I need the meid locations for basband 2.15.00.0808. I don't uderstand the winhex way how you have the offset and have to add this to that. Thanks
jcthelight said:
I need the meid locations for basband 2.15.00.0808. I don't uderstand the winhex way how you have the offset and have to add this to that. Thanks
Click to expand...
Click to collapse
I think you forgot your flamesuit
fenixjn said:
I think you forgot your flamesuit
Click to expand...
Click to collapse
What do you mean?
jcthelight said:
I need the meid locations for basband 2.15.00.0808. I don't uderstand the winhex way how you have the offset and have to add this to that. Thanks
Click to expand...
Click to collapse
Hey man I just woke up with a super hangover.. once I can stare at my laptop w/out the feeling of death coming over me ill be more then glad to help haha.. what stage are you at in meid retreival?.. (let's try and stay away from any meid mod talk.. retreival- cool, mod- no bueno)
Sent from my Random, old but still kickin, Epic 4g
j7jman said:
Hey man I just woke up with a super hangover.. once I can stare at my laptop w/out the feeling of death coming over me ill be more then glad to help haha.. what stage are you at in meid retreival?.. (let's try and stay away from any meid mod talk.. retreival- cool, mod- no bueno)
Sent from my Random, old but still kickin, Epic 4g
Click to expand...
Click to collapse
The esn is done. I just just need addresses for meid retreival. Would you rather pm? Thanks. I was at work when you responded.
How To Calculate your meid or esn addresses using Winhex
jcthelight said:
The esn is done. I just just need addresses for meid retreival. Would you rather pm? Thanks. I was at work when you responded.
Click to expand...
Click to collapse
its cool.. I dont know the addresses for your radio, but I can help you find them heres some steps you can take to help you calculate the address:
After you open your scan results with winhex
-do a search for your meid in reverse, with no spaces. Make sure you check the "list search hits" box. It should list the locations of the results at the top.
-there's gonna be an offset number to the left of it, you can click on it and it changes, click it so it shows the an offset number that contains letters.
-Open up the windows calculator and make sure it's in "HEX" mode.. it usually starts up in "DEC" mode.
- If you did a searched, lets say "00FA-0000" for example, in cdma ws, your gonna want to take your offset number and add it to your original search location.. for example 00FA0000 with no dash.
-You'll come up with a result like this-
*example- 00FA0000+4EDC2C= 148DC2C which would be 0x0148DC2C
-Just add 0x0 or 0x00 (depending on the length of your result number) in front of it.
-Do this for all the other locations & there you go, you have your addresses
I hope that helps
j7jman said:
its cool.. I dont know the addresses for your radio, but I can help you find them heres some steps you can take to help you calculate the address:
After you open your scan results with winhex
-do a search for your meid in reverse, with no spaces. Make sure you check the "list search hits" box. It should list the locations of the results at the top.
-there's gonna be an offset number to the left of it, you can click on it and it changes, click it so it shows the an offset number that contains letters.
-Open up the windows calculator and make sure it's in "HEX" mode.. it usually starts up in "DEC" mode.
- If you did a searched, lets say "00FA-0000" for example, in cdma ws, your gonna want to take your offset number and add it to your original search location.. for example 00FA0000 with no dash.
-You'll come up with a result like this-
*example- 00FA0000+4EDC2C= 148DC2C which would be 0x0148DC2C
-Just add 0x0 or 0x00 (depending on the length of your result number) in front of it.
-Do this for all the other locations & there you go, you have your addresses
I hope that helps
Click to expand...
Click to collapse
Says 0 found.
jcthelight said:
Says 0 found.
Click to expand...
Click to collapse
did you click the binoculars with "hex" below them.. because you have to click the ones w/out "hex" below them.. meaning your not supposed to search for specifically hex values
j7jman said:
did you click the binoculars with "hex" below them.. Because you have to click the ones w/out "hex" below them.. Meaning your not supposed to search for specifically hex values
Click to expand...
Click to collapse
so search for text it says search at the top then search for hex or text values. i tried both and got nothing.
00FB:55AC
00FD:6968
00FE:1524
015F:0F2C
015F:0F38
017C:AED0
018F:31AC
0190:3438
01D6:6D47
01D8:06C1
Baseband 2.15.00.0808
Software 4.53.651.1
I need one more. meid locations for baseband 2.15.00.0808
-----------------------------------------------------------------------------
meid
0x01D6D444
0x00FB55AC
0x00FD6968
0x00FE1524
0x015F0F2C (2X)
0x015F0F38
0x01903438
0x01D66D47
0x01D806C1
0X017CAED0
0X018F31AC
0X1903438
0x017CAE7C
esn
0x017A0FA4
0x01D5F0F0
0x01D5FC49
0x01D6A4C3
0x017CAA1C
0x017CAE7C (2X)
0x017D1338
0x0188E6BC
0x0127ECCC
0x0157ED2F
0x0157ED62
0x015FBD48
0X00FE681C
0x00FD3DC8
0x00FD3DC8
cheers
0x01d6b701
I dont understand what I must be missing. I have the ESN fixed and as well only missing the MEID. When I scan I only find three locations. I have found others with web searching but still missing some. What REALLY stumps me is from what I can tell I have the exact same set up as the original poster but have NONE of the same ESN or MEID locations. Someone PLEASE point me to what I am missing This is what I have posted below:
MEID:
0x00FD:6960
0x00FB:55AA
0x00FE:1524
0x00FE:1520
0x015F:0F2C
0x0190:3438
0X017C:AED0
0X018F:31AC
Phone Details:
OS - 2.3.3
SW Version - 4.53.651.1
Radio Version - 2.15.00.0808
PRL - 33789
PRI Version - 2.15_009
does anyone have anymore meid locations for 2.15.00.0808?
havieri23 said:
does anyone have anymore meid locations for 2.15.00.0808?
Click to expand...
Click to collapse
Just use the method for the EVO 3d it works great and in 5 mins.
Sent From My HTC EVO On Boostmobile
jcthelight said:
Just use the method for the EVO 3d it works great and in 5 mins.
Sent From My HTC EVO On Boostmobile
Click to expand...
Click to collapse
keep getting "error 222: invalid argument" when trying to copy file 0 and 1943 from nvm directory from phone to desktop
I have another EVO I put on boost no problem... But the usb port broke and screen got smashed... I got another one with the new 2.3.3 gb which I just flashed swag on on it. I have bandbase 2.15.00.0808 with the esn zeroed. But having problems with the meid... I tried to downgrade bandbase to 2.15.00.15.11 and 2.15.00.09.01 but still having problems zeroing and can't downgrade any further to do qmat. I have done a scan and search for meid location but when I enter the location the meid appears to the right of the screen but not where I can edit the hex. I am about strung on this for the last 3 days so any help or advice will be greatly appreciated. I don't have internet at home so if someone could talk me through this over the phone would be great. I have cws 2.7 qpst and qxdm. Or if someone could give the locations other than listed above. Thank you and I am willing to donate once my EVO is on boost.
Hardware 0004
Android bedding 2.3.3
Bandbase 2.15.00.0808
Software 4.54.651
havieri23 said:
keep getting "error 222: invalid argument" when trying to copy file 0 and 1943 from nvm directory from phone to desktop
Click to expand...
Click to collapse
Make sure the overwrite box is checked.
robskilz said:
I have another EVO I put on boost no problem... But the usb port broke and screen got smashed... I got another one with the new 2.3.3 gb which I just flashed swag on on it. I have bandbase 2.15.00.0808 with the esn zeroed. But having problems with the meid... I tried to downgrade bandbase to 2.15.00.15.11 and 2.15.00.09.01 but still having problems zeroing and can't downgrade any further to do qmat. I have done a scan and search for meid location but when I enter the location the meid appears to the right of the screen but not where I can edit the hex. I am about strung on this for the last 3 days so any help or advice will be greatly appreciated. I don't have internet at home so if someone could talk me through this over the phone would be great. I have cws 2.7 qpst and qxdm. Or if someone could give the locations other than listed above. Thank you and I am willing to donate once my EVO is on boost.
Hardware 0004
Android bedding 2.3.3
Bandbase 2.15.00.0808
Software 4.54.651
Click to expand...
Click to collapse
Use the EVO 3D method works great.
Unbelievable how easy that was.... Way easier then my last one.... Thanks a lot.... Now to call and get this error 16 taken care of
---------- Post added at 05:22 AM ---------- Previous post was at 05:16 AM ----------
havieri23 said:
keep getting "error 222: invalid argument" when trying to copy file 0 and 1943 from nvm directory from phone to desktop
Click to expand...
Click to collapse
I had the same problem when copying from the phone just grab the file and drop it on your desktop. But when you go to put the edited file back on the phone use the copy from pc option
Related
i updated to gb2.3 and now all the old meid locations dont work /... can some point me in the right direction thank you ...
the radio updated 2.15.00.05.02
please help thank you
Cen some one help me with this please ....
ive been up all night trying to scan meid .. locations but no go ... cdma 2.7 get ups to 75 % and reboots the phone ...
some one eraseed all the guides that were up last month ....
memory tab scan and i get this
Scanning memory for readable areas:
Unreadable area from: 0000:0000
Readable area from: 00FA:0000
Unreadable area from: 0100:0000
Readable area from: 0109:0000
Unreadable area from: 01DC:0000
Process is stopped at: C000:0000
but what do i do next ...... i scan starting 00fa:0000
and what do i put for ending and bytes
If you have s-off, downgrade the radio and use the old locations
Start 00fa end 00ff /
Start 0108 end 01d9
(Quick search on Google)
im not rooted
sucks im not rooted ...and cant change the raido
gb 2.3
if anyone has gb 2.3 stock and can scan for there meid locations it would help alot.. thank you scan with cdma workshop
ok im going nuts
I can't seem to find any Meid locations through cdma ws 2.7.all the guides. Seem to have disappered from all the local threads . Can some one pm me or send me a link to a guide or some thing thanks
????????????
??????????????????
I have only been able to find eight meid locations for the new EVO 2.3.3 update. Google DFS Cdma tool. It's free, you dont have to pirate it and it scans memory and reads just fine. If anyone finds more locations, I would be interested in knowing them. Thanks in advance!
Is there a market version of either program or at least one for mid locations because all I have is my phone currently and would like to help
Sent from my EVO 4G using XDA App
I have looked for a market application I can install that would make it easy to find the meid locations but I could not find any. So far the best method for scanning meid locations is to scan with a program like 1.CDMAWorkshop or DFS CDMA Tool 2. Write your memory scans to a bin file 3.Open up a hex editor and look for the reverse Meid and Esn.
I have done this and have been able to zero out the esn but not the meid. I think I'm missing one location for the meid
It sucks! I totally wanna get my evo up and running
post the meid locations .. i have the esn locations which are
ESN addresses:
00FD:2DC8
00FD:4694
00FE:581C
00FF:581C
0127CCC
015F:AD48
0179:FFA4
017C:9A1C
017C:9E7C
017D:0338
01886BC
01D6:4473
the smile faces are D
for gb 2.3.3
finally getting some traction
update
so unless we have access to cdma 3.5 we are **** out of luck can some one concurr
Like someone said earlier, downgrade your radio. If you are getting reboots while scanning you are going out of range. You need to find the exact ranges for your phone perhaps. My phone had memory addresses outside of the typical range everyone posts.
i think i need a root
i dont think i can down grade with out root ....?
found some meid lerned how to scan
jraz305 said:
post the meid locations .. i have the esn locations which are
ESN addresses:
00FD:2DC8
00FD:4694
00FE:581C
00FF:581C
0127CCC
015F:AD48
0179:FFA4
017C:9A1C
017C:9E7C
017D:0338
01886BC
01D6:4473
the smile faces are D
for gb 2.3.3
Click to expand...
Click to collapse
found some meid locations any one want to contribute
MEID
0X00FB45A0
0X00FD5960
0X00FE0520
0X0015EFF30
0X0015EFF20
0X0015EFF30
0X0017C9ED0
0X0018F21A0
0X001902430
0x00cd3f39
0x001d63e30
0x0018f2280
0x001d63e40
i need more meid ...
some scan for the missing meid ...
so any one wanna scan for the meid locations
Sometimes when you flash a new radio, or you mess around in QPST you can break your data. Whats behind the breakage you may ask? Its your AAA and HA shared secrets.
A little background information:
The HA key is what gets you 1x data on your carrier. This is carrier specific, however is NOT phone specific. This could be google'd if you really required it.
The AAA key:
This IS device specific, you cant google it. Its connected to your account, and the way to get it is not what some consider easy. This is what gets you EVDO speeds, with out it you are stuck on 1x. If you call your carrier they will not give it to you either.
Continuing on to more information...
We will need a few tools to backup the keys, some free some not.
Team BlueRidge Sense 2.1 (it contains proper apps for using DM PORT)
QPST (free find it online)
CDMA Workshop (the demo should be fine, you could also borrow it)
HTC DIAG drivers (Just google it and find the installation guide)
Time
A hex editor
Now for the fun.... (If something seems too vague, google it)
First, we must get msl, use the app MSL Reader in the market.
Now, dial ##PORT# on the you will get a menu, hit enable, and then
go ahead and enter your MSL.
Now, lets open QPST, set up the phone, and go to EFS in the services tab of QPST
Now in EFS, make a folder called "open sesame door" without quotes all lower case in the root directory of the file system
reboot your phone
Now---- Open CDMA workshop and connect to the com port of your phone
Lets do memory read here, see where stuff is
Readable area from: 013D:0000
Unreadable area from: 01EA:0000
Readable area from: C000:0000
Process is stopped at: C0F1:0000
That says, we can read 013D:0000 and C000:0000 Ill save you time and tell you we need to dump 013D:0000 however (for all vm ive seen)
So now, lets go back to cdma workshop (should be there already) and choose to read Memory, make sure eeprom is not checked
Start address will be 013D:0000 (what i mentioned earlier)
size 99999999
This will scan the phone and dump everything into a .bin
Lets get a snack while this dumps... It will take a while
_________________________________________________
Okay, now the thing is dumped, lets call this scan1.bin
Open this in hex now, and hit ctrl+f
search for the word "secret" No quotes of course
now (for vm) you will see vmug33k that is your HA key, the first one showed under secret is ALWAYS HA key
look down one line, whalla, your aaa key is right below. (BACK THIS UP email it to yourself take a picture, ect, DONT LOOSE IT EVER, YOU WONT GET IT BACK)
so now you have your keys backed up, i cant tell you what you can or cannot do with them, it is up to you the end user, however i cannot endorse flashing phones or any illegal activity. In the mannor I am providing this, it is to ONLY save your aaa key incase of a bad radio flash, if you ever find a leaked radio.
You're right Simon, you will not get that AAA secret back, better hope you have warranty if you lose it (i know from experience). Thanks for this.
On another note, do you know if their is a way to increase max speaker volume through qpst on this phone?
Does it allow you to write also?
What do you mean write?
To another device
Sent from my HTC_A510c using Tapatalk
You can but I can not say how as it's illegal in some cases. If you, the end user choose to, it is up to you. I can not endorse it, however, I can say, qpst is your friend
Sent from my HTC_A510c using Tapatalk
You say line below but that's a bit vague seeing as you don't say what offset length your using. Are you using 8, 10, 16 offset or what?
How long is the AKEY?
I'm a bit confused. I had it with QXDM but it doesn't work under Vista so I can't look it up the easy way.
Any help would be appreciated.
QXDM runs on Win7, don't know why it wouldn't on Vista... [the key is one must run it in XP compatibility mode]. That being said, the above tutorial references a tool in QPST [which doesn't require compatibility mode] called EFS Explorer; then switches to CDMA ware. It works as prescribed; no QXDM needed [QXDM didn't work for me attempting the easy way; doesn't display second set of info].
On specific question, if you open the dumped file in a hex editor [like HxD], you can visually see your aaa key after searching, as the tutorial suggests you do. I didn't need to put any offsets in my hex editor. You will find the aaa key to be 10 characters I believe for our phones [or more [[double that]] in binary].
Hope that helps; thanks for the tut Simon.
Rob
Sent from my PC36100 using Tapatalk 2
Hey, XDA-Devs I need some help. I been trying to use this tool to reinject my Imei because I lost it. I have no service, and btw I am not a developer or anything. The tool I was using is
[FIX/TOOL] Backup/Restore/Fix IMEI & Data Restore Tool v3.0 - Updated 11/01/2012!!!
and I am stuck at where It says
Click the Hex Check Box. The Hex values for your IMEI will consist of no more than 2 characters per a box and must match your IMEI or it will not take the values you enter. The IMEI is also listed in a special order so you must follow this guide to ensure your IMEI is correct.
The first box will always be an 8.
Example if your IMEI was: 954091051099226then the boxes would look like so:
8
9a
45
90
1
15
90
29
62
Click to expand...
Click to collapse
Lets say is my IMEI # (BTW Not my real #)
354420050240327
How can I enter it to the program. I need some help with that for example.
8
3a
44
.....
I don't know how to put the numbers in the correct positions.
DaveenJay said:
Hey, XDA-Devs I need some help. I been trying to use this tool to reinject my Imei because I lost it. I have no service, and btw I am not a developer or anything. The tool I was using is
[FIX/TOOL] Backup/Restore/Fix IMEI & Data Restore Tool v3.0 - Updated 11/01/2012!!!
and I am stuck at where It says
if you could help me with it that will be great.
Click to expand...
Click to collapse
Never ever post your imei on a post or anywhere infact. That's like the identity of your phone. Please remove it off your post. The guide that you got this info from will help you. Please read it again.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
<post removed; taken to PM>
I am flashing a sprint epic 4g touch to page plus. I got the voice and text part without any problem. However, after I used a donor phone to get PPP password and HA/AAA secrets. I could not write them in. Every time after wrote them using DFS trial version, reading will come back blank, no matter what I do. Anyone knows why and how to write them?
I could not write DMU 10.key using EFS explorer either. QPST EFS explorer could not even list the directory. After I created a DMU folder and dropped 10.key into the folder, the 10.key file would disappear every time after reboot. Any idea?
Any thoughts are much appreciated.
You can write to them I think, but you cannot read them, which is why they come up blank
random45 said:
You can write to them I think, but you cannot read them, which is why they come up blank
Click to expand...
Click to collapse
Thanks. Any idea about the DMU 10.key? The folder is there, but the file is definitely gone after reboot. I can drop another 10.key file into the folder, and change it to read only, still would be gone after reboot. Thanks.
Did you write the SLP and the samsung password before you tried to write things?
There is a lot of good info on this thread about porting the phone to other service.
It is very hard to read those keys, so if you are writing them you can use the DFS log to see if you are getting errors when you try to read them (if you are using dfs to write them...)
wizardknight said:
Did you write the SLP and the samsung password before you tried to write things?
There is a lot of good info on this thread about porting the phone to other service.
It is very hard to read those keys, so if you are writing them you can use the DFS log to see if you are getting errors when you try to read them (if you are using dfs to write them...)
Click to expand...
Click to collapse
Thanks. I'll read the posts in that link.
I was trying to change the spc/msl to 000000 and was supposed to make it like 303030303030 in hex but i made it 00000000000 in hex and now its set as NUL NUL NUL NUL. My question is i have another galaxy s3 with my spc/msl set at 000000 can i copy the nv item 85 from one phone and adb push it to another? Please if you can Help me ide owe you big time.:crying:
If the Device Boots, it is not " Hard Bricked " . Have you tried doing an ODIN back to Stock ?
prboy1969 said:
If the Device Boots, it is not " Hard Bricked " . Have you tried doing an ODIN back to Stock ?
Click to expand...
Click to collapse
yah but that didint do anything because the nv item 85 is in the efs partition. I think the only way to fix it is to buy dfs or cdma workshop. Then it may be possable to scan for the msl\spc and input the displayed lock code to then copy the correct nv item back. It was late and i was messing with it its my wifes phone lol.... mine is fine. Im sure i can prob. fix it because we have access to the bootloader. I dunno im kind of a noob at this. Dang crap is picky and not like windows. If it were a windows like os it would already be fixed lol. And Thanks For the Reply.....
I take it you are trying to Flash to PrePaid ? If you want the MSL you can check out THIS thread. Also the thread HERE may be of some assistance.
prboy1969 said:
I take it you are trying to Flash to PrePaid ? If you want the MSL you can check out THIS thread. Also the thread HERE may be of some assistance.
Click to expand...
Click to collapse
well i can do getprop and it says [ril.MSL] : [ ]
lol but i cant enter a blank password and all 000000 didnt work either
For the method I linked to work you have to be on an LJ7 Rom.
prboy1969 said:
For the method I linked to work you have to be on an LJ7 Rom.
Click to expand...
Click to collapse
i did all that already lol my problem is i made my nv 85 item (msl) null all ooooooooooo in hex when its supposed to be 30303030303030...or 000000 not in hex...so my spc and or msl is now null it might as well be deleted because without cdma workshop or dfs i cant access the locked sectors on the phone and when i do getprop ril.MSL in terminal emulator on the lj7 rom with the lg2 modem i get [ril.MSL]: [ ] which is just a space no numbers or anything. And as far as i know i need the msl to be able to copy over any nv items. But i cannot enter a space as password so i guess till i buy either cdma workshorp or dfs i cant fix it am i correct? Please Help Me Which is best solution???? And what is the best software to buy?
I'm going to say that CDMA Workshop is your best bet. As for where the best way to buy it. I would have to say Google is your friend.