable di|
00400c90 73 6b 2e 20 20 50 6c 65 61 73 65 20 69 6e 73 65 |sk. Please inse|
00400ca0 72 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 66 6c |rt a bootable fl|
00400cb0 6f 70 70 79 20 61 6e 64 0d 0a 70 72 65 73 73 20 |oppy and..press |
00400cc0 61 6e 79 20 6b 65 79 20 74 6f 20 74 72 79 20 61 |any key to try a|
00400cd0 67 61 69 6e 20 2e 2e 2e 20 0d 0a 00 00 00 00 00 |gain ... .......|
00400ce0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400df0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004d0000 f8 ff ff 0f ff ff ff 0f f8 ff ff 0f ff ff ff 0f |................|
004d0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00868000 f8 ff ff 0f ff ff ff 0f f8 ff ff 0f ff ff ff 0f |................|
00868010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00c00000 45 58 54 45 52 4e 41 4c 5f 53 44 08 00 00 52 b3 |EXTERNAL_SD...R.|
We can see that indeed the root partition starts at the offset 0x00c00000 which is 12 MiB!
Also note that 0x00400000 is the 4 MiB offset, the beginning of the FAT32 partition...
You can try the hexdump against the backup you did and you'll see that the factory formatting is also with a number of reserved sector so that the root directory is aligned. For example I've found the root directory at the 12 MiB offset (of course) and for that they use 1,170 reserved sector (I've decoded the hexdump to get that value) which matches the formula. They also set 8,192 hidden sectors - that's more for compatibility with some cameras, we don't care here...
Link2SD formatting:
I use ext4 for that partition, I've got inspiration from http://blogofterje.wordpress.com/2012/01/14/optimizing-fs-on-sd-card/, however I'm not sure if indeed using the stride and the stripe-width options is really needed:
Code:
[FONT=Courier New]$ sudo mkfs.ext4 -O ^has_journal -E stride=4,stripe-width=512 -b 4096 -L Link2SD /dev/mmcblk0p2
mke2fs 1.41.14 (22-Dec-2010)
Filesystem label=Link2SD
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=4 blocks, Stripe width=512 blocks
66384 inodes, 265344 blocks
13267 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=272629760
9 block groups
32768 blocks per group, 32768 fragments per group
7376 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 30 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.[/FONT]
Anyway I consider the Link2SD partition is going to be used much more for read than write and we need the same file system that is used on the other partitions of the phone (i.e. ext4).
I hope it's not too complicated and that will help
Some other references:
http://android.bytearrays.com/android/align-your-sdcard-fat-and-ext-partition/
http://www.bradfordembedded.com/2011/12/format-an-sd-card-with-8-mib-aligned-partitions/
http://www.olpcnews.com/forum/index.php?topic=4993.0
http://www.patriotmemory.com/forums...ite-speed-by-aligning-FAT32&p=41521#post41521
http://forum.xda-developers.com/showthread.php?t=1224408
What a long and completed answer
I'll read and try to understand the way one-by-one. Thanks for sharing your knowledge!
Sent from my GT-I8150 using Tapatalk 2
v0rt3x said:
Actually it depends on how much applications you want being installed on your phone but yes it worths installing it for at least 5 reasons:
Being able to mount to your computer your SD cards using the debug mode without stopping the applications that you should have moved to the SD card using the native App2SD.
Not being limited by the size of the /data partition because of the *.dex files generated for the dalvik cache.
You can move any kind of applications even those that are not movable to SD!
Link2SD includes free utilities like conversion of system application to user application (and vice versa) that you'll have to pay for with other solutions like Titanium Backup.
Avoiding slow downs because of the loop mounts created (Just run the "mount" command from an adb shell or terminal and you'll see).
Indeed I noticed a global slow down of my phone after I've started getting more and more applications being installed and beside I'm using some other tool to avoid push services and other unwanted background processes to be started by some applications, I've come to the conclusion that too many loop mounts because of the native App2SD is not good either (I suspect it takes over the RAM).
Actually the Link2SD FAQ will give you all the good reasons why to use it:
http://www.link2sd.info/faq
Recommendations:
I'd like to also share share my experience (I may move the following to another thread):
Recommend microSD cards:
Regarding the microSD card you can use even a 32 GB class 10.
The ones I recommend (32 GB class 10) are Samsung, SanDisk, Transcend (Those Transcend ones made in Korea are logically made by Samsung, the ones made in China are made by SanDisk).
Partitionning and formatting:
The tough part is the partitioning and formatting.
Out of the box, all the microSD cards are partitioned and formatted so that they are aligned with their erase block size (it can be 8 MiB, 12 MiB...)
Thus you'll have to consult so you'll know the erase block size:
the Linaro flash card survey:
https://wiki.linaro.org/WorkingGroups/Kernel/Projects/FlashCardSurvey
the corresponding flashbench mailing list
http://lists.linaro.org/mailman/listinfo/flashbench-results
You can also use the flashbench tool to figure it out.
The problem is that you cannot create or resize the FAT32 partition using Windows (even with minitool partition or paragon partition manager), nor with Linux by using gparted or other because you won't get your partitions aligned with the erase blocks and thus you'll get bad performances and faster wearing of your card.
Backup:
Before formatting do a raw backup of the first 16 MiB (for the partitions table and the FAT32 description) using busybox dd on the phone itself or dd on Linux.
For example on the phone:
dd if=/dev/block/mmcblk1 of=/sdcard/mmcblk1-orig-1st-16MiB.img bs=4M count=4
Also you must keep using the default cluster size of 32 kiB because of optimization done at the level of Android and because smaller cluster size will mean more memory taken from the RAM - Actually the FAT is loaded in the RAM, so you must keep it not too big.
Formulas:
Then decide how much you need for the Link2SD partition - You can start with 1 GiB or so, personally I use about 2 GiB. You can check how much space is taken by the asec images to decide...
Now here comes some math (The formulas are to be used in LibreOffice Calc):
Partitioning:
We need to define the new size for the FAT32 partition at the beginning so it is aligned with the erase block size and so that the File Allocation Tables are located between the special offsets (especially true with SanDisk - for example the FAT must be located between the offsets at 4 MiB and 12 MiB, that's why most SD card have 4 MiB unpartitioned free space at the beginning).
Code:
new_fat32_partition_size = MROUND(whole_microsd_size - wanted_link2sd_partition_size + fat32_start_offset ; erase_block_size) - fat32_start_offset
With:
whole_microsd_size: The actual total size of the card - You can get it using fdisk.
wanted_link2sd_partition_size: The size you'd like for the Link2SD partition.
fat32_start_offset: The offset where the 1st FAT32 partition starts.
erase_block_size: The erase block size.
So for example for a SanDisk microSDHC 32 GB Class 10, we have an erase block size of 12 MiB (actually 3 times 4 MiB) and a FAT description that has to start at the offset at 4 MiB and then next erase block that starts at the offset at 12 MiB.
Therefore you'll have:
Code:
new_fat32_partition_size = MROUND(30,101,504 kiB - 1,061,376 kiB + 4,194,304 kiB ; erase_block_size) - 12 582 912 kiB = 30,101,504 kiB
Therefore using fdisk you should get something like the following when printing the partitions (p) - Don't forget to disable the DOS compatibility flag and use the sector as the unit:
Code:
Disk /dev/mmcblk0: 31.9 GB, 31914983424 bytes
4 heads, 16 sectors/track, 973968 cylinders, total 62333952 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x9a064f9d
Device Boot Start End Blocks Id System
/dev/mmcblk0p1 8192 60211199 30101504 c W95 FAT32 (LBA)
/dev/mmcblk0p2 60211200 62333951 1061376 83 Linux
FAT32 formatting:
In order to use mkdosfs 3.0.9 or later with the right amount of reserved sectors so the root directory and data will start exactly at the next erase block offset.
The idea is to make so that the FATs ends exactly before that offset, but for that we need to know the size of one FAT.
Here is the formula based on mkdosfs source code, to calculate that needed number of reserved sectors:
Code:
total_number_of_sectors = total_number_of_blocks * block_size / sector_size
number_of_sectors_for_fats_and_data = total_number_of_sectors - MROUND(default_number_of_reserved_sectors ; cluster_size)
number_of_clusters = (number_of_sectors_for_fats_and_data * sector_size + number_of_fats * 8) / (cluster_size * sector_size + number_of_fats * 4)
fat_size = MROUND(CEILING((number_of_clusters + 2) * 4 / sector_size ; 1) ; cluster_size)
root_directory_offset = default_number_of_reserved_sectors + number_of_fats * fat_size
aligned_root_directory_offset = MROUND(root_directory_offset ; erase_block_size * 1024^2 / sector_size)
number_of_reserved_sectors = aligned_root_directory_offset - root_directory_offset + default_number_of_reserved_sectors
With:
sector_size: 512 bytes (Standard value)
block_size: 1,024 bytes (Standard value)
total_number_of_blocks: new_fat32_partition_size in kiB
default_number_of_reserved_sectors: 64 (can be 32)
cluster_size: 64 sectors (i.e. 32 kiB)
number_of_fats: 2 (Standard value)
So for example for that same card you'll get:
Code:
total_number_of_sectors = 60,203,008
number_of_reserved_sectors = 1,664
Therefore here is the command to format the FAT32 partition:
Code:
$> sudo mkdosfs -F 32 -s 64 -R 1664 -n EXTERNAL_SD -v /dev/mmcblk0p1
mkdosfs 3.0.9 (31 Jan 2010)
/dev/mmcblk0p1 has 4 heads and 16 sectors per track,
logical sector size is 512,
using 0xf8 media descriptor, with 60203008 sectors;
file system has 2 32-bit FATs and 64 sectors per cluster.
FAT size is 7360 sectors, and provides 940416 clusters.
There are 1664 reserved sectors.
Volume ID is 8aa89e36, volume label EXTERNAL_SD.
You can see that each FAT takes less than 3.6 MiB, so with 2 FATs and the reserved sector the FAT description takes less than 8 MiB.
You can then check using hexdump if indeed the root directory starts at the the 12 MiB offset (knowing that the partition begin at the 4 MiB offset - indeed 12 = 4 + 8).
For that let's read the first 13 MiB of the card:
Code:
$> sudo hd -n $[13*1024*1024] /dev/mmcblk0
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 82 |................|
000001c0 03 00 0c f8 95 a3 00 20 00 00 00 a0 96 03 00 f8 |....... ........|
000001d0 96 a3 83 1b f3 28 00 c0 96 03 00 64 20 00 00 00 |.....(.....d ...|
000001e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00000200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400000 eb 58 90 6d 6b 64 6f 73 66 73 00 00 02 40 80 06 |[email protected]|
00400010 02 00 00 00 00 f8 00 00 10 00 04 00 00 00 00 00 |................|
00400020 00 a0 96 03 c0 1c 00 00 00 00 00 00 02 00 00 00 |................|
00400030 01 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00400040 00 00 29 e5 a5 dc 46 45 58 54 45 52 4e 41 4c 5f |..)...FEXTERNAL_|
00400050 53 44 46 41 54 33 32 20 20 20 0e 1f be 77 7c ac |SDFAT32 ...w|.|
00400060 22 c0 74 0b 56 b4 0e bb 07 00 cd 10 5e eb f0 32 |".t.V.......^..2|
00400070 e4 cd 16 cd 19 eb fe 54 68 69 73 20 69 73 20 6e |.......This is n|
00400080 6f 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 64 69 |ot a bootable di|
00400090 73 6b 2e 20 20 50 6c 65 61 73 65 20 69 6e 73 65 |sk. Please inse|
004000a0 72 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 66 6c |rt a bootable fl|
004000b0 6f 70 70 79 20 61 6e 64 0d 0a 70 72 65 73 73 20 |oppy and..press |
004000c0 61 6e 79 20 6b 65 79 20 74 6f 20 74 72 79 20 61 |any key to try a|
004000d0 67 61 69 6e 20 2e 2e 2e 20 0d 0a 00 00 00 00 00 |gain ... .......|
004000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400200 52 52 61 41 00 00 00 00 00 00 00 00 00 00 00 00 |RRaA............|
00400210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004003e0 00 00 00 00 72 72 41 61 7e 59 0e 00 03 00 00 00 |....rrAa~Y......|
004003f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400c00 eb 58 90 6d 6b 64 6f 73 66 73 00 00 02 40 80 06 |[email protected]|
00400c10 02 00 00 00 00 f8 00 00 10 00 04 00 00 00 00 00 |................|
00400c20 00 a0 96 03 c0 1c 00 00 00 00 00 00 02 00 00 00 |................|
00400c30 01 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00400c40 00 00 29 e5 a5 dc 46 45 58 54 45 52 4e 41 4c 5f |..)...FEXTERNAL_|
00400c50 53 44 46 41 54 33 32 20 20 20 0e 1f be 77 7c ac |SDFAT32 ...w|.|
00400c60 22 c0 74 0b 56 b4 0e bb 07 00 cd 10 5e eb f0 32 |".t.V.......^..2|
00400c70 e4 cd 16 cd 19 eb fe 54 68 69 73 20 69 73 20 6e |.......This is n|
00400c80 6f 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 64 69 |ot a bootable di|
00400c90 73 6b 2e 20 20 50 6c 65 61 73 65 20 69 6e 73 65 |sk. Please inse|
00400ca0 72 74 20 61 20 62 6f 6f 74 61 62 6c 65 20 66 6c |rt a bootable fl|
00400cb0 6f 70 70 79 20 61 6e 64 0d 0a 70 72 65 73 73 20 |oppy and..press |
00400cc0 61 6e 79 20 6b 65 79 20 74 6f 20 74 72 79 20 61 |any key to try a|
00400cd0 67 61 69 6e 20 2e 2e 2e 20 0d 0a 00 00 00 00 00 |gain ... .......|
00400ce0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00400df0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00400e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
004d0000 f8 ff ff 0f ff ff ff 0f f8 ff ff 0f ff ff ff 0f |................|
004d0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00868000 f8 ff ff 0f ff ff ff 0f f8 ff ff 0f ff ff ff 0f |................|
00868010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00c00000 45 58 54 45 52 4e 41 4c 5f 53 44 08 00 00 52 b3 |EXTERNAL_SD...R.|
We can see that indeed the root partition starts at the offset 0x00c00000 which is 12 MiB!
Also note that 0x00400000 is the 4 MiB offset, the beginning of the FAT32 partition...
You can try the hexdump against the backup you did and you'll see that the factory formatting is also with a number of reserved sector so that the root directory is aligned. For example I've found the root directory at the 12 MiB offset (of course) and for that they use 1,170 reserved sector (I've decoded the hexdump to get that value) which matches the formula. They also set 8,192 hidden sectors - that's more for compatibility with some cameras, we don't care here...
Link2SD formatting:
I use ext4 for that partition, I've got inspiration from http://blogofterje.wordpress.com/2012/01/14/optimizing-fs-on-sd-card/, however I'm not sure if indeed using the stride and the stripe-width options is really needed:
Code:
[FONT=Courier New]$ sudo mkfs.ext4 -O ^has_journal -E stride=4,stripe-width=512 -b 4096 -L Link2SD /dev/mmcblk0p2
mke2fs 1.41.14 (22-Dec-2010)
Filesystem label=Link2SD
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=4 blocks, Stripe width=512 blocks
66384 inodes, 265344 blocks
13267 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=272629760
9 block groups
32768 blocks per group, 32768 fragments per group
7376 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 30 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.[/FONT]
Anyway I consider the Link2SD partition is going to be used much more for read than write and we need the same file system that is used on the other partitions of the phone (i.e. ext4).
I hope it's not too complicated and that will help
Some other references:
http://android.bytearrays.com/android/align-your-sdcard-fat-and-ext-partition/
http://www.bradfordembedded.com/2011/12/format-an-sd-card-with-8-mib-aligned-partitions/
http://www.olpcnews.com/forum/index.php?topic=4993.0
http://www.patriotmemory.com/forums...ite-speed-by-aligning-FAT32&p=41521#post41521
http://forum.xda-developers.com/showthread.php?t=1224408
Click to expand...
Click to collapse
what a nice answer... It's too complicated, but I think I can understand overall of that.. thanks mate
USB storage
Galaxy W has an internal USB Storage. Link2sd failed to move apps that have big database or library (like sygic) to the external memory but instead it was moved to the internal USB storage. How do I make Link2sd to move all the large apps to the external memory? Thanks in advance
Scootster said:
Galaxy W has an internal USB Storage. Link2sd failed to move apps that have big database or library (like sygic) to the external memory but instead it was moved to the internal USB storage. How do I make Link2sd to move all the large apps to the external memory? Thanks in advance
Click to expand...
Click to collapse
Swap the storage so that your external_sd will change place with the internal storage
Pressing "Thanks" button will be much appreciated if user's posts useful for you
swapped memory
reddvilzz said:
Swap the storage so that your external_sd will change place with the internal storage
Pressing "Thanks" button will be much appreciated if user's posts useful for you
Click to expand...
Click to collapse
I swapped memory before this but the phone perform not very good. It lagged very much in switching from one task to another.
If memory was to swapped, then there is no use for Link2sd isn't it? because all apps were installed directly to. external memory. Does memory card needs to be in 2 partition?
No, swapped ish juz useless trick and could break ur sd card.
Dwama said:
No, swapped ish juz useless trick and could break ur sd card.
Click to expand...
Click to collapse
What are you talking about?
There are 2 meanings of the word 'swap' for the W:
The 1st meaning is creating a swapfile and/or swap partition.
The 2nd meaning is to change the mount points of the internal SD and the external SD so that Android thought the external SD is the internal one (mounted at /sdcard) and the internal SD gets mounted to the external point ( /sdcard/external_sd)
The 1st meaning is the dangerous one. The 2nd meaning is instead very useful.
-- xda app / CM9b3 / DXKL1 / Galaxy W --
Hi Folks,
Just thought I'd throw this out here, I spent a good portion of my day digging through forums, ussd/mmi codes, tools, and hex editors trying to find a way to SIM Unlock my Bell S3 (I747M). I eventually 'gave in' and paid an eBay seller $8.00 to unlock my phone through a remote control application and USB network redirector (Successfully, although I never did get the actual SPC code from him even though I asked several times).
For security and isolation reasons I used a clean Windows 7 VM in VMware Workstation 8 with just the Samsung Drivers (from mskip's S3 toolkit (Qualcomm version) -- THANK YOU!!), the remote control tool, and the usb redirector to allow the remote 'tech' to do his work.
I ran a USB Logger tool (from the same vendor that makes the redirector) outside the VM on my host PC and had it capture the complete unlocking process from initial USB plug-in to post-unlock power-off.
I also grabbed images of the EFS partition (using dd) and the NVRAM (with QPST Tools) before and after the unlocking process.
I would expect the most 'useful' to furthering the secret of this unlock would be the delta of the NVRAM images, but alas while I have carefully looked it over a couples times, I don't see anything that looks to be the 'smoking gun'. I will follow-up this post with the relevant snippets as I'm sure there are many of you that may have more experience digging through this than I. Perhaps if someone else can send/post a similar delta, seeing the 'mutual' differences may again shed light on which areas to focus on in further detail.
Analyzing the USB communications may also give us a better understanding of if there are commands or processes we can use in making our own tool to remove this SIM lock.
FWIW, I'm using wxHexEditor for the dump comparisons.
NVRAM Hex Diff #1
Here's the first block with a few changes:
Before:
Code:
000608 00 00 00 00 00 00 00 00 00 00 00 00 B0 24 47 D3 .............$G.
000624 82 CD CD 01 0A 00 00 00 00 82 00 00 00 00 00 00 ................
000640 46 00 69 00 6C 00 65 00 5F 00 56 00 65 00 72 00 F.i.l.e._.V.e.r.
000656 73 00 69 00 6F 00 6E 00 00 00 00 00 00 00 00 00 s.i.o.n.........
000672 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000704 1A 00 02 01 02 00 00 00 FF FF FF FF FF FF FF FF ................
000720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000736 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000752 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 ................
000768 30 00 30 00 30 00 30 00 34 00 30 00 36 00 39 00 0.0.0.0.4.0.6.9.
000784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000832 12 00 01 00 FF FF FF FF FF FF FF FF 03 00 00 00 ................
000848 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000864 00 00 00 00 D0 B2 9E A0 82 CD CD 01 40 13 46 D3 [email protected]
000880 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
000896 64 00 65 00 66 00 61 00 75 00 6C 00 74 00 00 00 d.e.f.a.u.l.t...
000912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000928 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000960 10 00 01 01 FF FF FF FF FF FF FF FF 04 00 00 00 ................
000976 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000992 00 00 00 00 D0 B2 9E A0 82 CD CD 01 B0 B3 44 D3 ..............D.
001008 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
001024 06 .
After:
Code:
000608 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"]00 A6 22 2A[/COLOR] ............[COLOR="red"].."*[/COLOR]
000624 [COLOR="red"]DE[/COLOR] CD CD 01 0A 00 00 00 00 82 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
000640 46 00 69 00 6C 00 65 00 5F 00 56 00 65 00 72 00 F.i.l.e._.V.e.r.
000656 73 00 69 00 6F 00 6E 00 00 00 00 00 00 00 00 00 s.i.o.n.........
000672 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000704 1A 00 02 01 02 00 00 00 FF FF FF FF FF FF FF FF ................
000720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000736 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000752 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 ................
000768 30 00 30 00 30 00 30 00 34 00 30 00 36 00 39 00 0.0.0.0.4.0.6.9.
000784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000832 12 00 01 00 FF FF FF FF FF FF FF FF 03 00 00 00 ................
000848 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000864 00 00 00 00 [COLOR="red"]30 8F 77 FD DD[/COLOR] CD CD 01 [COLOR="red"]80 6D 21 2A[/COLOR] ....[COLOR="red"]0.w..[/COLOR]...[COLOR="red"].m!*[/COLOR]
000880 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
000896 64 00 65 00 66 00 61 00 75 00 6C 00 74 00 00 00 d.e.f.a.u.l.t...
000912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000928 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000960 10 00 01 01 FF FF FF FF FF FF FF FF 04 00 00 00 ................
000976 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000992 00 00 00 00 [COLOR="Red"]30 8F 77 FD DD[/COLOR] CD CD 01 [COLOR="red"]00 35 20 2A[/COLOR] ....[COLOR="red"]0.w..[/COLOR]...[COLOR="red"].5 *[/COLOR]
001008 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
001024 06 .
http: //secure.eix.ca/s3/nvram1.png
Here's the second block:
Before:
Code:
001536 52 00 6F 00 6F 00 74 00 20 00 45 00 6E 00 74 00 R.o.o.t. .E.n.t.
001552 72 00 79 00 00 00 00 00 00 00 00 00 00 00 00 00 r.y.............
001568 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001584 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001600 16 00 05 00 FF FF FF FF FF FF FF FF 01 00 00 00 ................
001616 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001632 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"][B]60 6C 91 A0[/B][/COLOR] ............[COLOR="Red"][B]`l..[/B][/COLOR]
001648 [COLOR="Red"][B]82[/B][/COLOR] CD CD 01 05 00 00 00 40 00 00 00 00 00 00 00 [COLOR="Red"][B].[/B][/COLOR][email protected]
After
Code:
001536 52 00 6F 00 6F 00 74 00 20 00 45 00 6E 00 74 00 R.o.o.t. .E.n.t.
001552 72 00 79 00 00 00 00 00 00 00 00 00 00 00 00 00 r.y.............
001568 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001584 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001600 16 00 05 00 FF FF FF FF FF FF FF FF 01 00 00 00 ................
001616 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001632 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"][B]50 E4 61 FD[/B][/COLOR] ............[COLOR="Red"][B]P.a.[/B][/COLOR]
001648 [COLOR="Red"][B]DD[/B][/COLOR] CD CD 01 05 00 00 00 40 00 00 00 00 00 00 00 [COLOR="Red"][B].[/B][/COLOR][email protected]
Wow.. What your doing must be impressive. I have no idea what you just said lol
Sent from my SGH-I747 using xda app-developers app
Here's the Third Block:
Before:
Code:
003584 4E 00 56 00 5F 00 4E 00 55 00 4D 00 42 00 45 00 N.V._.N.U.M.B.E.
003600 52 00 45 00 44 00 5F 00 49 00 54 00 45 00 4D 00 R.E.D._.I.T.E.M.
003616 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S...............
003632 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003648 24 00 01 01 07 00 00 00 05 00 00 00 10 00 00 00 $...............
003664 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003680 00 00 00 00 30 96 B5 A0 82 CD CD 01 50 B3 B2 CF ....0.......P...
003696 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
003712 4D 00 6F 00 62 00 69 00 6C 00 65 00 5F 00 50 00 M.o.b.i.l.e._.P.
003728 72 00 6F 00 70 00 65 00 72 00 74 00 79 00 5F 00 r.o.p.e.r.t.y._.
003744 49 00 6E 00 66 00 6F 00 00 00 00 00 00 00 00 00 I.n.f.o.........
003760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003776 2A 00 02 01 FF FF FF FF 09 00 00 00 FF FF FF FF *...............
003792 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003808 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003824 00 00 00 00 02 00 00 00 46 00 00 00 00 00 00 00 ........F.......
003840 46 00 65 00 61 00 74 00 75 00 72 00 65 00 5F 00 F.e.a.t.u.r.e._.
003856 4D 00 61 00 73 00 6B 00 00 00 00 00 00 00 00 00 M.a.s.k.........
003872 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003888 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003904 1A 00 02 00 FF FF FF FF FF FF FF FF FF FF FF FF ................
003920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003936 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003952 00 00 00 00 01 00 00 00 38 00 00 00 00 00 00 00 ........8.......
003968 45 00 46 00 53 00 5F 00 42 00 61 00 63 00 6B 00 E.F.S._.B.a.c.k.
003984 75 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 u.p.............
004000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004016 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004032 16 00 01 01 08 00 00 00 06 00 00 00 0E 00 00 00 ................
004048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004064 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
004080 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004096 4E 00 56 00 5F 00 49 00 74 00 65 00 6D 00 73 00 N.V._.I.t.e.m.s.
004112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004128 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004144 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004160 12 00 01 00 FF FF FF FF FF FF FF FF 0C 00 00 00 ................
004176 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004192 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004208 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004224 50 00 72 00 6F 00 76 00 69 00 73 00 69 00 6F 00 P.r.o.v.i.s.i.o.
004240 6E 00 69 00 6E 00 67 00 5F 00 49 00 74 00 65 00 n.i.n.g._.I.t.e.
004256 6D 00 5F 00 46 00 69 00 6C 00 65 00 73 00 00 00 m._.F.i.l.e.s...
004272 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004288 30 00 01 00 FF FF FF FF FF FF FF FF 0A 00 00 00 0...............
004304 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004320 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004336 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004352 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004416 10 00 01 01 FF FF FF FF 0B 00 00 00 42 01 00 00 ............B...
004432 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004448 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004464 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004480 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004528 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004544 12 00 01 00 FF FF FF FF FF FF FF FF 35 01 00 00 ............5...
004560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004576 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004592 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004608 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004624 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004656 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004672 10 00 01 01 FF FF FF FF 0D 00 00 00 03 01 00 00 ................
004688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004704 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004720 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004736 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004752 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004768 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004800 12 00 01 00 FF FF FF FF FF FF FF FF B5 00 00 00 ................
004816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004832 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004848 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004864 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004896 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004928 10 00 01 01 FF FF FF FF 0F 00 00 00 63 00 00 00 ............c...
004944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004960 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
004976 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004992 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
005008 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005024 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005056 12 00 01 00 FF FF FF FF FF FF FF FF 21 00 00 00 ............!...
005072 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005088 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
005104 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
005120 FE FF FF FF FE FF FF FF 03 00 00 00 FE FF FF FF ................
After:
Code:
003584 4E 00 56 00 5F 00 4E 00 55 00 4D 00 42 00 45 00 N.V._.N.U.M.B.E.
003600 52 00 45 00 44 00 5F 00 49 00 54 00 45 00 4D 00 R.E.D._.I.T.E.M.
003616 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S...............
003632 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003648 24 00 01 01 07 00 00 00 05 00 00 00 10 00 00 00 $...............
003664 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003680 00 00 00 00 [COLOR="Red"]A0 4F C4 FD DD[/COLOR] CD CD 01 [COLOR="red"]20 3F 6D 26[/COLOR] ....[COLOR="red"].O...[/COLOR]...[COLOR="red"] ?m&[/COLOR]
003696 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
003712 4D 00 6F 00 62 00 69 00 6C 00 65 00 5F 00 50 00 M.o.b.i.l.e._.P.
003728 72 00 6F 00 70 00 65 00 72 00 74 00 79 00 5F 00 r.o.p.e.r.t.y._.
003744 49 00 6E 00 66 00 6F 00 00 00 00 00 00 00 00 00 I.n.f.o.........
003760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003776 2A 00 02 01 FF FF FF FF 09 00 00 00 FF FF FF FF *...............
003792 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003808 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003824 00 00 00 00 02 00 00 00 46 00 00 00 00 00 00 00 ........F.......
003840 46 00 65 00 61 00 74 00 75 00 72 00 65 00 5F 00 F.e.a.t.u.r.e._.
003856 4D 00 61 00 73 00 6B 00 00 00 00 00 00 00 00 00 M.a.s.k.........
003872 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003888 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003904 1A 00 02 00 FF FF FF FF FF FF FF FF FF FF FF FF ................
003920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003936 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003952 00 00 00 00 01 00 00 00 38 00 00 00 00 00 00 00 ........8.......
003968 45 00 46 00 53 00 5F 00 42 00 61 00 63 00 6B 00 E.F.S._.B.a.c.k.
003984 75 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 u.p.............
004000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004016 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004032 16 00 01 01 08 00 00 00 06 00 00 00 0E 00 00 00 ................
004048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004064 00 00 00 00 [COLOR="red"]C0 DC 7F 26 DE[/COLOR] CD CD 01 [COLOR="red"]00 C4 1D 2A[/COLOR] .......&.......*
004080 [COLOR="red"] DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004096 4E 00 56 00 5F 00 49 00 74 00 65 00 6D 00 73 00 N.V._.I.t.e.m.s.
004112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004128 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004144 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004160 12 00 01 00 FF FF FF FF FF FF FF FF 0C 00 00 00 ................
004176 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004192 00 00 00 00 [COLOR="red"]60 3E 9C 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 49 DD 27[/COLOR] ....`>.&.....I.'
004208 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004224 50 00 72 00 6F 00 76 00 69 00 73 00 69 00 6F 00 P.r.o.v.i.s.i.o.
004240 6E 00 69 00 6E 00 67 00 5F 00 49 00 74 00 65 00 n.i.n.g._.I.t.e.
004256 6D 00 5F 00 46 00 69 00 6C 00 65 00 73 00 00 00 m._.F.i.l.e.s...
004272 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004288 30 00 01 00 FF FF FF FF FF FF FF FF 0A 00 00 00 0...............
004304 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004320 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004336 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004352 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004416 10 00 01 01 FF FF FF FF 0B 00 00 00 42 01 00 00 ............B...
004432 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004448 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004464 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004480 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004528 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004544 12 00 01 00 FF FF FF FF FF FF FF FF 35 01 00 00 ............5...
004560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004576 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004592 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004608 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004624 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004656 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004672 10 00 01 01 FF FF FF FF 0D 00 00 00 03 01 00 00 ................
004688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004704 00 00 00 00 [COLOR="red"]60 3E 9C 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 49 DD 27[/COLOR] ....`>.&.....I.'
004720 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004736 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004752 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004768 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004800 12 00 01 00 FF FF FF FF FF FF FF FF B5 00 00 00 ................
004816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004832 00 00 00 00 [COLOR="red"]70 65 9C 26 DE[/COLOR] CD CD 01[COLOR="red"] E0 49 DD 27[/COLOR] ....pe.&.....I.'
004848 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004864 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004896 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004928 10 00 01 01 FF FF FF FF 0F 00 00 00 63 00 00 00 ............c...
004944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004960 00 00 00 00 [COLOR="red"]C0 DC 7F 26 DE[/COLOR] CD CD 01 [COLOR="red"]00 C4 1D 2A[/COLOR] .......&.......*
004976 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004992 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
005008 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005024 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005056 12 00 01 00 FF FF FF FF FF FF FF FF 21 00 00 00 ............!...
005072 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005088 00 00 00 00 C0 DC 7F 26 DE CD CD 01 00 C4 1D 2A .......&.......*
005104 DE CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
005120 FE FF FF FF FE FF FF FF 03 00 00 00 FE FF FF FF ................
Deoxlar said:
Wow.. What your doing must be impressive. I have no idea what you just said lol
Sent from my SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
Thanks, although I don't think it's that impressive, or I would have figured this out by now.
I'll post the last 4 sections tomorrow, it's getting really late here.
This could possibly lead to a genuine unlock for everyone. I'll unlock my device soon as I'll be traveling next month. I'll upload some hex values later.
This guy here has an app to unlock samsung phones. It doesn't support our model yet he eventually wants to add support for it. Maybe get in contact with him and try to speed things along he might be able to make more sense odd what you've got posted here
http://forum.xda-developers.com/showthread.php?t=1846451
Sent from my SGH-I747M using xda premium
Here's the 4th block:
Before:
Code:
008624 00 00 00 00 00 00 00 00 88 00 01 00 59 07 00 00 ............Y...
008640 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008656 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008672 00 80 E5 16 C5 14 CD 11 B3 0E 1D 0C 11 0A 49 07 ..............I.
008688 [COLOR="DeepSkyBlue"]43[/COLOR] 04 CF 03 [COLOR="DeepSkyBlue"]49[/COLOR] 03 8B 02 CF 01 3F 01 [COLOR="DeepSkyBlue"]A3[/COLOR] 00 [COLOR="DeepSkyBlue"]09[/COLOR] 00 [COLOR="DeepSkyBlue"]C[/COLOR]...[COLOR="DeepSkyBlue"]I[/COLOR].....?.[COLOR="DeepSkyBlue"].[/COLOR].[COLOR="DeepSkyBlue"].[/COLOR].
008704 [COLOR="DeepSkyBlue"]6D[/COLOR] FF [COLOR="DeepSkyBlue"]C7[/COLOR] FE 2D FE 8B FD DD FC 65 FC EF FB 3B FB [COLOR="DeepSkyBlue"]m[/COLOR].[COLOR="DeepSkyBlue"].[/COLOR].-.....e...;.
008720 83 FA 01 FA 7F F9 03 F9 81 F8 3D F5 05 F3 75 F0 ..........=...u.
008736 8B ED EB EB 61 EA 00 80 00 80 00 80 00 80 00 80 ....a...........
008752 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008768 88 00 01 00 5B 07 00 00 7B 01 00 00 00 00 00 00 ....[...{.......
After
Code:
008624 00 00 00 00 00 00 00 00 88 00 01 00 59 07 00 00 ............Y...
008640 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008656 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008672 00 80 E5 16 C5 14 CD 11 B3 0E 1D 0C 11 0A 49 07 ..............I.
008688 [B][COLOR="Red"]45[/COLOR][/B] 04 CF 03 [COLOR="red"][B]47[/B][/COLOR] 03 8B 02 CF 01 3F 01 [COLOR="red"][B]A5[/B][/COLOR] 00 [COLOR="red"][B]0B[/B][/COLOR] 00 [COLOR="red"][B]E[/B][/COLOR]...[COLOR="red"][B]G[/B][/COLOR].....?.[B][COLOR="red"].[/COLOR][/B].[COLOR="red"][B].[/B][/COLOR].
008704 [COLOR="Red"][B]6F[/B][/COLOR] FF [COLOR="red"][B]CB[/B][/COLOR] FE 2D FE 8B FD DD FC 65 FC EF FB 3B FB [COLOR="red"][B]o[/B][/COLOR].[COLOR="red"][B].[/B][/COLOR].-.....e...;.
008720 83 FA 01 FA 7F F9 03 F9 81 F8 3D F5 05 F3 75 F0 ..........=...u.
008736 8B ED EB EB 61 EA 00 80 00 80 00 80 00 80 00 80 ....a...........
008752 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008768 88 00 01 00 5B 07 00 00 7B 01 00 00 00 00 00 00 ....[...{.......
---------------------------------------------------------------------------------------------------------
and 5th Block:
Before:
Code:
043984 00 00 00 00 00 00 00 00 88 00 01 00 D2 02 00 00 ................
044000 03 00 00 00 09 00 00 00 00 04 03 02 06 01 00 07 ................
044016 05 09 08 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044032 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044064 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044096 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044128 88 00 01 00 D3 02 00 00 03 00 02 03 08 08 00 26 ...............&
044144 04 00 00 10 00 00 00 00 00 00 00 63 2F BA 04 A0 ...........c/...
044160 17 00 00 C1 00 00 00 03 00 02 03 08 08 00 3F 04 ..............?.
044176 00 00 10 00 00 00 00 00 00 00 8B 52 BA 04 90 17 ...........R....
044192 00 00 00 00 00 00 03 01 00 03 04 01 00 4B 02 00 .............K..
044208 00 01 00 00 00 00 00 00 00 09 00 00 00 30 0A 00 .............0..
044224 00 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ."..............
044240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044256 00 00 00 00 00 00 00 00 88 00 01 00 E1 02 00 00 ................
044272 03 01 00 03 04 01 00 53 11 00 00 10 00 00 00 00 .......S........
044288 00 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 .......0..."....
044304 01 00 03 04 01 00 64 02 00 00 01 00 00 00 00 00 ......d.........
044320 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 00 ......0...".....
044336 02 03 08 08 00 32 02 00 00 01 00 00 00 00 00 00 .....2..........
044352 00 AB 6A BA 04 10 0C 00 00 00 00 00 00 00 00 00 ..j.............
044368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044400 88 00 01 00 E2 02 00 00 03 01 00 03 04 01 00 1E ................
044416 11 00 00 10 00 00 00 00 00 00 00 C6 15 9D 06 30 ...............0
044432 0A 00 00 0B 00 00 00 03 00 02 03 08 08 00 19 02 ................
044448 00 00 01 00 00 00 00 00 00 00 43 5E BA 04 90 17 ..........C^....
044464 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044528 00 00 00 00 00 00 00 00 88 00 01 00 E3 02 00 00 ................
044544 03 00 02 03 08 08 00 00 02 00 00 01 00 00 00 00 ................
044560 00 00 00 92 43 BA 04 10 0E 00 00 00 00 00 00 03 ....C...........
044576 00 02 03 08 08 00 4B 02 00 00 01 00 00 00 00 00 ......K.........
044592 00 00 E3 37 BA 04 10 0C 00 00 00 00 00 00 00 00 ...7............
044608 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
After
Code:
043984 00 00 00 00 00 00 00 00 88 00 01 00 D2 02 00 00 ................
044000 [COLOR="Red"][B]09[/B][/COLOR] 00 00 00 09 00 00 00 00 [COLOR="red"][B]02 09 05 07 08[/B][/COLOR] 00 [COLOR="red"][B]04[/B][/COLOR] ................
044016 [B][COLOR="red"]03 06 01[/COLOR][/B] 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044032 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044064 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044096 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044128 88 00 01 00 D3 02 00 00 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]02 06[/B][/COLOR] 00 [COLOR="red"][B]7D[/B][/COLOR] ...............}
044144 [COLOR="red"][B]02[/B][/COLOR] 00 00 [COLOR="red"][B]01[/B][/COLOR] 00 00 00 00 00 00 00 [COLOR="red"][B]09 00 00 00 80[/B][/COLOR] ................
044160 [COLOR="red"][B]07[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 03 00 02 03 08 08 00 3F 04 ..."..........?.
044176 00 00 10 00 00 00 00 00 00 00 8B 52 BA 04 90 17 ...........R....
044192 00 00 00 00 00 00 03 01 00 03 04 01 00 4B 02 00 .............K..
044208 00 01 00 00 00 00 00 00 00 [COLOR="Red"][B]ED 09 D4 0D 00 1B[/B][/COLOR] 00 ................
044224 00 [COLOR="red"][B]00[/B][/COLOR] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044256 00 00 00 00 00 00 00 00 88 00 01 00 E1 02 00 00 ................
044272 03 01 00 03 04 01 00 53 11 00 00 10 00 00 00 00 .......S........
044288 00 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 .......0..."....
044304 01 00 03 04 01 00 64 02 00 00 01 00 00 00 00 00 ......d.........
044320 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 01 ......0...".....
044336 [COLOR="red"][B] 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]1F 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 00 00 ................
044352 00 [COLOR="red"][B]39 50 D4 0D 00 1B[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 00 00 00 .9P......"......
044368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044400 88 00 01 00 E2 02 00 00 03 01 00 03 04 01 00 1E ................
044416 11 00 00 10 00 00 00 00 00 00 00 C6 15 9D 06 30 ...............0
044432 0A 00 00 0B 00 00 00 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]6A 11[/B][/COLOR] ..............j.
044448 00 00 [COLOR="red"][B]10 [/B][/COLOR]00 00 00 00 00 00 00 [COLOR="red"][B]09 00 00 00 80 1B[/B][/COLOR] ................
044464 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 00 00 00 00 00 00 00 00 00 00 ..".............
044480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044528 00 00 00 00 00 00 00 00 88 00 01 00 E3 02 00 00 ................
044544 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]51 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 .......Q........
044560 00 00 00 [COLOR="red"][B]09 00 00 00 00 1B[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 03 ..........."....
044576 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]06 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 00 ................
044592 00 00 [COLOR="red"][B]33 50 D4 0D 00 1B[/B][/COLOR] 00 00 00 00 00 00 00 00 ..3P............
044608 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Generated by wxHexEditor
Here's the 6th Block:
Before:
Code:
048352 7F 00 13 00 14 88 00 13 00 14 56 03 13 F0 62 86 ..........V...b.
048368 00 13 00 14 52 03 13 F0 62 8B 00 13 00 14 3D 00 ....R...b.....=.
048384 64 F0 00 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 d..A.d....d....d
048400 F0 00 78 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 ..x.d....d....d.
048416 10 46 00 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 .F.d....d..|.d..
048432 C0 01 64 F0 10 72 00 64 F0 10 D3 01 64 F0 10 06 ..d..r.d....d...
048448 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 10 48 00 .d....d....d..H.
048464 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 00 00 00 d....d....d.....
048480 88 00 01 00 D8 13 01 00 7F 00 13 00 14 88 00 13 ................
048496 00 14 56 03 13 F0 62 86 00 13 00 14 52 03 13 F0 ..V...b.....R...
048512 62 8B 00 13 00 14 3D 00 64 F0 00 41 00 64 F0 00 b.....=.d..A.d..
048528 D5 01 64 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 ..d....d..x.d...
048544 03 64 F0 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 .d....d..F.d....
048560 64 F0 10 7C 00 64 F0 10 C0 01 64 F0 10 72 00 64 d..|.d....d..r.d
048576 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 01 64 F0 ....d....d....d.
048592 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 64 F0 10 ...d..H.d....d..
048608 B6 01 64 F0 10 00 00 00 88 00 01 00 D9 13 00 00 ..d.............
048624 CB 01 64 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 [email protected]
048640 00 64 F0 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 .d....d....d....
048656 64 F0 10 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 d....d..z.d....d
048672 F0 10 D1 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 ....d....d..o.d.
048688 10 4B 00 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 .K.d..C.d..?.d..
048704 09 01 64 F0 00 0F 01 64 F0 00 44 00 64 F0 00 71 ..d....d..D.d..q
048720 00 64 F0 10 39 00 64 F0 00 BB 01 64 F0 10 FC 00 .d..9.d....d....
048736 64 F0 00 0E 01 64 F0 00 C7 01 64 F0 10 00 00 00 d....d....d.....
048752 88 00 01 00 D9 13 01 00 CB 01 64 F0 10 63 00 64 ..........d..c.d
048768 F0 10 76 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 [email protected]
048784 10 F9 00 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 ...d....d....d..
048800 7A 00 64 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 z.d....d....d...
048816 01 64 F0 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 .d..o.d..K.d..C.
048832 64 F0 00 3F 00 64 F0 00 09 01 64 F0 00 0F 01 64 d..?.d....d....d
048848 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 00 64 F0 ..D.d..q.d..9.d.
048864 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 64 F0 00 ...d....d....d..
048880 C7 01 64 F0 10 00 00 00 88 00 01 00 DA 13 00 00 ..d.............
048896 0C 01 64 F0 00 3B 00 64 F0 00 BA 01 64 F0 10 42 ..d..;.d....d..B
048912 00 64 F0 00 C2 01 64 F0 10 79 00 64 F0 10 74 00 .d....d..y.d..t.
048928 64 F0 10 6F 02 00 F1 10 95 02 00 F1 10 A1 02 03 d..o............
048944 02 27 7F 02 03 02 27 EC 00 03 02 27 5C 03 03 02 .'....'....'\...
048960 27 42 03 03 02 27 3D 00 64 F0 00 41 00 64 F0 00 'B...'=.d..A.d..
048976 D5 01 64 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 ..d....d..x.d...
048992 03 64 F0 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 .d....d..F.d....
049008 64 F0 10 7C 00 64 F0 10 C0 01 64 F0 10 00 00 00 d..|.d....d.....
049024 88 00 01 00 DA 13 01 00 0C 01 64 F0 00 3B 00 64 ..........d..;.d
049040 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049056 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049072 95 02 00 F1 10 A1 02 03 02 27 7F 02 03 02 27 EC .........'....'.
049088 00 03 02 27 5C 03 03 02 27 42 03 03 02 27 3D 00 ...'\...'B...'=.
049104 64 F0 00 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 d..A.d....d....d
049120 F0 00 78 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 ..x.d....d....d.
049136 10 46 00 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 .F.d....d..|.d..
049152 C0 01 64 F0 10 00 00 00 88 00 01 00 DB 13 00 00 ..d.............
049168 72 00 64 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 r.d....d....d...
049184 01 64 F0 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 .d....d..H.d....
049200 64 F0 10 B6 01 64 F0 10 CB 01 64 F0 10 63 00 64 d....d....d..c.d
049216 F0 10 76 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 [email protected]
049232 10 F9 00 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 ...d....d....d..
049248 7A 00 64 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 z.d....d....d...
049264 01 64 F0 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 .d..o.d..K.d..C.
049280 64 F0 00 3F 00 64 F0 00 09 01 64 F0 00 00 00 00 d..?.d....d.....
049296 88 00 01 00 DB 13 01 00 72 00 64 F0 10 D3 01 64 ........r.d....d
049312 F0 10 06 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 ....d....d....d.
049328 10 48 00 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 .H.d....d....d..
049344 CB 01 64 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 [email protected]
049360 00 64 F0 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 .d....d....d....
049376 64 F0 10 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 d....d..z.d....d
049392 F0 10 D1 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 ....d....d..o.d.
049408 10 4B 00 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 .K.d..C.d..?.d..
049424 09 01 64 F0 00 00 00 00 88 00 01 00 DC 13 00 00 ..d.............
049440 0F 01 64 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 ..d..D.d..q.d..9
049456 00 64 F0 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 .d....d....d....
049472 64 F0 00 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 d....d....d..;.d
049488 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049504 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049520 95 02 00 F1 10 FF FF FF FF FF FF FF FF FF FF FF ................
After: (color coding still in progress - manual process)
Code:
048352 [COLOR="Red"]70 02[/COLOR] 13 [COLOR="red"]F0 62 B3[/COLOR] 00 13 00 14 [COLOR="red"]B8 00 [/COLOR]13 [COLOR="red"]00 14 44[/COLOR] p...b..........D
048368 [COLOR="red"]03[/COLOR] 13 00 14 [COLOR="red"]40[/COLOR] 03 13 [COLOR="red"]00 14 B1[/COLOR] 00 13 00 14 [COLOR="red"]B5[/COLOR] 00 [email protected]
048384 [COLOR="red"]13 00 14 BC[/COLOR] 00 [COLOR="red"]13 00 14 75 02 13[/COLOR] F0 [COLOR="red"]62 72 02 13 [/COLOR] ........u...br..
048400 F0 [COLOR="red"]62[/COLOR] 78[COLOR="red"] 02 13 [/COLOR]F0 [COLOR="red"]62 B7 00 13 00 14 B9 00 13 00[/COLOR] .bx...b.........
048416 [COLOR="red"]14 B0[/COLOR] 00 [COLOR="red"]13 00 14 73 02 13[/COLOR] F0 [COLOR="red"]62 46 03 13 00 14[/COLOR] ......s...bF....
048432 3A 03 13 00 14 79 02 13 F0 62 BD 00 13 00 14 43 :....y...b.....C
048448 03 13 00 14 41 03 13 00 14 3F 03 13 00 14 3E 03 ....A....?....>.
048464 13 00 14 39 03 13 00 14 BA 00 13 00 14 00 00 00 ...9............
048480 88 00 01 00 D8 13 01 00 70 02 13 F0 62 B3 00 13 ........p...b...
048496 00 14 B8 00 13 00 14 44 03 13 00 14 40 03 13 00 [email protected]
048512 14 B1 00 13 00 14 B5 00 13 00 14 BC 00 13 00 14 ................
048528 75 02 13 F0 62 72 02 13 F0 62 78 02 13 F0 62 B7 u...br...bx...b.
048544 00 13 00 14 B9 00 13 00 14 B0 00 13 00 14 73 02 ..............s.
048560 13 F0 62 46 03 13 00 14 3A 03 13 00 14 79 02 13 ..bF....:....y..
048576 F0 62 BD 00 13 00 14 43 03 13 00 14 41 03 13 00 .b.....C....A...
048592 14 3F 03 13 00 14 3E 03 13 00 14 39 03 13 00 14 .?....>....9....
048608 BA 00 13 00 14 00 00 00 88 00 01 00 D9 13 00 00 ................
048624 B6 00 13 00 14 38 03 13 00 14 3C 03 13 00 14 B4 .....8....<.....
048640 00 13 00 14 7C 02 13 F0 62 AF 00 13 00 14 45 03 ....|...b.....E.
048656 13 00 14 7B 02 13 F0 62 74 02 13 F0 62 7F 00 13 ...{...bt...b...
048672 00 14 88 00 13 00 14 56 03 13 F0 62 86 00 13 00 .......V...b....
048688 14 52 03 13 F0 62 8B 00 13 00 14 3D 00 64 F0 00 .R...b.....=.d..
048704 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 F0 00 78 A.d....d....d..x
048720 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 10 46 00 .d....d....d..F.
048736 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 00 00 00 d....d..|.d.....
048752 88 00 01 00 D9 13 01 00 B6 00 13 00 14 38 03 13 .............8..
048768 00 14 3C 03 13 00 14 B4 00 13 00 14 7C 02 13 F0 ..<.........|...
048784 62 AF 00 13 00 14 45 03 13 00 14 7B 02 13 F0 62 b.....E....{...b
048800 74 02 13 F0 62 7F 00 13 00 14 88 00 13 00 14 56 t...b..........V
048816 03 13 F0 62 86 00 13 00 14 52 03 13 F0 62 8B 00 ...b.....R...b..
048832 13 00 14 3D 00 64 F0 00 41 00 64 F0 00 D5 01 64 ...=.d..A.d....d
048848 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 03 64 F0 ....d..x.d....d.
048864 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 64 F0 10 ...d..F.d....d..
048880 7C 00 64 F0 10 00 00 00 88 00 01 00 DA 13 00 00 |.d.............
048896 C0 01 64 F0 10 72 00 64 F0 10 D3 01 64 F0 10 06 ..d..r.d....d...
048912 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 10 48 00 .d....d....d..H.
048928 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 CB 01 64 d....d....d....d
048944 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 00 64 F0 [email protected]
048960 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 64 F0 10 ...d....d....d..
048976 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 F0 10 D1 ..d..z.d....d...
048992 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 10 4B 00 .d....d..o.d..K.
049008 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 00 00 00 d..C.d..?.d.....
049024 88 00 01 00 DA 13 01 00 C0 01 64 F0 10 72 00 64 ..........d..r.d
049040 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 01 64 F0 ....d....d....d.
049056 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 64 F0 10 ...d..H.d....d..
049072 B6 01 64 F0 10 CB 01 64 F0 10 63 00 64 F0 10 76 ..d....d..c.d..v
049088 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 10 F9 00 [email protected]
049104 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 7A 00 64 d....d....d..z.d
049120 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 01 64 F0 ....d....d....d.
049136 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 64 F0 00 .o.d..K.d..C.d..
049152 3F 00 64 F0 00 00 00 00 88 00 01 00 DB 13 00 00 ?.d.............
049168 09 01 64 F0 00 0F 01 64 F0 00 44 00 64 F0 00 71 ..d....d..D.d..q
049184 00 64 F0 10 39 00 64 F0 00 BB 01 64 F0 10 FC 00 .d..9.d....d....
049200 64 F0 00 0E 01 64 F0 00 C7 01 64 F0 10 0C 01 64 d....d....d....d
049216 F0 00 3B 00 64 F0 00 BA 01 64 F0 10 42 00 64 F0 ..;.d....d..B.d.
049232 00 C2 01 64 F0 10 79 00 64 F0 10 74 00 64 F0 10 ...d..y.d..t.d..
049248 6F 02 00 F1 10 95 02 00 F1 10 A1 02 03 02 27 7F o.............'.
049264 02 03 02 27 EC 00 03 02 27 5C 03 03 02 27 42 03 ...'....'\...'B.
049280 03 02 27 3F 00 64 F0 00 09 01 64 F0 00 00 00 00 ..'?.d....d.....
049296 88 00 01 00 DB 13 01 00 09 01 64 F0 00 0F 01 64 ..........d....d
049312 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 00 64 F0 ..D.d..q.d..9.d.
049328 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 64 F0 00 ...d....d....d..
049344 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 F0 00 BA ..d....d..;.d...
049360 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 10 79 00 .d..B.d....d..y.
049376 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 95 02 00 d..t.d..o.......
049392 F1 10 A1 02 03 02 27 7F 02 03 02 27 EC 00 03 02 ......'....'....
049408 27 5C 03 03 02 27 42 03 03 02 27 3F 00 64 F0 00 '\...'B...'?.d..
049424 09 01 64 F0 00 00 00 00 88 00 01 00 DC 13 00 00 ..d.............
049440 0F 01 64 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 ..d..D.d..q.d..9
049456 00 64 F0 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 .d....d....d....
049472 64 F0 00 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 d....d....d..;.d
049488 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049504 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049520 95 02 00 F1 10 FF FF FF FF FF FF FF FF FF FF FF ................
OP I have been in contact with Spock12 on this thread he might be able to help out if he can find a US & Varients on ebay for cheep...
Hopeful he can get this work it would be Fantastic for us > US & Variants GS3 I747- I747M
Waiting that somebody posts it's nvram dump (or that I find a device), did you try to make another dump of your nvram and compare it once again with those you already have ? It might help to discriminate some areas found by the first diff.
Edit : Also I've seen a thread called "free SIM unlock n7105", seems that a hidden Samsung menu allows note 2 unlocking. As its really easy to use, perhaps somebody should ask them to make a nvram dump before/after so that we have more material to work on (assuming the simlock is located in the same place)
i have to ask. what is the point of unlocking a phone ? should i have mine unlocked ?
sedwards1969 said:
i have to ask. what is the point of unlocking a phone ? should i have mine unlocked ?
Click to expand...
Click to collapse
So that you can put another carrier SIM in your phone. Mine is locked to at&t so if I travel abroad I can't use another service. Further more, if I sell it, I can only offer to other at&t users which reduces it's value.
Sent from my SGH-T999 using Tapatalk 2
This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium
thatsupnow said:
This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Doesn't work.
Maybe it will work when we get JB update on Monday.
Sent from my SGH-I747M
thatsupnow said:
This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Wanted to report in this thread that the above link sim unlocked my att i747. I tried numerous sims and was never prompted for the sim unlock code. I tried a verizon sim, tmobile sim, simple mobile sim. Great find !!! Thank you. I believe that it is important to follow instructions to the t. It says "wait 30 seconds" at one point and "wait one minute" at another. Just my two cents and confirmation.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
yulet said:
Doesn't work.
Maybe it will work when we get JB update on Monday.
Sent from my SGH-I747M
Click to expand...
Click to collapse
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium
thatsupnow said:
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
I re-flashed TELUS ROM, didn't work. Then I tried stock AT&T ROM, same result.
thatsupnow said:
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Yes. Im on stock LH9. Worked for me.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
I tested before proccedure and got the "enter unlock code" then after...I had data and voice. I tried 2 sims. One tmobile and the other a simple mobile. I even stuck in a verizon sim and had 4 bars on unknown network but in service. This was in Yuma Az.
Hi, my LG G4(H815) stuck in download model(always boot in too DOWNLOAD MODE) its on MM.
The LG Bridge find it as H815, but LGUP see it as "unknown, COM 5, SUPEREXE 6.0", on phone screen is "633A BXX"
in linux after lsusb its show as 1004:633A.
Anyone can help me?
Sorry for my english.
LGUP LOG
________________________________________________________________
Intel(R) Active Management Technology - SOL (COM3)
[14:40:54] Find 1 LGE AndroidNet USB Serial Port (COM5)
[14:40:54] CBasicComControl:pen, the port(COM 5) is constructed successfully => HANDLE : 0x28c
[14:40:54] CPort:penPort() Success. Port number is 5
[14:40:54] [T000003] 41 54 0D AT.
[14:40:55] CBasicCom::SendRecvPacket, PACKET_ERROR code = 1460 Msg => [14:40:55] [T000005] EF 00 16 65 7E ...e.
[14:40:56] [R000007] EF 00 00 05 00 AD 7E .......
[14:40:56] [T000005] EF A0 1C C0 7E .....
[14:40:57] [R000150] EF A0 00 02 00 00 00 4C 47 2D 48 38 31 35 00 00 00 53 55 50 45 52 58 45 20 36 2E 30 00 00 00 00 .......LG-H815...SUPERXE.6.0....
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 33 35 39 38 37 32 30 36 36 33 38 36 34 34 31 00 ................359872066386441.
00 00 00 00 41 1E 41 6E 64 72 6F 69 64 00 00 00 36 2E 30 00 00 00 00 00 00 00 30 30 30 30 30 30 ....A.Android...6.0.......000000
30 30 30 30 30 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 00 00 00000......................0....
00 00 00 00 00 4F 50 45 00 00 00 00 00 00 00 00 00 00 00 CC 38 7E .....OPE............8.
[14:40:57] CComPort::ClosePort, Closed Port Successfully for COM 5
[14:40:57] CBasicComControl::Close, the port(COM5) is closed successfully
_______________________________________________________________________
nekus said:
Hi, my LG G4(H815) stuck in download model(always boot in too DOWNLOAD MODE) its on MM.
The LG Bridge find it as H815, but LGUP see it as "unknown, COM 5, SUPEREXE 6.0", on phone screen is "633A BXX"
in linux after lsusb its show as 1004:633A.
Anyone can help me?
Sorry for my english.
LGUP LOG
________________________________________________________________
Intel(R) Active Management Technology - SOL (COM3)
[14:40:54] Find 1 LGE AndroidNet USB Serial Port (COM5)
[14:40:54] CBasicComControl:pen, the port(COM 5) is constructed successfully => HANDLE : 0x28c
[14:40:54] CPort:penPort() Success. Port number is 5
[14:40:54] [T000003] 41 54 0D AT.
[14:40:55] CBasicCom::SendRecvPacket, PACKET_ERROR code = 1460 Msg => [14:40:55] [T000005] EF 00 16 65 7E ...e.
[14:40:56] [R000007] EF 00 00 05 00 AD 7E .......
[14:40:56] [T000005] EF A0 1C C0 7E .....
[14:40:57] [R000150] EF A0 00 02 00 00 00 4C 47 2D 48 38 31 35 00 00 00 53 55 50 45 52 58 45 20 36 2E 30 00 00 00 00 .......LG-H815...SUPERXE.6.0....
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 33 35 39 38 37 32 30 36 36 33 38 36 34 34 31 00 ................359872066386441.
00 00 00 00 41 1E 41 6E 64 72 6F 69 64 00 00 00 36 2E 30 00 00 00 00 00 00 00 30 30 30 30 30 30 ....A.Android...6.0.......000000
30 30 30 30 30 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 00 00 00000......................0....
00 00 00 00 00 4F 50 45 00 00 00 00 00 00 00 00 00 00 00 CC 38 7E .....OPE............8.
[14:40:57] CComPort::ClosePort, Closed Port Successfully for COM 5
[14:40:57] CBasicComControl::Close, the port(COM5) is closed successfully
_______________________________________________________________________
Click to expand...
Click to collapse
Solved
I borrow LG G2, i used it to launch lgup, but i nees to replace dll file to one from g4 pack, next i plug g4 and change com port to one is used by g2, and turn off com port g2, and start refurbished, and now my g4 is live again