I am going to unlock a MDA compact 3 with the imei-check unlocker and I was wondering if I could help to make a free unlock tool....

So which tools do I need...

Start here, and read the whole thread accurately:
http://forum.xda-developers.com/showthread.php?t=280819

So is this nice little Programm you developed in so many hard steps also capable of unlocking the new HTC Artemis (MDA Compact III)?? I would need to know that before bying such a nice device.
On the Homepage of the IMEI-Check the Artemis is cracked with the exact same programm you can download there, but i don't feel like paying for the Unlock key ^^ I read the whole Thread in the Hermes Forum but the Artemis isn't mentioned there, so i wonder if this C3v1Unlocker will work with this Key Unlock key you posted because this Key is surely computed for a Hermes based device... Answers appreciated :) And thanks for your Great work!

So is this nice little Programm you developed in so many hard steps also capable of unlocking the new HTC Artemis (MDA Compact III)??
no, it patches the Hermes radio will not be valid for Artemis... although should be a very similar patch, because both devices are quite the same.

i wonder if this C3v1Unlocker will work with this Key Unlock key you posted because this Key is surely computed for a Hermes based device...
The "unlock key" is only valid after patching the radio.

Ah, okay, i see. Is anybody already working on a Radio Patch for the Artemis? I imagine, if the Radio is patched, it should be possible to create a similar Program for the Artemis, once someone gets a key for his Artemis IMEI, or am i wrong with that?

I've been investigating about this, it is not correct what I said previously: the patched radio method used in Hermes or Universal will not work on Artemis.

On Artemis (and other OMAP based devices) the SIM & CID lock area is stored encrypted on Disk-on-Chip (DOC), on the first block of binary partition 1 which can be accessed with pdocread (http://wiki.xda-developers.com/index.php?pagename=XdaUtils%2Fpdocread.exe).

I guess imei-check reads this area and patches it (probably they have to load a "fake" bootloader in RAM first to get SecLevel=0, as they did with the activesync part of the Hermes unlocker).

I don't have Artemis and can't do much more, but if someone is interested in researching I will be watching this thread and try to help, so feel free to post tech questions here if you are serious about writing a free unlocker for the Artemis.

I am going to unlock a MDA compact 3 with the imei-check unlocker and I was wondering if I could help to make a free unlock tool....

So which tools do I need...

have you read this tread ? -> http://forum.xda-developers.com/showthread.php?t=274860

I have "reconstruct" what actually that utility do. Actually utility uses ITSME utilities to access phone, but on exactly adresses. First it reads some area form RADIO of the phone to the file. That area is 16K large and contains IMEI.
pdocread.exe -n 1 0x040000 0x4000 -b 0x4000 "pdocread.dat"

After that in temp file pdocread.dat at addresss 0x300C - 0x3013 is stored IMEI. One digit is for some CRC check, I think CRC8 but didn't check at all. So that "IMEI Wizard" changes IMEI in file pdocread.dat, calculates and changes CRC digit, and writes file back to the RADIO of the phone with command:

pdocwrite.exe -n 1 "pdocread.dat" 0x040000 0x4000 -b 0x4000

So simple and working.

When it doesn't work ? It doesn't work on new G4 phones, even WIZARD and PROPHET. It works on the same phones, but with old G3 chipset. And phone MUST be CID unlocked and RAPI enabled. The reason ultility fail to work on new G4 phones is that pdocwrite is not ready yet to work with that phones. I am looking for utility to change IMEI on P3300 (Artemis i think) or S200 (PROPHET) too.

The "older" HTC Devices can all be unlocked without changing the IMEI i think, there has to be a way to unlock this phone without changing the IMEI of the unit. Apart from the unlocking process being illegal already, changing the IMEI of a Celluar Phone is even worse ;) Maybe i got your post wrong and you do not intend to really change the IMEI, i dunno...

The "older" HTC Devices can all be unlocked without changing the IMEI i think, there has to be a way to unlock this phone without changing the IMEI of the unit. Apart from the unlocking process being illegal already, changing the IMEI of a Celluar Phone is even worse ;) Maybe i got your post wrong and you do not intend to really change the IMEI, i dunno...

I DO intend to change IMEI. Who do you think are ? My mother ? What's next ? To pull my ears ?

Yes, we ALL know consequences from changing IMEI. And we ALL read well-written topic about it >> IMEI changing is going to get you sore! (http://forum.xda-developers.com/showthread.php?t=276851). << Did you ?

And did you know that is some countries you just MUST to change IMEI to use your phone ? I will save your time for searching and point one of hundreds topics about this >> To all TURKISH fellows and others a must read story !!! (http://forum.xda-developers.com/showthread.php?t=274969) <<. And because of this I can't upgrade to better phone ... for now.

So .. if you don't offer anything constructive but just criticism - please, go to flame on some other topic. Or better - just shut up.

Kircho cool down and tell me something:)
I may be coming to Turkey early next year (January, maybe). Please confirm that roaming with my current provider for a week is no problem? Or do I have to carry my receipt?

kircho,
Probably you've been confused because the company that sells SIM-Unlocker for the Artemis is called "imei-check", but we were discussing about SIM-Unlock here, not imei-changing.

Lol, Kircho... how old are you??
I don't care what you do with you IMEI, believe me, i really don't! All i said is that i would love to have a method to disable SIM Lock without messing around with my units IMEI, thats all.
It was NO CRITICISM of your work, my knowledge with PDAs and Windows Mobile does not suffice to render any code to unlock a device and i am not flaming here. If this thing you figured out works for your device, thats cool and i am glad for you, i just wouldn't do it with my device, thats it...

Kircho cool down and tell me something:)
I may be coming to Turkey early next year (January, maybe). Please confirm that roaming with my current provider for a week is no problem? Or do I have to carry my receipt?

There is no problem with roaming. If your SIM card is issued by some forign operator like UK Vodafone or Dutch KPN - you can use any phone in Turkey with such card.

Pof
Do you know of a way to unlock extended rom on Artemis? I tried the wizard unlock. It appeared to work for a while but ultimately it has done strange things. The extended rom seems to be visible but not the files within...after a while even the visibility of extended rom is lost.

Thanks, a.

I again have a Artemis (dutch mda compact 3) and I can test with for 2 days...

Im gonna unlock it with the paid imei check software....

I have tried to enter bootloader but it won't enter...

How can I be helpfull to do make an unlock tool...

@apap: sorry I don't have an Artemis, and I don't know.

@thagangsta:

Have a look at this thread in order to understand how this was done in the Hermes:

Reverse engineering the HERMES imei-check unlocker (http://forum.xda-developers.com/showthread.php?t=280819)

The bootloader commands for the Hermes are explained in these wiki pages, someone should start researching Artemis bootloader and put the commands on the wiki, it is very similar to Hermes.


Hermes Bootloader Information (http://wiki.xda-developers.com/index.php?pagename=Hermes_BootLoader)
Hermes Radio Bootloader and AT command interpreter (http://wiki.xda-developers.com/index.php?pagename=Hermes_RadioBootLoader)


Some hints that may help you:

1. You can run the unlocker as many times as you want, it doesn't matter if you've already unlocked your device, the imei-check unlocker will behave the same.

2. In order for the USB monitor capture to be useful, you need to click on the "COMPLETE" tab and when you have captured it, export it as ANSI TEXT.

3. If the app fails (communication error) you need to create 2 admin users, 1 for running usb monitor and the other for running the unlocker. Use right click, "run as..." and then select the other admin user. You need to repeat this process several times until you can successfully get the log.

4. be careful on what you post here, as imei-check has intelectual property rights on their work. Do not "copy" their solution, but reimplement it in another way.

Just read the thread for the hermes unlocking. I'm not a complete noob but i'm still stunned by the technical data.
Removed a unformiliar program a week ago called "- -" after canceling a imeicheck upgrade (had no valid .unl file)
Reading "First the imei-check unlocker transfers a CAB file to the device via ActiveSync which installs an application named "- -", which contains at least MIGsoft LTD security certificate (used to sign the NBH file with the bootloader upgrade) and runs some other stuff like this (not completed):"

This must mean the unlockers of the hermes and the artemis work in the same way.

Main Questions are:
Is an unlock for the Artemis using imei-check able to use SuperCID?
Which bootloader can we use that is able to flash all roms?
Which code can we use for unlocking.

Edit
I've found an crack for themida secured files. POF You've stated that the .unl files are themida protected could some people post their unl files.


Could be an easy solution......

Removed a unformiliar program a week ago called "- -" after canceling a imeicheck upgrade (had no valid .unl file)
You can usb-sniff what is transfered over activesync without the need to pay for it, it is done before it requests .unl file. For sniff the rest of the process (which is done in bootloader mode without activesync) you need to pay for the unlocker.

This must mean the unlockers of the hermes and the artemis work in the same way.
Yes, they must be very similar.

Is an unlock for the Artemis using imei-check able to use SuperCID?
Yes, but it's not sticky (will loose it after 1st rom flash after applying unlocker). I have solution for this to make supercid sticky if you reverse the process.

Which bootloader can we use that is able to flash all roms?
Most probably the earliest shipped bootloader version. See to which version of bootloader imei-check unlocker downgrades your device when run with the proper key.

Which code can we use for unlocking.
You will see it when usb-sniffing the unlocker.

I've found an crack for themida secured files. POF You've stated that the .unl files are themida protected could some people post their unl files.
Available cracks for themida are for older versions... this is not the way to go for sure, I also investigated and got nowhere.
About .unl files I don't know... I said exe unlocker file is packed with themida, never looked at .unl myself, I think its pointless because usb-sniffing is easier.

Good luck! :)

Just used the monitor with the unlocker but i'm not able to understand what it does and don't have a .unl file.
Here is the logfile ftp://xdaupload:xda@ftp.xda-developers.com/Artemis/Mdacompac3_unlock_no_unl_file.ms2

Pof Could you help me further.

ms2 is not useful... export capture in ANSI text format please.

Edit -> Export and Save as type "ANSI Text files".

ms2 is not useful... export capture in ANSI text format please.

Edit -> Export and Save as type "ANSI Text files".

Done
The basic Printout

ftp://xdaupload:xda@ftp.xda-developers.com/Artemis/Mdacompac3_unlock_no_unl_file%20basic.txt

The Complete printout

ftp://xdaupload:xda@ftp.xda-developers.com/Artemis/Mdacompac3_unlock_no_unl_file%20complete.txt

Great capture Perjan! :)

They are using the exact same method as in the Hermes....

Now you can extract the transfered files from the capture (convert it from utf16 to latin1 for easy editing), to do this you have to figure out what is the activesync header and where the real content starts... examine the capture and it's easy if you look at the magic numbers for cab and exe files.

once you've cleaned up activesync headers manually you can take every byte (hex value) from the left column and convert it to char to make the binary, do not use the ascii part (right column) as the file will be unusable because of the initial conversion. I used this simple program to do this, combined witht he power of a shell script :)


int main () {
unsigned int c;
unsigned char aux[10];
int s=read(0,aux,4);
sscanf(aux,"%x",&c);
printf ("%c",c);
return 0;
}

PS: Do not post the extracted files here because it's imei-check copyrighted stuff.

Great capture Perjan! :)

They are using the exact same method as in the Hermes....

Now you can extract the transfered files from the capture (convert it from utf16 to latin1 for easy editing), to do this you have to figure out what is the activesync header and where the real content starts... examine the capture and it's easy if you look at the magic numbers for cab and exe files.

once you've cleaned up activesync headers manually you can take every byte (hex value) from the left column and convert it to char to make the binary, do not use the ascii part (right column) as the file will be unusable because of the initial conversion. I used this simple program to do this, combined witht he power of a shell script :)


int main () {
unsigned int c;
unsigned char aux[10];
int s=read(0,aux,4);
sscanf(aux,"%x",&c);
printf ("%c",c);
return 0;
}

PS: Do not post the extracted files here because it's imei-check copyrighted stuff.

Okee I'm a noob to programming, which programs do i need to convert the files and easy edditing?

What are the magic number as far as i could figure out its "MZ " --> "4D 5A 90" for exefiles and "MSCF" --> "4D 53 43 46 "for cabfiles.

Shell scripts????

make a great effort perjan & pof.I hope that the solution'll release soon.But why don't you use an IM chat 4 faster exchanging???

Shell scripts are like .bat files for windows, but in Linux... but it's ok I don't want to confuse you. You can do it in windows using another method, forget what I said previously.

You guessed right the magic numbers for CAB and PE Executables, only you need to know is that the filesize of the CAB file is included in the CAB header.

This is the magic number definition, first column is the offset in the file, second is the data type, 3rd is the data itself, 4th is description.

#------------------------------------------------------------------------------
# From Stuart Caie <kyzer@4u.net> (developer of cabextract)
# Microsoft Cabinet files
0 string MSCF\0\0\0\0 Microsoft Cabinet archive data
>8 lelong x \b, %u bytes
>28 leshort 1 \b, 1 file
>28 leshort >1 \b, %u files


Now let's see a CAB header:

4d 53 43 46 00 00 00 00 58 19 00 00 00 00 00 00 |MSCF....X.......|
68 00 00 00 00 00 00 00 03 01 01 00 03 00 04 00 |h...............|

At offset 0 you can see "4d 53 43 46 00 00 00 00" or "MSCF\0\0\0\0", this tells you it's a MS Cabinet file.

At offset 8 you can see "58 19" --> this is the size of the CAB, a four-byte value specified in little-endian byte order (lelong), this means it is "inversed" and you should read it as 1958 instead (flip the two bytes). But this is HEX, so you have to convert it to decimal, which means the cab size is 6488 bytes. (0x1958 hex == 6448 dec).

For the PE executable, you don't get the filesize in the header, so you'll have to figure out the length yourself. The PE executable is what makes the device jump to modified SPL placed in memory, if you extract it you need to run it with a parameter or it will hardreset your device.

Once you've separated all the files from the "rubbish" inserted by activesync between them, make it a whole block, remove the ascii decoded right column and paste it on an Hex editor (whinex for example) and save it in binary format. And you're done with extracting the transfered files!

Then you need to provide the unlocker a valid unlock file (.unl) and repeat the process you did for capturing the USB traffic. You can repeat the process as many times as you want, it doesn't matter if you don't get it at the first try: run the unlocker and capture again...

Hope my explanation is clear, but feel free to ask if it isn't :)

Just to let you know that we are cheering you on in your unlocking endeavor. Thans!

Then you need to provide the unlocker a valid unlock file (.unl) and repeat the process you did for capturing the USB traffic. You can repeat the process as many times as you want, it doesn't matter if you don't get it at the first try: run the unlocker and capture again...


Maybe thormdac could help us out by capturing the unlock with the .unl file. As i don't have one and he does...

I'll ask him.

Going to sort the cab files out tonight.

Here is my share

ftp://xdaupload:xda@ftp.xda-developers.com/Artemis/complete_unlock_log.rar

I hope it will be usefull...

Merry X-mass

err... I see a lot of activesync crap here, but not any bootloader command... are you sure this is a full capture? :confused:

imei-check guy spotted

trash deleted.....

err... I see a lot of activesync crap here, but not any bootloader command... are you sure this is a full capture? :confused:

Made a complete capture and a basic capture. but don't have a unl file.didn't. had time to investigate the file. Investing time in my girlfriend.

Pof as a moderator could you help me pursueading thormdac to make a capture an full ulocking proceidure..

GR pj

Made a complete capture and a basic capture. but don't have a unl file.didn't. had time to investigate the file. Investing time in my girlfriend.

Pof as a moderator could you help me pursueading thormdac to make a capture an full ulocking proceidure..

GR pj


My miniusb port has died (thanks to a brodit car holder (don't buy it)) takes 10 days to repair (t-mobile shop).

Made a complete capture and a basic capture. but don't have a unl file.didn't. had time to investigate the file. Investing time in my girlfriend.

Pof as a moderator could you help me pursueading thormdac to make a capture an full ulocking proceidure..

GR pj

howdy,

no need to ask anybody to help get me pursuaded---its just that i wasnt near either a computer nor near the internet over the christmas/new year period. we tried to catch some of the last snow before global temperature increase melts even the northpole to a fog!!!

since i find imeicheckers people really friendly having dealt with them...:mad: what do you need?

any news concerning the unlocking process?

push...

no news? no add needed?

push...

no news? no add needed?

There was some progress, the first demo version schredded the phone function of an artemis.
We are currently working on a new version. We are now waiting on a artemis to be shipped. If theres anybody who can't wait for the unlock and decides to buy one from imei-check.co.uk please contact me before using the unlock. We could use some more info.

If theres anybody who can't wait for the unlock and decides to buy one from imei-check.co.uk please contact me before using the unlock. We could use some more info.

Here I am ;) I received mine today and I don't want to wait (that's quite sad to have a phone like that and cannot be able to use it!)

I will buy an unlock code at imei this tuesday. Can you please tell me what should I do to help this community?

Here I am ;) I received mine today and I don't want to wait (that's quite sad to have a phone like that and cannot be able to use it!)

I will buy an unlock code at imei this tuesday. Can you please tell me what should I do to help this community?

Watch you private message box.

Looks like RKE has also found something.
http://forum.xda-developers.com/showthread.php?p=1102761#post1102761"

I have been working on unlocking the mda compact 3 today and have got it to work.

I need to test it on someone elses phone, if anyone wants to try this please let me know (only the T-mobile ROM)

Perhaps there is a chance to work together.

I just got MDA Compact III (T-Mobile).

I can't believe that I have made a stupid research!!
I never realize that this MDA CP III version on T-Mobile doesn't include WiFi!!! :'(

----------------------------

However, I am more than happy to test any unlocker or reverse IMEI or whatever..

Please advise

So, my phone is unlocked and working with the dopod ROM!

I tried to do as pof & Perjan told me... (I've been afraid, I tought that the 'align screen' didn't work....)

It's all fine now!

Hope this file will help!

What exectly have you done? :cool:

Here is what I did:

Taken lokiwiz0.3 to extract the necessary programs to do pdocreate commands (dump of some information before and after the unlock).

Then, done a dump of the usb traffic while the unlocking was functionning.

Finally, update the dopod ROM and stress because of my 'align screen' problem ;-)

Now, everyting is all fine and working perfectly! The dopod ROM have a lot of great softwares but, Transcriber doesn't work really good has it is in english and I'm writing in french...

Did you unlock your phone thru Imei-check? :rolleyes:

Yes, I did pay the 31,14€ and it worked really well.

I did what I could to help the team working on a free unlocking system...

If theres anybody who can't wait for the unlock and decides to buy one from imei-check.co.uk please contact me before using the unlock. We could use some more info.
Do you still need some information? Or is everything clear?
Because i need to get my phone working for another card until monday.

Perhaps Perjan has fried his Artemis,:confused: .

Or is this effort dead ?

Perhaps Perjan has fried his Artemis,:confused: .

Or is this effort dead ?

Artemis still workig fine... The problem is i'm doing exams. And actually the real crack working the case is Pof. I just try to assist him.

Last I heard was that it was still a work in progress.

ms2 is not useful... export capture in ANSI text format please.

Edit -> Export and Save as type "ANSI Text files".

Hi Pof,

I have a locked Artemis, I have purchased the unlocking file from IMEI_Check already but has not started the unlocking.

Do you want me to do the USBMON capture for you?

naughty_boy
yes please!
and share LOG-file from USBMON please too! (on xda ftp or rapidshare)
not only Perjan working in this direction...

I have a locked Artemis, I have purchased the unlocking file from IMEI_Check already but has not started the unlocking.

Do you want me to do the USBMON capture for you?

1. Install Cert_SPCS.cab and EnableRapi.cab (search the forum if you don't have them... or you can use awizard's rapi unlock option)

2. Get itsutils: http://www.xs4all.nl/~itsme/projects/xda/tools.html

3. Run pdocread.exe with no args. Take a note of the "uniqueid" value.

4. Run "pdocread -n 1 0x000000 0x50000 BeforeUnlock.nb" - you'll get a file.

5. Run imei-check unlocker, once it asks you for the .unl file start usb monitor capture and follow with the unlocking process. Save the usb monitor capture in ANSI text format.

6. After unlocking finishes run "pdocread -n 1 0x000000 0x50000 AfterUnlock.nb" - you'll get another file.

7. zip the two .nb files, and usb monitor capture and attach them here.

1. Install Cert_SPCS.cab and EnableRapi.cab (search the forum if you don't have them... or you can use awizard's rapi unlock option)

2. Get itsutils: http://www.xs4all.nl/~itsme/projects/xda/tools.html

3. Run pdocread.exe with no args. Take a note of the "uniqueid" value.

4. Run "pdocread -n 1 0x000000 0x50000 BeforeUnlock.nb" - you'll get a file.

5. Run imei-check unlocker, once it asks you for the .unl file start usb monitor capture and follow with the unlocking process. Save the usb monitor capture in ANSI text format.

6. After unlocking finishes run "pdocread -n 1 0x000000 0x50000 AfterUnlock.nb" - you'll get another file.

7. zip the two .nb files, and usb monitor capture and attach them here.
Hi Pof,

when I ran "pdocread -n 1 0x000000 0x5" , an error occur:

C:\Documents and Settings>pdocread -n 1 0x000000 0x50000 BeforeUnlock.nb

3 partitions, 2 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 6c 08 01 03 23 00 00 00 00 00 00 00 00

CopyTFFSToFile(0x0, 0x50000, BeforeUnlock.nb)
ERROR: ITReadDisk - 出现了内部错误。<an internal error occur>

So it the pdocread finished OK or I have to do something more?

Hopeful this will move forward when pof gets back from Barcelona

so there isnt an unlocker for artemis yet ? whats the progress pof/perjan ?

Hi Pof,

I'am the owner of a T-mobile compact 3 (a.k.a. HTC3300) and I have to admit that the current ROM (T-mobile original shipped rom, date 09/22/06) is far from stable or nevertheless bugfree. In other words I really would like to upgrade to another ROM. Therefor I'm waiting for a free HTC3300 unlocking tool. I know that some guys are working on this but since a couple of weeks it is rather still.

Pof could you please give me and many others an update regarding the progress of a free unlocking tool for the HTC3300?

Thanks!

Regards,

Fremske.

:D Hi

I have MDA Compact 3, which I am not using anymore as it is locked to T Mobile, if somebody can guide me to develop unlocking solution, I can dedicate my time and efforts to this.

Thanks

waiting / searching for exactly the same

Hey Do you think we can just use program such as SoftICE to interupt the CID checking program and fake that CID from the phone and the new rom are the same brand? If the program thinks that they're the same then it will continue flashing the roms after finish checking. Because as far as I think, the flashing program checks the CID only for verification purpose so that nobody flashes wrong roms. So if we interupt the process using HexEdit or something similiar to erase or fake this process then things should continue smoothly.

Please feel free to correct me if i'm wrong. I'm new in PDA but I've a bit of experience in hacking.

Hope we can find a solution to this.

hii guys
I think it is possible unlock cid code without activeshync connection .We can establish an usb connection with bootscreen
My quetion work imeechek with any connection







i have a t-mobile dutch version htc p3300 with locked CID
tired upgrade rom to dopod powermap
stopping with t-mobile logo

@jackey

There are possibilities for that but I think that softice does interrupt the system and interruption on connection is devastating for device.

So the only thing is to follow the instruction of POF survival of unlocking the HERMIS

Chears

Anything New??

Anything New??

None yet......:confused: :( :mad:

Guys !

How can i check the current CID ? I've asked my provider to give me a SupeCID machine. Now, before re-flashing wanna check the current status of CID.

Thank you for advice.

i try to unlock t mobile mda iiii with lockwiz03 its has given me code
but not unlocking please help thank you

Guys !

How can i check the current CID ? I've asked my provider to give me a SupeCID machine. Now, before re-flashing wanna check the current status of CID.

Thank you for advice.

This is one procedure i would like to know,I asked imeiunlocker about how to check cid status and they very politlely told me," All p3300 are locked".Info 2 command also does not seem to work.

hi all I am new here and I need some one help me to unlock the mda compact III nl softwaer fpr T-mobile ,,, meny thanks:confused: :confused:

Will P3300 stay locked still?

After working hard on the unlocker the progress has come to a halt. so theres no free way to do it you will have to use the imei-check method which is 28 euro's

I would love to help you all I am an expert at QBasic and regularly program lottery number generators.

I am good at MS paint too.

I would love to help you all I am an expert at QBasic and regularly program lottery number generators.

I am good at MS paint too.

Ypu could ask pof to help you but i've thrown in the towel.

Ypu could ask pof to help you but i've thrown in the towel.

Perjan,

What else do you need to make an unlocker for the Artemis?

My idea was to use a usb monitor program and see how the unlocker tool from imei-unlocker.co.uk works. Then we coudl reverse engineer it?

Should it work? I just want to help this community with a free unlocker for the Artemis.

imei-check.co.uk may have sussed perjan, so he's thrown in the towel....pof has been active on the site too....but obviously not very keen on this either.

If and when needed proceeed to imei-check.co.uk...for a paid service...lol


But a shame tho !

I stopped the research on it because I don't know how to recalculate the CID area, as it is different on every device and usb-sniffing the commercial unlocker doesn't help, that's why no free unlocker for Artemis exists. If anyone can shed a light i would gladly contribute on Artmeis unlocker research again.

Let me shed the light:

"This device is magnificent!" (My dad and I both have the P3300)

That's why it needs to get unlocked... (I have enough P3300's to do some research too... locked, unlocked and HTC never-locked devices)

I've already unlocked 2 with imei-check and I'm going to unlock more if it needs to be unlocked urgently... :(

But if not urgent... I'm still researching myself while waiting for you guys to find a method before me... :D

hint of sarcasm in my last post.. I had no Idea this could be done with qbasic. lol

I wait on progress very. I will help willingly.

In my environment bad men create bad rom. It he does brick from Artemis, Himalaya Wallaby.
They repair HTC and tell to pay 50 Euro. This is bad.

It it was one should was make to HTC be unlocked. My HTC is brick - there now I will not it pay bad men.
I warn different download rom he would to from trustworthy source.

I am with you

imei-check.co.uk may have sussed perjan, so he's thrown in the towel....pof has been active on the site too....but obviously not very keen on this either.

If and when needed proceeed to imei-check.co.uk...for a paid service...lol


But a shame tho !

I'm not sussed by Imei-Check.... But im not capable of reverse engineering the unlocker. Pof is the one with the expertise. My p3300 is already unlocked (yes i've paid imei-check). But if I can help in any way just ask.

I'm not sussed by Imei-Check.... But im not capable of reverse engineering the unlocker. Pof is the one with the expertise. My p3300 is already unlocked (yes i've paid imei-check). But if I can help in any way just ask.

NOTE: I didnt mean to offend anyone......

That said, I am glad pof and perjan reacted.....imei-check, here I come too:cool: :D

I stopped the research on it because I don't know how to recalculate the CID area, as it is different on every device and usb-sniffing the commercial unlocker doesn't help, that's why no free unlocker for Artemis exists. If anyone can shed a light i would gladly contribute on Artmeis unlocker research again.

c'mon, you know this is wrong ;)
simply the usb sniffing does not work with the device.
as imei-check has avoided *some* methods and restarts your PC if you do.

but some Themida protection is not the end of the world :D

if I manage to unbrick my 3 dead Hermes devices, maybe I will find some time to proceed with this.

no, it patches the Hermes radio will not be valid for Artemis... although should be a very similar patch, because both devices are quite the same.
The "unlock key" is only valid after patching the radio.

I'm using an analog dual-SIM adapter, before the patch it was working correctly now it always shows the same provider although I've changed it. It really sucks not to see any more if I make calls with T-Mobile or Vodafone, can check only through my settings and making a network check.

Is it possible that the CID unlocking changed the radio in such a way that the dual sim doesn't work correctly any more? If yes can I fix it or put the old or a different radio version on it without CID locking it again (if that is possible)?

c'mon, you know this is wrong ;)
simply the usb sniffing does not work with the device.
as imei-check has avoided *some* methods and restarts your PC if you do.

No, it's true. usb-sniffing imei-check stuff is not a problem, even with the new protections that reboot computer, it just requires hex-editing the sniffer dll's to change window names and playing a bit removing / adding the registry keys while running the unlocker. But if you sniff it you'll see that the CID area is different for _every_ device, and the unlocker calculates it. If you flash the CID area of a device with another CID area not belonging to it you get a booting device with non working GSM.

but some Themida protection is not the end of the world :D

if I manage to unbrick my 3 dead Hermes devices, maybe I will find some time to proceed with this.

LOL ... maybe I can help you with the unbricking, and you help me breaking themida? ;)

LOL ... maybe I can help you with the unbricking, and you help me breaking themida? ;)

http://www.tuts4you.com/

Is it possible to run Imei in bootloader mode?

@ POF: Hey pof, #80 was for you, maybe I didn't mark it that well by just quoting you. I know that you post was #4 and is quite old but do you have an idea if what I wrote might be possible?

No, it's true. usb-sniffing imei-check stuff is not a problem, even with the new protections that reboot computer, it just requires hex-editing the sniffer dll's to change window names and playing a bit removing / adding the registry keys while running the unlocker. But if you sniff it you'll see that the CID area is different for _every_ device, and the unlocker calculates it. If you flash the CID area of a device with another CID area not belonging to it you get a booting device with non working GSM.


well, maybe different, in encrypted form :D


LOL ... maybe I can help you with the unbricking, and you help me breaking themida? ;)

gimme an email address capable of handling 5M zip attachment from Balkan without filtering :D I send you a dump (stolen bytes not fixed, so nonworking, nontraceable, but usable to get a clue once you manage to find the Visual C function entry without the table ;)

but please do not ask me to discuss the method I used to dump the executable... "security by obscurity" on my side means my method works since the Xprotector beta and will work even under the OS after Vista...
whilst the method from Deroko's tutorial was already worked around in the next release of Themida.

crusher:
i gonna send you CID security area from the arte device, could you have a look on it. please let me know if you'll have "spare time" for this exercise.
regards,

well, if you can send it unencrypted, I await it :)

crusher:

you kinda like yourself very much, huh?
Why don't you show us why you like yourself so much?

(Hint: Make a free unlocker for the Artemis and we will love you too) :D

P.S. Just kidding... and @persian: www.tuts4you.com <-- nice website

:D

well whether I like myself or not has nothing to do with the subject.
I work in this aera for 10 years now, and the sole reason I don't release anything for free is that my economic position does not allow me to let others (who we all know exist) earn huge money using my free stuff without even crediting me.

that is the problem with GNU-like licenses - they are not compatible with gipsy culture.

:) :) HI Do you still have the software that IMIE check sent you as we could work out how they unlocked it.BY .20 BONDS..

email it to you so you can have a look at the coding
DO NOT USE the IMEI from the BOX as it may be different from that of the phone
IMEI WHAT THEY MEAN BY SAYING A KEY FILE FOR THE IMEI . JUST VISIT YOUR SUPPLIER SITE. I DON 'T UNDERSTAND WHAT THAT MEAN.
I DO NOT HAVE A KEY FILE.....!!!!

Regards,
:confused:
KHALID

:) :) HI Do you still have the software that IMIE check sent you as we could work out how they unlocked it.BY .20 BONDS..

email it to you so you can have a look at the coding
DO NOT USE the IMEI from the BOX as it may be different from that of the phone
IMEI WHAT THEY MEAN BY SAYING A KEY FILE FOR THE IMEI . JUST VISIT YOUR SUPPLIER SITE. I DON 'T UNDERSTAND WHAT THAT MEAN.
I DO NOT HAVE A KEY FILE.....!!!!

Regards,
:confused:
KHALID

They mean to vist their site and BUY a key file that only works with your device.

Okay, here's the thought of a comlpete programming-n00b. Probably not possible, but if it is not mentioned, it will never help.

It seems that the imei-check-unlocker is the only one capable of succesfully unlocking the Artemis. The unlocker itself can be downloaded from their site without paying. All you pay for is in fact a "key-file".

Is it possible to put some of these key-files (I saw a lot of reactions from people who bought one, so they are available) though some sort of comparison-program? Perhaps with the info needed to buy the key-file (IMEI, maybe more info, I don't know) the differences between the key-files can be explained, and therefore recreated with the data from other phones. After that the newly created key-files could be used in combination with the downloadable unlocker from imei-check...

Just a thought...

well, this is good thinking.
as of 1999...
:D

things are much more complicated nowadays.