Related
Tools needed: smali, baksmali (google them), a JDK, and an extracted factoryfs.rfs from an éclair ROM.
(If you don't have a linux machine to mount an .rfs file to a directory never forget that your device has linux on it, so it can actually mount the .rfs file to a directory)
First collect the files you need from factoryfs.rfs:
/app/AxT9IME.apk
/app/AxT9IME.odex
/lib/libXt9core.so (this is actually the same file that's inside the apk)
/lib/libDHWR.so
/framework/android.policy.odex
/framework/core.odex
/framework/ext.odex
/framework/framework.odex
/framework/services.odex
Copy all the odex files into the same directory as baksmali is. Disassemble it with:
java -jar baksmali.jar -x AxT9IME.odex
This should create an out directory, with the disassembled, and deoptimized files. Now reassemble them, with smali:
java -jar out
This should create an out.dex file. Rename it to classes.dex, and put it into the AxT9IME.apk (don't be fooled by the extension, it's a simple zip file)
Now copy the following files to your phone:
AxT9IME.apk --> /system/app
libXt9core.so --> /system/lib
libDHWR.so --> /system/lib
Remove the following files:
/system/app/AxT9IME.odex
/system/lib/libdhwr.so (this is lowercase. The above was uppercase. Case does matter!)
Now try to enable the samsung keyboard. If everything goes well then you can now use the old keyboard.
-----
Alternatively if you needed the keyboard from the XWJM8 version, you can download the result files from here: http://android.sztupy.hu/dl/SamsungKeyboardFroyo.zip
Thank you
can I use this method in order to replace framework.jar/framework.odex from another build?
JHJP4 support proper BIDI (for Hebrew/Arabic and other RTL languages)
And how do we do the opposite? Want 2.44 on eclair =)
Should work the same
omrij said:
Thank you
can I use this method in order to replace framework.jar/framework.odex from another build?
JHJP4 support proper BIDI (for Hebrew/Arabic and other RTL languages)
Click to expand...
Click to collapse
No, framework.jar is too much different between eclair and froyo. You can only port simple applications (in /system/app) this way.
dupel said:
And how do we do the opposite? Want 2.44 on eclair =)
Click to expand...
Click to collapse
It would only work if the new keyboard doesn't use anything FroYo specific (like gesture support, or enhanced multitouch support). If it does use froyo specific api functions it will break under eclair.
sztupy said:
No, framework.jar is too much different between eclair and froyo. You can only port simple applications (in /system/app) this way.
Click to expand...
Click to collapse
Both frameworks are from Froyo
just different version
JP4 framework has proper BIDI support
omrij said:
Both frameworks are from Froyo
just different version
JP4 framework has proper BIDI support
Click to expand...
Click to collapse
If framework.jar changes then all pre-optimized files (odex) have to be reoptimized (the same way as the tutorial above shows), and even after that it might not work...
hi can I ask a few questions. I don't know much about these complicated things, but I will try my best.
can we collect files you asked us from factoryfs, through root explorer.
you asked to copy file with capital letters to phone and then asked to remove same file name with small letters. can one directory have two files with same name?
and finally how would we copy files to the phone?
thanks.
Sent from my Nexus One using Tapatalk
pitsyapa said:
hi can I ask a few questions. I don't know much about these complicated things, but I will try my best.
can we collect files you asked us from factoryfs, through root explorer.
you asked to copy file with capital letters to phone and then asked to remove same file name with small letters. can one directory have two files with same name?
and finally how would we copy files to the phone?
thanks.
Sent from my Nexus One using Tapatalk
Click to expand...
Click to collapse
You can use rootexplorer to transfer the files to /sdcard modify them on the PC, tran transfer them back from /sdcard to their location.
thanks I really appreciate your help can I ask you another simple question. I have downloaded jdk.
and installed it. how do I use these commands to disessemble, java jar. is there any special java prograame. thanks.
thanks v much. problem solved. ported urdu keyboard from eclair to jpk. thanks again.
How do I know which files from /lib do I need to replace?
I'm trying to use contacts apk from other froyo rom
So, I tried the above instructions, and all I get is errors with bksmali, but i get the out directory, then when I run smali, it get another bunch of errors, but no out.dex. Any help would be amazing.
I haven't tried any of this other than trying to just install the AxT9IME.apk which obviously didn't work. I can enable it but trying to switch to it or access its settings instantly resorts in a force closure.
What I don't think I've seen mentioned is whether or not the end result of this allows you to have both the 2.2 and the 2.1 keyboards. Could anyone clarify for me if you get both or just the 2.1 keyboard in the end?
Lastly, would it be possible for someone to write an app (downloadable via market) for this keyboard for any android version? Because that'd be pretty awesome.
It'd be nice if it didnt create an app-drawer icon, but I wouldn't mind as Go Launcher allows me to hide unwanted apps.
I honestly like the 2.2 keyboard, but the 2.1 one (with its 4 pages) has symbols in on it that I have seen no where else, which is pretty cool and why I'm wanting it.
SystemFS\User\MultiStage\Contents.xml
You could extract this file from *.FFS or grab from handset.
Maybe some tweaking possible...
S5PC110_EVT1_UM10.pdf
2D Graphic Engine
− BitBLT
− Supports maximum 8000x8000 image size
Click to expand...
Click to collapse
<FileFormat>
<JPG>
<MaxFileSize value="4096000"/>
<MaxWidth value="5000"/>
<MaxHeight value="5000"/>
<ThumbNail>
<MaxWidth value="1280"/>
<MaxHeight value="1024"/>
</ThumbNail>
</JPG>
There are more infos in this file...
<MaxInstallCount>
<NativeApp value="100"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
</AStore>
</Contents>
</SDP>
Check out, maybe interesting or helpfull.
Best Regards
I already tryed to increase the max. resolution to 8000x8000px for jpg a week ago but it didnt worked
This file exists 2 times and I flashed them correctly to the wave (tested with sTunes after flash), the limits seems to be set somewhere else...
The image sizelimit is also higher than 4096000 byte (or what it is) - about 10 mb.
I would have liked to tweak this setting to 200 or more and see but unfortunately there are not that many good apps to install.
<MaxInstallCount>
<NativeApp value="300"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
Btw, what does this Java value mean ? Could it be that it controls whether to show icon in Menu or not ?
SystemFS\User\MultiStage
User\MultiStage
@ st0rmi
Thanks.
Yes, via sTune this file is twice.
It seems writeprotected files are most in folder SystemFS... as Backup.
If you check via TriX Firmware files. Then Contents.xml is in *.FFS... maybe edit before flashing. Then changes in both files on handset.
Not tested yet...
@ rex4u
At the moment I have nothing changed in this file, so no idea what happens.
Maybe soon few tests...
Best Regards
@adfree: Yeah thats what I have done
I just used sTunes to copy the contents.xml back to my pc and view if the edited xlm are really on my phone because it didnt worked...
@adfree
No bro' I was offering my own suggestions to this configuration file.
It might allow us to install more than 100 apps in phone and show in Menu.
Second it might show Java apps icons in Menu.
My 2 cents
xml parser
please help me
a want to parser punker xml data base.
rex4u said:
I would have liked to tweak this setting to 200 or more and see but unfortunately there are not that many good apps to install.
<MaxInstallCount>
<NativeApp value="300"/>
<NativeWidget value="50"/>
<JavaApp value="-1"/>
</MaxInstallCount>
Btw, what does this Java value mean ? Could it be that it controls whether to show icon in Menu or not ?
Click to expand...
Click to collapse
it's into the 'app counter' field, '-1' may be means 'unlimited' number of java apps installable, but I haven't read yet the whole xml... anyway if it is editable it's an interesting thing..
I saw that file a while ago while looking for something inside my phone (very special thing that made me to copy the whole phone)
there is a lot of interesting things but i never tried tweaking it
Maybe if someone have enough knowledge to add few new extensions and test them
Also removing some stupid limits would be awsome
Sorry i've no time to test that with you guys but would appreciate results
Best Regards
You dont need modif ffs or other just use pfs file to modif what you want and in real time direct phone flash pfs file and not have write protect problem
Just says Thank
Example file : dont give attention of boot img cause i dont take time to do it in 800x480 but its 400x240 then its make bug but with pfs file you can upload anything you want to change !!!
Good hack !!!
Maybe with this you can create dual boot or i dont know what a pro smoker can do, you can also try to put her rc2 or rc1 directory i dont try it !!!
Download example, in this one you can see SystemFS and Registry directory, off course you can put her all directory you want to flash pfs, using trix to modified or wave remaker more faster :
https://rapidshare.com/files/809973956/Circle.pfs
An idea its like you can make your one firmware with personal Widget installed and other idea welcome....Just take file registry and Widget folder on phone and put it on PFS
i can not open new thread
i went to parser an xml file with structure like this.
<?xml version="1.0"?>
<node1>
<node2>
<node3>
<node4>
<node5>
text
</node5>
</node4>
</node3>
</node2>
</node1>
Click to expand...
Click to collapse
As I have no bada handset with 240 x 400 Pixel.
But I wish we could better work together.
Please I need whole folder System. This is content of *.RC1 file.
So no private data.
See here what I mean:
http://forum.xda-developers.com/showpost.php?p=12532416&postcount=14
It could be. That during Security you have to set few different Settings to make it work... Read Manuals. See here:
http://forum.xda-developers.com/showpost.php?p=13304045&postcount=11
Thanx in advance.
Best Regards
adfree said:
As I have no bada handset with 240 x 400 Pixel.
But I wish we could better work together.
Please I need whole folder System. This is content of *.RC1 file.
So no private data.
See here what I mean:
http://forum.xda-developers.com/showpost.php?p=12532416&postcount=14
It could be. That during Security you have to set few different Settings to make it work... Read Manuals. See here:
http://forum.xda-developers.com/showpost.php?p=13304045&postcount=11
Thanx in advance.
Best Regards
Click to expand...
Click to collapse
Hey adfree, i can provide you with firmware files of Wave-525(S5253) and Wave-533...but the problem is I dont find any System folder...SystemFS and SystemCSC only. Check the attached thumbnail.
The folders have to be unlock first.
With QuB for instance:
http://forum.xda-developers.com/showpost.php?p=12436452&postcount=1
Thank you very much.
Best Regards
here are those files
download/897320551c9b4d13
please add zshare.net/
(not enough post)
here are the files that you are looking for mr adfree.. its taken from my 525...
Very good.
Thanx screwdriv
First look.
- folder Menu is empty
- ColorTbl.rsb is same like S8500 use...
I'll investigate deeper. Need more time... tomorrow I'll upload S8500 XXJL2 System folder. So we have something to compare.
Thank you very much.
Best Regards
hidden games into s5250
hi all i have see that in my s5250 there is a folder named hidden games that i have see with tk file explorer with inside subfolder googlemaps, messenger, palringo but inside telephone i don't see this app into menu there is a method to start that application?
path of folder inside telepfone is s5250:AppEx\SysDefault\Java\Hidden Games
escuseme for my english
ilverovarano said:
hi all i have see that in my s5250 there is a folder named hidden games that i have see with tk file explorer with inside subfolder googlemaps, messenger, palringo but inside telephone i don't see this app into menu there is a method to start that application?
path of folder inside telepfone is s5250:AppEx\SysDefault\Java\Hidden Games
escuseme for my english
Click to expand...
Click to collapse
Messenger and Palringo are available in IM menu option, while the google maps are run from the google widget included...
Thanx ho1od
http://forum.xda-developers.com/showpost.php?p=14272780&postcount=97
With WaveRemaker we can now easily extract all files from RC1 files. Short tested also with:
S5250
S5330
S7230
Any news about S5780?
Firmware?
Release date?
Best Regards
I found into shp folder *.so files and I want to ask if we can edit them
because I want to see what have in the files
OpEuroIME.so and OpEuroIMESetting.so
HEX Editor... expect not tooo much.
This leads to this...
http://forum.xda-developers.com/showthread.php?t=1294406
But we could investigate, if this or other files about language is in arabic S8600...
Best Regards
.so are equivalents to .dll libraries which you can find in Windows. They contain almost only machine code.
And you cannot edit them, because these are digitally signed, first you'd have to bypass integrity&sign check mechanisms.
Some one using Linux can try this program please?
http://www.fileinfo.com/extension/so
Not to edit, but if it was possible at least to read .so file?
you can see GCC compiler in SDK files....of course if you have it
"SDK Path"\Bada\2.X.X\Tools\Toolchains\ARM\arm-bada-eabi\bin\gcc.exe
You can see this in the readme file too
The executables in this directory are for internal use by the compiler
and may not operate correctly when used directly. This directory
should not be placed on your PATH. Instead, you should use the
executables in ../../bin/ and place that directory on your PATH.
Click to expand...
Click to collapse
So any ideas about a DEcompiler
This is just a compiler that make .so files....Maybe non-compressed ones only too
Best Regards
ML90 Did you try to see so file with SDK?
Because I never used it
There is nothing to see in there
You can use gce2elf plug-in for trix to decompress .so files from bada 2.0 and the files will be converted to elf files that were available in bada 1.2 FWs before
S8600 .so files can't be decompressed until now !
There is no way to compress files back yet !
As i say these files can contain pure code and no pics or any stuff like that as they are compiled from .O libraries files used by C/C++ apps
We need the real experts to come back and help us
Best Regards
Thanks for your answer.
Even if we got pure c++ code perhaps we should be able to see what for exemple setting.so file call on other file firmware... that was my idea
After I know we can not rebuild a file, but it's just to have some more infos that should be usefull?
After I know we can not rebuild a file...
Click to expand...
Click to collapse
This is not 100 % correct...
*.so files are signed... So Security is main problem...
To modify or to rebuild is only problem of skills...
If "Android boys"... ...
See here:
*.so files are also known in Android world...
http://forum.xda-developers.com/showpost.php?p=23559274&postcount=15
Android use folder lib with *so files...
Maybe good chance to find some source... if these files also open source...
But again.
Break first Security check, then you can modify *.so files... depend on your brain.
But at the moment Dead ends...
Smart skilled users on ""holiday""... or missing in action...
First "safe" attempt to remove Security Check:
apps_compressed.bin...
Compression Algo needed... as you have no full access in compressed BINary...
If Bootloader checks *.so files... maybe FOTA could help...
To break RSA 2048...
I hope few of our smart Devs come back to bada Hacking.
To search and find *.so sources in Android world is not useless...
Maybe it helps to better understand.
Best Regards
hi,
editing is not a problem - we dont need to compress gce back - similar situation to rc1/qmd image (gce is light weight qmd version)
Happy to see you there Kubica, we realy need your knowledge
Bada have no big interest if we can't custom firmware (thanks to samsung ).
Someone could post and edited so file please? it's just to see relation with others files in the firmware.
editing is not a problem - we dont need to compress gce back - similar situation to rc1/qmd image (gce is light weight qmd version)
Click to expand...
Click to collapse
Thanx b.kubica
Attached is DEcompressed Admin.so from S8500 XXKK5 as example...
With Help of TriX easy task.
Thanx again.
Here we can see (if we want) Codes as TEXT Strings...
http://forum.xda-developers.com/showthread.php?t=1154945
Prior in bada 1.x they were located in apps_compressed.bin... now in this Admin.so...
In theory we could edit few Codes to harder combos... like:
*#1234567#
But how remove or "rebuild" GeneralSoInfo.so.sig Integrity check
Vodafone branded Firmware or S8600 for instance uses few different Codes... sometimes...
Maybe this could 1 of our first modified *.so file, if someone break *.so Security check.
Thanx.
Best Regards
adfree said:
if someone break *.so Security check.
Click to expand...
Click to collapse
done
b.kubica said:
done
Click to expand...
Click to collapse
How
simple 1 byte patching
later I will post more info
On bada 1.x
Better on XXJEB, other not tested yet...
Only first 4 KB are signed...
If you change something at higher address... above 0x1000
See here:
http://forum.xda-developers.com/showpost.php?p=25255252&postcount=47
Big thanx mijoma
Now I will check again XXLC1... bada 2...
Anyway.
Big thanx b.kubica
My Preconfig Code is now:
*#1234567*#
Best Regards
---------- Post added at 11:27 PM ---------- Previous post was at 11:09 PM ----------
I can confirm... bada 2 on XXLC1 has improved Sig Check...
But now no problem anymore.
Thank you very much b.kubica
Best Regards
apps code:
Code:
// pseudo C
unsigned int AppPkgSvcRequest ( ... )
{
unsigned int action = *(struct field ptr);
switch ( action )
{
/* ... */
case 6:
/* check signature ;) */
break;
case 7:
/* ... */
}
}
assembled code:
Code:
patt: [B]06[/B] 28 3F D0 07 28
mask: FF FF 00 00 FF FF
replace first byte with anything grater than 7 and you'll know what are we talking about
Thank you very much b.kubica
For easy test... Code change in Admin.so:
http://forum.xda-developers.com/showpost.php?p=23127738&postcount=54
Now we could for instance play with Dolfin.so ... Browser.
I need more time to find something usefull.
Best Regards
Someone can explain please? I don't get it
very simply mod - Radio without earphones connected
from LA1 but should works on similar too.
Well, I just found where all the icons are stored. It's HSMenuItem.rbm in the RSRC1 file (folder RSRC/BMP/Black). If we could edit this, we could finally add helpful Java applications with the right (or selfmade!) icons.
Now, we can open and view rbm files in Wave Remaker, but is there also any way to edit them?
http://forum.xda-developers.com/showpost.php?p=27474504&postcount=119
Try to find Pics of same Format... maybe you can replace them.
At the moment no new Pics possible...
Best Regards
adfree said:
http://forum.xda-developers.com/showpost.php?p=27474504&postcount=119
Try to find Pics of same Format... maybe you can replace them.
At the moment no new Pics possible...
Best Regards
Click to expand...
Click to collapse
So, you already tried replacing? I noticed, same resolution, bpp, metod and mode don't necesarily mean same file size - so these files might be compressed. I then took a look at them using a hex editor and saw repeating structures inside which shouldn't be there in a compressed file. Duh...
Is Wave Remakers source code available? Cause, if it is, we could learn how these pictures are read.
http://forum.xda-developers.com/showpost.php?p=27236146&postcount=609
I have finished the routine QM_WCodec_1st_encode
Click to expand...
Click to collapse
ho1od is working on Compression Algo. :good:
Best Regards