5,605,250 Members 39,522 Now Online
XDA Developers Android and Mobile Development Forum

[HOWTO] GT-I9100 Free SIM Unlock via nv_data.bin by Odia

Tip us?
 
pulser_g2
Old
#21  
pulser_g2's Avatar
Developer Admin / Senior Recognized Developer
Thanks Meter 10599
Posts: 19,214
Join Date: Nov 2009
OK. Is anyone there with an SGS II and bored, wanting to try something out (your own risk obviously, though this seems safe as someone has tested parts of it already)

It seems to be safe to modify this file, so long as you take a backup of anything you are about to mess with. I would suggest taking 2 backups, just in case...

If so, get a hex editor and look at address 0x181468 (that is in hex). If you are locked, you should see "FF 01". If you are unlocked, you should see "FF 00".

1) Can people confirm this to be true? In my limited sample, it's true.

2) If you change that to "FF 00", and replace the file (with backup), does it work as unlocked, or does it just not recognise the radio?

3) If not working, restore the file you created, and delete the nv_data.md5 file (be sure to back it up as well before doing anything). Again see if it works.

4) If you don't get your unlock sorted (if you do, free unlock and congrats, please let us know what you did), then restore the old files and you should be back to normal.

Also... If you feel really bored, how about dumping the nv_data.bin BEFORE and AFTER flashing a kernel via ODIN, such that the counter on download mode increments. The idea being to see if this file changes when flashed... Obviously you need to label the before and after clearly, and give the value of the number for before and after

For emailing any nv_data files to me, my email is:


Having trouble getting an answer? | What is XDA about? | How to ask for help?

if [ $PM.incoming.type = $type.question.ROM.how_to_use ] || [ $PM.incoming.type = $type.question.ROM.silly_question ]; then mv $PM.incoming /.trash; PM.response($responsetype.ignore); $PM.sender.ignore_in_future=true; init.sequence($boy_who_cried_wolf); fi;

BTC: 1K2fpDsRHkirWmk3PKiqtzhVHKUJCWPWnN
PGP: 0x260F4FDEF258E3C4
 
dh2311
Old
#22  
dh2311's Avatar
Senior Member
Thanks Meter 278
Posts: 574
Join Date: Oct 2010
Location: Liverpool

 
DONATE TO ME
Right.

Cant confirm 1) as mine is locked

As for 2 edited ff 01 to ff 00 and sim is undetected like before (get no service). Pushed backup back and it worked


I have removed the .md5 and i hope it still works (forgot to back up)

EDIT: Works after deleting.

As for unlock. I might buy a code, then run a comarison check between my old nv data and new one and look for all edits
Device: Sony Xperia Z
ROM: monxDIFIED
Recovery: TWRP 2.6.0.1

Some of my work

Galaxy S II Wipe Custom Binary Counter
 
pulser_g2
Old
#23  
pulser_g2's Avatar
Developer Admin / Senior Recognized Developer
Thanks Meter 10599
Posts: 19,214
Join Date: Nov 2009
Quote:
Originally Posted by dh2311 View Post
Right.

Cant confirm 1) as mine is locked

As for 2 edited ff 01 to ff 00 and sim is undetected like before (get no service). Pushed backup back and it worked


I have removed the .md5 and i hope it still works (forgot to back up)

EDIT: Works after deleting.

As for unlock. I might buy a code, then run a comarison check between my old nv data and new one and look for all edits
That would be interesting to get a before/after.

You did double check you did the RIGHT offset changing 01 to 00, given there are a number of FF FF FF FF FF 01 00 00 00 blocks in the file? Just double checking

The md5 should be re-generated after a boot (normally)

How many times have you flashed your device, and do you fancy another flash to see if we can spot this counter? It's a long-shot, so if you aren't planning to flash anything, there's little point in testing it tbh...


Having trouble getting an answer? | What is XDA about? | How to ask for help?

if [ $PM.incoming.type = $type.question.ROM.how_to_use ] || [ $PM.incoming.type = $type.question.ROM.silly_question ]; then mv $PM.incoming /.trash; PM.response($responsetype.ignore); $PM.sender.ignore_in_future=true; init.sequence($boy_who_cried_wolf); fi;

BTC: 1K2fpDsRHkirWmk3PKiqtzhVHKUJCWPWnN
PGP: 0x260F4FDEF258E3C4
 
pulser_g2
Old
#24  
pulser_g2's Avatar
Developer Admin / Senior Recognized Developer
Thanks Meter 10599
Posts: 19,214
Join Date: Nov 2009
Quote:
Originally Posted by dh2311 View Post
Right.

Cant confirm 1) as mine is locked

As for 2 edited ff 01 to ff 00 and sim is undetected like before (get no service). Pushed backup back and it worked


I have removed the .md5 and i hope it still works (forgot to back up)

EDIT: Works after deleting.

As for unlock. I might buy a code, then run a comarison check between my old nv data and new one and look for all edits
Also, to clarify, I meant to delete the md5sum file if you couldn't get it working with the modified file. I was thinking that the MD5 was being checked due to unlock status changing? Just a long-shot...


Having trouble getting an answer? | What is XDA about? | How to ask for help?

if [ $PM.incoming.type = $type.question.ROM.how_to_use ] || [ $PM.incoming.type = $type.question.ROM.silly_question ]; then mv $PM.incoming /.trash; PM.response($responsetype.ignore); $PM.sender.ignore_in_future=true; init.sequence($boy_who_cried_wolf); fi;

BTC: 1K2fpDsRHkirWmk3PKiqtzhVHKUJCWPWnN
PGP: 0x260F4FDEF258E3C4
 
dh2311
Old
#25  
dh2311's Avatar
Senior Member
Thanks Meter 278
Posts: 574
Join Date: Oct 2010
Location: Liverpool

 
DONATE TO ME
Quote:
Originally Posted by pulser_g2 View Post
Also, to clarify, I meant to delete the md5sum file if you couldn't get it working with the modified file. I was thinking that the MD5 was being checked due to unlock status changing? Just a long-shot...
Ohh.. I was doing that anyway, I followed the tut for the origional galaxy s to do it coz thats how i unlocked my sgs.


as for bootloader count, seems random to be stored in nv_data, but I'll flash supercurios kernel again and do a comparison, see if anything differs. Will keep em both and email to you if theres anything to look at
Device: Sony Xperia Z
ROM: monxDIFIED
Recovery: TWRP 2.6.0.1

Some of my work

Galaxy S II Wipe Custom Binary Counter
 
pulser_g2
Old
#26  
pulser_g2's Avatar
Developer Admin / Senior Recognized Developer
Thanks Meter 10599
Posts: 19,214
Join Date: Nov 2009
Quote:
Originally Posted by dh2311 View Post
Ohh.. I was doing that anyway, I followed the tut for the origional galaxy s to do it coz thats how i unlocked my sgs.


as for bootloader count, seems random to be stored in nv_data, but I'll flash supercurios kernel again and do a comparison, see if anything differs. Will keep em both and email to you if theres anything to look at
Thanks. I have been told by Mathieulh on IRC that it is stored in that file, but it might be encrypted...


Having trouble getting an answer? | What is XDA about? | How to ask for help?

if [ $PM.incoming.type = $type.question.ROM.how_to_use ] || [ $PM.incoming.type = $type.question.ROM.silly_question ]; then mv $PM.incoming /.trash; PM.response($responsetype.ignore); $PM.sender.ignore_in_future=true; init.sequence($boy_who_cried_wolf); fi;

BTC: 1K2fpDsRHkirWmk3PKiqtzhVHKUJCWPWnN
PGP: 0x260F4FDEF258E3C4
 
EleCtrOx666
Old
#27  
Senior Member
Thanks Meter 149
Posts: 533
Join Date: Aug 2009
Quote:
Originally Posted by pulser_g2 View Post
Thanks. I have been told by Mathieulh on IRC that it is stored in that file, but it might be encrypted...
Oh one of the famous PSP crackers. Didn't know he was in android phones!
Current phone : Galaxy S2
My mod :Video Player Rotation without auto-rotation
 
dh2311
Old
#28  
dh2311's Avatar
Senior Member
Thanks Meter 278
Posts: 574
Join Date: Oct 2010
Location: Liverpool

 
DONATE TO ME
Done a comparison using HXD, only one set of changes, between lines 0003C800 and 0003C840.

First one showed all F's after flash all changed, but nothing related to flash count
Device: Sony Xperia Z
ROM: monxDIFIED
Recovery: TWRP 2.6.0.1

Some of my work

Galaxy S II Wipe Custom Binary Counter
 
pulser_g2
Old
#29  
pulser_g2's Avatar
Developer Admin / Senior Recognized Developer
Thanks Meter 10599
Posts: 19,214
Join Date: Nov 2009
Quote:
Originally Posted by dh2311 View Post
Done a comparison using HXD, only one set of changes, between lines 0003C800 and 0003C840.

First one showed all F's after flash all changed, but nothing related to flash count
Right. We believe if you restore the backup, the flash count will reduce again. You want to try that?


Having trouble getting an answer? | What is XDA about? | How to ask for help?

if [ $PM.incoming.type = $type.question.ROM.how_to_use ] || [ $PM.incoming.type = $type.question.ROM.silly_question ]; then mv $PM.incoming /.trash; PM.response($responsetype.ignore); $PM.sender.ignore_in_future=true; init.sequence($boy_who_cried_wolf); fi;

BTC: 1K2fpDsRHkirWmk3PKiqtzhVHKUJCWPWnN
PGP: 0x260F4FDEF258E3C4
 
dh2311
Old
#30  
dh2311's Avatar
Senior Member
Thanks Meter 278
Posts: 574
Join Date: Oct 2010
Location: Liverpool

 
DONATE TO ME
I had the same thought before seeing that post. Doesnt work. Still at the same count (6)
Device: Sony Xperia Z
ROM: monxDIFIED
Recovery: TWRP 2.6.0.1

Some of my work

Galaxy S II Wipe Custom Binary Counter

Tags
galaxy s2, rom
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes