QuB an mighty Tool for Samsung handsets - Bada Software and Hacking General

This Tool is amazing. Many features.
Source is here:
http://rk-team.net/showthread.php?11-%CD%EE%E2%FB%E5-%E2%E5%F0%F1%E8%E8-QuB
"Lesson 1"
Make hidden folders visible for research and Backup.
For instance folder System is the RC1 file, mounted into RAM...
Many Thanx RusEm and Team.
Best Regards

Hi thank you for this tool but it is only for "qualcomm" platforms i think (not sure). In s8500 qualcomm is only processor for calls.

QuB is designed for Samsung handsets.
This command is 100 % working on S8500 and U700, tested by me.
You have to select same COM Port like you would choose for File Manager...
No magic.
Then you have access to nvm folder, system folder and few more...
System folder is read only as it is the mounted RC1 file...
Best Regards

But... with this... what kind of researches could be done?

"Lesson 2"
Decrypt Firmware files, like:
apps_compressed.bin
and
boot_loader.mbn
Best Regards

adfree said:
"Lesson 2"
Decrypt Firmware files, like:
apps_compressed.bin
and
boot_loader.mbn
Best Regards
Click to expand...
Click to collapse
If you can decrypt bootloader... that's mean you're closer to install other os?
Ok, maybe the information given in "lessons" can cause more expectation
Waiting for lesson three!

does all these features run on trial mode???
or should i buy the app
there is no profile for s8500 why???
i know you are not the developer of the app adfree but i just wanted to put those questions

does all these features run on trial mode???
Click to expand...
Click to collapse
Yes.
Public solution.
Tested with QuB_public_v.0.3_001_beta.rar
Best Regards

@adfree: take a look at the screen, i got only question mark on the application. do you know what is the problem?? may be due to lang files ??

Main Language is Russian.
See Screenshot. Blue marked... then you see right Russian-> change into English.
Not all Text is translated.
Best Regards

wonderful new tool
-i am able now to view the files in the ram but don't know what to do with them
-after decryption of apps_compressed.bin i found out that i have a very little brain to modify in that file
i can't wait for lesson 3
thanks adfree and good luck

"Lesson 3"
apps_compressed.bin
Decompressed example from XXJL2 is here:
http://forum.xda-developers.com/showpost.php?p=12300153&postcount=17
Code:
Type : Unofficial Version
Number : 362
Builder : Administrator
Host : S1-AGENT05
Date : 2010/12/23
Time : 14:24:54
[B][COLOR="Red"]Size[/COLOR][/B] : 82576764 bytes
CheckSum : 0x32cdbee8
I was not able to decompress with QuB, maybe my fault...
Helpfull would be, to know which part is with CheckSum.
82576764 bytes
Best Regards

Really nice tool.
Setting FmSecureMode to off gives us the chance to see where everything is located and we can investigate and chang the files on the pc. now we need to find a way to get them back to the wave
Maybe with PfsDeleteList.txt / *.pfs ?
Also after reboot FmSecureMode is set to on again.
But we can already see where the fonts are located, that the sms viewer is html/css based like the one for email and any other messages (so we can easiely change layout, colors, font-size,...) and a lot of other things like replacing images etc.
When we get this working, nothing keeps us anymore from a fully customized bada

In combination of TkFileExplorer 2.4 you can see this.
Caution!
Renaming or other Directory Manipulation can lead to Bootcycle.
At your own risk.
http://forum.xda-developers.com/showpost.php?p=12515691&postcount=20
Thank you very much for posting Xenon.
Best Regards

yes indeed the tool works fine

adfree said:
Main Language is Russian.
See Screenshot. Blue marked... then you see right Russian-> change into English.
Not all Text is translated.
Best Regards
Click to expand...
Click to collapse
How did you get the s8500 otion in handset? I dont have it. Do you have a plugin for it?

How did you get the s8500 otion in handset?
Click to expand...
Click to collapse
I've made my own... but not all Settings... So it makes no sense to upload.
Best Regards

adfree said:
I've made my own... but not all Settings... So it makes no sense to upload.
Best Regards
Click to expand...
Click to collapse
Still can u please upload it? Its a kind request.

There is nothing special...
Make folder + S8500XXJL2.ini...
Folder is nearly empty... I've made an Logo.jpg with text.
But again. You NOT need it. As mandatory parameter are wrong or missing...
[Loader]
[PreConf]
[Patch]
...
1.
You can use S8500 or other not listed Samsung handsets like U700 with QuB. BUT not with all features...
2.
Many features NOT need attached handset...
Best Regards

Need help in decompressing Rc1 and Rc2 files. I see some tabs in Qub saying Rc1 and Rc2. Dont know how to use them to dump rc1 and rc2 files. And if I do, is there any way to upload them back like in trix. Or can you use trix to decompress rc1 and rc2 files? If yes, how? Help would be very much appreciated.

Related

apps_compressed.bin

With PSAS (only FULLversion) it is possible to "decompress" apps_compressed.bin for investigation.
It uses Algo:
TkToolVer:1.6.3
I don't know way to make own apps_compressed.bin.
As Multiloader for instance not accept decrypted apps_compressed.bin
As example some older apps_compressed.bin from S8500.
http://www.megaupload.com/?d=2JIKS8QD
Best Regards
u reache some limit bro........... cant download from RS........but good going
can u write a tutorial
so that other members too can find something
thanx!
gr8 gng mate
PSAS can only decrypt in Full Version.
Costs 30 Euro...
BUT I can upload via Request some decrypted files for study.
I'm not an Seller of PSAS nor I force you to buy PSAS.
But this is the only Tool I know, which decrypt these apps_compressed.bin and bootloader.mbn. Tested by me with:
S5250
S5330
S5750
S7230
S8500
S8530
http://forum.revskills.de/viewtopic.php?f=14&t=700
Wait few minutes. I will upload to megaupload... from S8500 as example.
Best Regards
Edit:
Download example apps_compressed.bin taken from S8500:
http://www.megaupload.com/?d=2JIKS8QD
Same as in first post.
So what did u get inside that?? What was compressed in layman terms pls.......
Expect not too much. Depend on knowledge...
Now file is "human readable"... Ready for Reverse engineering.
Minimum Requirement HEX Editor...
Then you can find Text like this:
Please receive DB2 by TkFileExplorer.exe !!primaryRecord
Click to expand...
Click to collapse
Remember where u saw TkFileExplorer.exe else...
You could search for Textstrings... like:
widget
bondi
.
.
.
So many things to explore.
Best Regards
hi guys I'm working on some bada's modding projects...
is it possible to have an example of uncompressed files?
thank you in advance
edit : I have now seen the uploaded uncompressed file...
I hoped it was more "human" readable...
http://www.megaupload.com/?d=PFWCKTGZ
This is from XXJID... bada 1.2 S8500 stuff.
Best Regards
adfree said:
But this is the only Tool I know, which decrypt these apps_compressed.bin and bootloader.mbn.
Click to expand...
Click to collapse
Hi,
could you upload the decrypted bootloader, too? Maybe someone here will find some exploitable code in that will help "jailbrake"-ing the system, or allow booting unencrypted OS (modified Bada or Android from Galaxy S for exmaple...)
TIA!
@ anghelyi
http://forum.xda-developers.com/showpost.php?p=10304951&postcount=3
Here I have attached some more things about Bootloader... some ELF files included... maybe "easier" for Reversing.
Best Regards
adfree said:
@ anghelyi
http://forum.xda-developers.com/showpost.php?p=10304951&postcount=3
Here I have attached some more things about Bootloader... some ELF files included... maybe "easier" for Reversing.
Best Regards
Click to expand...
Click to collapse
Thanks! I'll check it!
Little overview...
Best Regards
Hi adfree,
Can you say me the name of PSAS software please?
http://psas.revskills.de/
RevSkills is the new name of PSAS.
This feature only in registered Fullversion possible.
NOT in Trial Version.
Best Regards
Thanks but seems to be not compatible with windows 7 64 bits
Will try later, Have a good night adfree
look like that apps_compressed.bin contains a big secret
i flashed amss.bin file & apps_compressed.bin file from spoofable fw as an update for non spoofable fw and the result was getting a spoofable fw with its code name in the about phone menu but i lost all the updates made in the non spoofable fw
can anyone know where is the part in the app_compessed.bin that allow spoofed games run or not?????
To clarify:
I'm NOT support spoofing.
Prior files were not decompressed, "only" decrypted.
But now.
http://rapidshare.com/files/453882158/XXJL2decrypted_apps_decompressed.rar
File is from XXJL2.
Maybe we can find other usefull infos.
Best Regards
Now we can encrypt.
Thanx to ho1od
Any suggestions?
Mabye few things can be enabled or disabled...
TRUE can be found 600 x
FALSE over 700 x
Best Regards
I'm working on decompression QMD, thanks to mijoma
I was looking for the decompressed files of apps_compressed.bin (S8500XXJL2 and S8500XEKC1 only), but the link does not work.
If anyone (or you, adree) can decompress (not only decrypt) those files and upload them somewhere, that would be very kind/nice. Maybe I can work something out and if we are ever able to encrypt the files back, we may have a new better cleaned up version by that time.
Btw, thanks for the efforts, adree and ho1od.

Contents.xml

SystemFS\User\MultiStage\Contents.xml
You could extract this file from *.FFS or grab from handset.
Maybe some tweaking possible...
S5PC110_EVT1_UM10.pdf
2D Graphic Engine
− BitBLT
− Supports maximum 8000x8000 image size
Click to expand...
Click to collapse
<FileFormat>
<JPG>
<MaxFileSize value="4096000"/>
<MaxWidth value="5000"/>
<MaxHeight value="5000"/>
<ThumbNail>
<MaxWidth value="1280"/>
<MaxHeight value="1024"/>
</ThumbNail>
</JPG>
There are more infos in this file...
<MaxInstallCount>
<NativeApp value="100"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
</AStore>
</Contents>
</SDP>
Check out, maybe interesting or helpfull.
Best Regards
I already tryed to increase the max. resolution to 8000x8000px for jpg a week ago but it didnt worked
This file exists 2 times and I flashed them correctly to the wave (tested with sTunes after flash), the limits seems to be set somewhere else...
The image sizelimit is also higher than 4096000 byte (or what it is) - about 10 mb.
I would have liked to tweak this setting to 200 or more and see but unfortunately there are not that many good apps to install.
<MaxInstallCount>
<NativeApp value="300"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
Btw, what does this Java value mean ? Could it be that it controls whether to show icon in Menu or not ?
SystemFS\User\MultiStage
User\MultiStage
@ st0rmi
Thanks.
Yes, via sTune this file is twice.
It seems writeprotected files are most in folder SystemFS... as Backup.
If you check via TriX Firmware files. Then Contents.xml is in *.FFS... maybe edit before flashing. Then changes in both files on handset.
Not tested yet...
@ rex4u
At the moment I have nothing changed in this file, so no idea what happens.
Maybe soon few tests...
Best Regards
@adfree: Yeah thats what I have done
I just used sTunes to copy the contents.xml back to my pc and view if the edited xlm are really on my phone because it didnt worked...
@adfree
No bro' I was offering my own suggestions to this configuration file.
It might allow us to install more than 100 apps in phone and show in Menu.
Second it might show Java apps icons in Menu.
My 2 cents
xml parser
please help me
a want to parser punker xml data base.
rex4u said:
I would have liked to tweak this setting to 200 or more and see but unfortunately there are not that many good apps to install.
<MaxInstallCount>
<NativeApp value="300"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
Btw, what does this Java value mean ? Could it be that it controls whether to show icon in Menu or not ?
Click to expand...
Click to collapse
it's into the 'app counter' field, '-1' may be means 'unlimited' number of java apps installable, but I haven't read yet the whole xml... anyway if it is editable it's an interesting thing..
I saw that file a while ago while looking for something inside my phone (very special thing that made me to copy the whole phone)
there is a lot of interesting things but i never tried tweaking it
Maybe if someone have enough knowledge to add few new extensions and test them
Also removing some stupid limits would be awsome
Sorry i've no time to test that with you guys but would appreciate results
Best Regards
You dont need modif ffs or other just use pfs file to modif what you want and in real time direct phone flash pfs file and not have write protect problem
Just says Thank
Example file : dont give attention of boot img cause i dont take time to do it in 800x480 but its 400x240 then its make bug but with pfs file you can upload anything you want to change !!!
Good hack !!!
Maybe with this you can create dual boot or i dont know what a pro smoker can do, you can also try to put her rc2 or rc1 directory i dont try it !!!
Download example, in this one you can see SystemFS and Registry directory, off course you can put her all directory you want to flash pfs, using trix to modified or wave remaker more faster :
https://rapidshare.com/files/809973956/Circle.pfs
An idea its like you can make your one firmware with personal Widget installed and other idea welcome....Just take file registry and Widget folder on phone and put it on PFS
i can not open new thread
i went to parser an xml file with structure like this.
<?xml version="1.0"?>
<node1>
<node2>
<node3>
<node4>
<node5>
text
</node5>
</node4>
</node3>
</node2>
</node1>
Click to expand...
Click to collapse

Replace XXJL2's Dolfin Browser with XXJID's Dolfin Browser

The Dolfin browser in XXJL2 has a big annoying problem of bringing up the address bar every time we touch the screen...it even covers the top area of the browser window & makes browsing a real pain...XXJID had a much better browser? We could truly enjoy a fullscreen experience.
My question is, would it be possible to bring back the browser from XXJID to XXJL2?Or perhaps modify the dolfin browser on XXJL2 so that the address bar doesnot pop up every time we touch the screen? this would make a really good firmware. what do you guys think?
If we exactly identify file or files what Dolfin is.
Then maybe we can try to replace...
Modification seems to be much harder, because I think it is an *.so file protected by RSA 1024...
SystemFS\Osp...
Maybe...
Best Regards
Edit 1.:
As both Firmware seems bada 1.2...
Use TriX to extract ShpApp.app and compare files... maybe few are identical...
Textstring dolfin can be found 23 times in ShpApp.app... maybe it is the DLL...
adfree said:
If we exactly identify file or files what Dolfin is.
Then maybe we can try to replace...
Modification seems to be much harder, because I think it is an *.so file protected by RSA 1024...
SystemFS\Osp...
Maybe...
Best Regards
Click to expand...
Click to collapse
Thanx...i have no idea about such things but i'm sure you'll find a way..
It seems folder Exe with DLL is the Dolfin Browser...
Extract JID and JL2 with TriX... I think it was ShpApp.app...
Compare...
Best Regards
adfree said:
It seems folder Exe with DLL is the Dolfin Browser...
Extract JID and JL2 with TriX... I think it was ShpApp.app...
Compare...
Best Regards
Click to expand...
Click to collapse
Thanx for looking into it...if you can do it, it would be really helpful..
I will make few tests in the next 2 days...
Delete DLL in Exe folder to test if writeprotected... if I can not replace, so I need to make *.pfs file.
Maybe S8530 Browser can run...
We will see.
Best Regards
I think S8530's browser is the same as XXJL2 - so same problems...it would be better to look at XXJID's browser.
I will test XXJID first.
Test 1. on older Firmware...
- with sTune i've deleted Exe folder content
Result:
Wave Boot Cycle with empty folder Exe...
Test 2. with JL2 Firmware, delete + copy with sTune. Then I shut down.
Wave starts.
But if I press Internet Icon Wave restarts...
Test 3. next days... maybe Security too high... will try to inject via Firmware update...
Attention! Trying could lead to datalost. Only at your own risk.
Best Regards
This time. I used TriX to replace Exe folder from JID and flashed...
Failed. If I click on Internet Icon, handset restart too.
I know that Wave knows that Checksum is "wrong"... but I don't know.
Where else the MD5 Checksum from DLL is stored.
Only good news... MD5 Hash from MD5SUMS is the MD5 from whole file DLL00111104.DLL
Maybe this MD5 is somewhere in FFS stored...
Best Regards
Edit 1.
Looks like apps_compressed.bin checks Webkit DLL... this is bad...
How to identify Version Number of Dolfin?
Thanx in advance.
Best Regards
adfree said:
How to identify Version Number of Dolfin?
Thanx in advance.
Best Regards
Click to expand...
Click to collapse
you can check it on the phone itself....XXJL2 has version 2.2. just see the " about" on the phone's browser.
Thank you.
I checked short on my BOJE7 Firmware...
v2.0
On newer Firmware I can't start Browser on my handset. As no activated SIM...
Anyway.
I think this is too short. As several different Versions between JE7 and JL2.
v2.0
v2.1
v2.2
These are 3.
Maybe internal like this v2.2.123456789abcdefg... or maybe date...
Hmmm... open source stuff also ends with v2.2
http://opensource.samsung.com/reception/reception_main.do?method=reception_list&menu_item=mobile
Best Regards
MD5 Hash from MD5SUMS file is in apps_compressed.bin as Text.
Only chance to replace Browser is MD5 collision at this time:
http://www.mscs.dal.ca/~selinger/md5collision/
JL2 and above Firmware, Browser is with MD5:
0161ef314af63638b21796d8bec8a8ec
We need to modify DLL00111104.DLL to match this MD5 Hash.
This is very,very HARD, but not impossible.
Best Regards
wow look like you will reach to it
keep it up my friend
As I thought.
Identification via Screen is not exact enough... as my JE7 Browser shows also v2.0... but MD5 is different:
JE7 shows only v2.0
bb1580b40a3699cd888cf841714d53bd
JID shows also v2.0
1f7cb531bc7424ad71d96b9c6e8d7a33
JL2 shows v2.2
0161ef314af63638b21796d8bec8a8ec
We need more MD5 Hashs to increase chance...
Please help and look into folder EXE in file MD5SUMS, post first 16 Digits... and Firmware Version.
Best Regards
XEKC1 shows V2.2
0161ef314af63638b21796d8bec8a8ec
Thank you.
The important thing is to find other then 0161ef314af63638b21796d8bec8a8ec
At the moment we have 3 different MD5 Hashes.
I want to make an kind of "Rainbow table" to increase our "Lotto Game"...
I think this string is safe enough to Brute Force and not to destroy the DLL:
"""http://wap2.samsungmobile.com/test/tdev/wap/kishore/automatedtest.html"""
70 Byte of useless Text.
Step 1.
Change String +1
1ttp://wap2.samsungmobile.com/test/tdev/wap/kishore/automatedtest.html
Step 2.
Compute new MD5 Hash of new DLL
Step 3.
Take new MD5 Hash look into our Rainbow table
Step 4.
If new MD5 match our table, then Bingo for Test.
If not, then start at Step 1.
If someone could write such an Script...
Meanwhile we can collect as much as we can existing MD5 Hashes.
Best Regards
adfree said:
Step 4.
If new MD5 match our table, then Bingo for Test.
If not, then start at Step 1.
Best Regards
Click to expand...
Click to collapse
It is a bad idea
It is a bad idea
Click to expand...
Click to collapse
The only idea I have.
And with Tool or Script possible in few hours... maybe days.
If you have an better idea?
You could DECRYPT + DECOMPRESS apps_compressed.bin
Change the MD5 String...
COMPRESS and ENCRYPT to proper Format of apps_compressed.bin
If you can do this, then you are an genius.
Best Regards
It is a bad idea
Click to expand...
Click to collapse
Okay, you are right.
My fault.
1.
The DLL is like in real live only an part of an program...
So Dolfin main part is integrated in apps_compressed.bin...
2.
Funny, the checked MD5 String is in MD5SUMS only
If you replace only the DLL00111104.DLL the Browser seems to work.
You can use sTune for change.
BUT be warned.
I can not full test, as my SIM not active...
For instance other direction. On JID DLL from JL2 restart S8500...
If you have Debug Mode Middle or High, then you can see why, because some "Buffer problem for Font" or something similar...
If I do this on JL2 with JID DLL. Browser starts...
No idea about sideffects or improvements or not...
Thanx for enlight my little brain.
Best Regards
Edit 1.
Now also Restart...
Blue Screen with Write Access detected...
I give up for today.

Aio bada studio

All in One program Gui for Bada
Upload later for change...
Please, what is this?
I'll download, but I need more infos before install...
Thanx.
Best Regards
This is a collection of tools for bada
a screenshot form this program
please remove TriX from you package
Its not mine i dont know how remove it...
What's wrong whit you ?
we can edit rsrc1 file with this pack?
litebass2 said:
we can edit rsrc1 file with this pack?
Click to expand...
Click to collapse
yes RC1Extractor Current version: 0.3.0.0a (ALPHA) is integrated
martinklaus said:
yes RC1Extractor Current version: 0.3.0.0a (ALPHA) is integrated
Click to expand...
Click to collapse
but its not correct decompress and decrypt on S8500 and S8530 firmware, this one works fine on S5830.S5230...
Also in bundle you can use Extractor but not way to recompress...
Last WaveReMaker by Ho1od do it !
TriX is under developement - latest build you can always find at NokiX site - check my homepage link. This really pisses me off that someone says TriX doesn't work etc only because it uses program from unknown source. The second reason mentioned at the beginning is I'm still working on so the badastudio is permanently outdated (this also applies to Wave Remaker - 0.0.71 against 0.06 in badastudio)
Tigrouzen said:
but its not correct decompress and decrypt on S8500 and S8530 firmware, this one works fine on S5830.S5230...
Also in bundle you can use Extractor but not way to recompress...
Last WaveReMaker by Ho1od do it !
Click to expand...
Click to collapse
Yes but with waveremakr we can only decompress Rsrc1 and we cannot compress the files back and build rsrc1 file..
if I mistake tell me how to do it..
litebass2 said:
Yes but with waveremakr we can only decompress Rsrc1 and we cannot compress the files back and build rsrc1 file..
if I mistake tell me how to do it..
Click to expand...
Click to collapse
No way to recompress RC1 for the moment sorry, but this is the way easy to uncompress...
b.kubica said:
TriX is under developement - latest build you can always find at NokiX site - check my homepage link. This really pisses me off that someone says TriX doesn't work etc only because it uses program from unknown source. The second reason mentioned at the beginning is I'm still working on so the badastudio is permanently outdated (this also applies to Wave Remaker - 0.0.71 against 0.06 in badastudio)
Click to expand...
Click to collapse
Oh sorry i dont know about that, i understand. Then what about NokiX ?
NokiX is tool for modify N*kia ARM7TDMI based firmwares. TriX also was designed for N*kia phones but it's very flexible so we can use it with different file types (ELF, PE, mobile firmwares)
If the author really want to include TriX in badastudio he should add small web check feature and download latest build when needed
I 'm the badaStudio author...do you want to say me anything?
badaStudio has been released 1 mounth ago...
the last version of wave remaker was the 0.0.6,
i'm not a mentalist....
the next badaStudio release is for bada2.0 tool...
I have written that the program inside the AIO is property of his author...
TriX is yours... Good..
TriX is not mine - was written by g3gg0 and krisha
I mentioned before TriX is still under development so the statement 'the program inside the AIO is property of his author' is very convenient for you because you aren't responsible for nothing.
Some solution could be integrated 'wget' module to download fresh package from the web. I'm open for suggestions
I have written 'the program inside the AIO is property of his author'
for WinImage (commercial program), for HxD (commercial program) and for WinHex (other commercial program)...
the responsibility is always of those who use the software,
if they download software from unknown source...
TriX was updated when I compiled the first version of badaStudio and
for what I needed it always worked (others have tested badaStudio)...
if you want to develop badaStudio send me a PM ...
it is programmed in Visual Basic.Net

Play with me...

As now Certchain... signing is very easy with XadaXppsXignature.exe... for BOTH:
bada 1.x
AND
bada 2.x
It is possible to modify Binary *.exe from Apps.
Few ideas:
- Translation of some Apps...
- minor changes... maybe bug fixing...
First stupid test was to increase *.exe to learn more about memory handling... RAM...
But failed... as added 2 MB at end of ELF
Success with stupid text change...
Many more ideas... but for now limited by time... and skills...
Anyway. Limitation by RSA 1024 is gone... blown away.
Best Regards
Maybe I give an example...
kona.exe = Samsung Apps
Maybe now we could do some funny things with this app... for instance:
Remove dxmn forced Updates...
Samsung Apps is working very fine in older Firmware, with older Samsung Apps App...
I think kona.exe is very powerfull...
All I can say is Andromeda...
As we know, we can install more then 1 kona.exe ...
Best Regards
Sorry I cannot understand the relation of signing apps using this method and modifying exe files
would you mind explaining?
Sorry I cannot understand the relation of signing apps using this method and modifying exe files
would you mind explaining?
Click to expand...
Click to collapse
Are you able to modify Apps?
Especially *.exe ?
Now you can modify *.exe and ceate new HASH... you can sign this new *.exe file...
Also in bada 2...
Best Regards
NICE!!
I can't wait to see some good tweaks
Code:
[KONA][UTIL]Kona Version = 1.x.x
How to prevent annoying useless updates of Samsung Apps?
Any idea where Version is stored from kona.exe ?
Best Regards
probabely exe files are using a special compression
we should crack it !! ?
Any idea where Version is stored from kona.exe ?
Click to expand...
Click to collapse
Yes.
Harcoded and secured with RSA99999999... impossible to change.
Andromeda proofed.
You need text Editor... and...
Best Regards
As opera mini servers are blocked in our country , i want to replace the opera mini (bada version) servers with my custom servers
i found the strings in exe file like "http://mini5.opera-mini.net:80"
when i replace it with my own server "http://sanjesh.org.uk.to/cgi-bin/nph-proxy.pl/0A/http/mini5resource.opera-mini.net:80" and i signed the app with XadaXppsXignature.exe then i get error 0112 while installation with this method
what can i do?
or maybe i can change the exe while the app is installed via kies?
0112
Installation failed: Application manifest missing or invalid.
The application manifest file specifying the application metadata is invalid or missing.
Click to expand...
Click to collapse
Remember DCF files are encrypted... check Info folder...
Best Regards
Yeah your right, i forgot that
so any ideas how to edit opera mini?
cuz when i install it on my device it makes DCF files
how to prevent that or how to get rare files ?
r_22009 said:
Yeah your right, i forgot that
so any ideas how to edit opera mini?
cuz when i install it on my device it makes DCF files
how to prevent that or how to get rare files ?
Click to expand...
Click to collapse
Did You Read it Opera Mini Already Released For Upper Waves
http://forum.xda-developers.com/showpost.php?p=25604062&postcount=13
Yeah I did but i think you havent read my posts
the opera mini default servers are blocked in my country
so i want to replace the servers with my own servers
so i want to modify exe file
got it? any ideas?
r_22009 said:
Yeah I did but i think you havent read my posts
the opera mini default servers are blocked in my country
so i want to replace the servers with my own servers
so i want to modify exe file
got it? any ideas?
Click to expand...
Click to collapse
Sorry My fault.I didn't read All posts
hello r 220009
maybe other solution : opera mini exist also in java (6.5.26955 advanced jar and jad)
if you know how to modify and compress jar , you can try
good luck
I'm currently using java version with my own server
now i want to have native one
adfree i know I'm a dumb but this is important for me?
you have no ideas about this?
Please post Agent String..
So I could search... if time...
If wrong, what should I help you?
I am lazy now, not read all posts again...
Best Regards
a short summery for u:
i want to change the opera mini server as its blocked in my country
this is the original server "http://mini5.opera-mini.net:80" in exe file
this is the custom server which should be replaced "http://sanjesh.org.uk.to/cgi-bin/nph-proxy.pl/0A/http/mini5resource.opera-mini.net:80"
so how can i change this?
how can i get unsp*ofed files of opera mini (without DCF) for installing via this new method? or can i change the application while its installed via kies?
any ideas ?
On russian site has tutorial for breaking DCF while installing

Categories

Resources