1) I am not a developer (his nick is written in the post)
2) I am quite sure file is correct - there are many reports about succesfull installation in russian forums.
3) Check mirror (Narod.ru) link.
DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800
- Thread starter biktor_gj
- Start date
1) I am not a developer (his nick is written in the post)
2) I am quite sure file is correct - there are many reports about succesfull installation in russian forums.
3) Check mirror (Narod.ru) link.
Ok L710 fully unlocked 
Those 2 parts are wrong. I used to narod.ru
---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
http://www.youtube.com/watch?v=-rQbFp7yasc
Those 2 parts are wrong. I used to narod.ru
---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
http://www.youtube.com/watch?v=-rQbFp7yasc
Last edited:
Ok L710 fully unlocked
Those 2 parts are wrong. I used to narod.ru
---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
http://www.youtube.com/watch?v=-rQbFp7yasc
CAN WE KEEP THIS FOR DEVELOPMENT ONLY PLEEEEEEEEEEEEEASSSEEEEE?
Gift from our friends at Qualcomm:
Full AMSS firmware + Secboot Sources (Qualcomm loader)! Grab it while it's hot!
http://www.mediafire.com/?ir2h15f663ja6wc
epic! Nerd boner engaged!
EDIT: Does it contain any device specific code (like... defines for the 710s panel configuration) or is it for all msm7x30 based devices in general?
That wistron_wvga stuff surely looks interesting...
Last edited:
This source is, in theory, for the Hisense TS7008. No specific code for nokias, but is for the same platform, so it should, at least boot. And since nokia osbl should be based on secboot, we should be able to find similarities between both... maybe some unpatched hole too?
Worst case scenario, we could still get to know how it boots and debug a little more easily
EDIT:
Did anyone notice this on Nokia's DLOAD enabled SBL?
I0..ANDROID!
Interesting...
Sent from my GT-I9100 using XDA
Last edited:
Note to everyone, it's probably easier to just do dd in Linux. I bricked my lumia 710 attempting in windows.
biktor_gj.. Flashed the UNLOCKED ROM last night for the 800, and I've noticed a couple of bugs, just wanted to let you know
- Some apps just won't uninstall. For some reason, 'pre-installed' apps won't uninstall, as well as some other 3rd party ones. i.e FourSquare shows up twice in my app list, one could be uninstalled, the other one uninstalls, and re-installs on reboot (same as the pre-installed apps).
-A few other apps show up installed twice as well..
-WP7EasyBackup doesn't seem to be working (however my backup was pre-flashing, so that may be the problem. Will look into it in more detail later on)
p.s DPPImplant from ultrashot works like a charm!
- Some apps just won't uninstall. For some reason, 'pre-installed' apps won't uninstall, as well as some other 3rd party ones. i.e FourSquare shows up twice in my app list, one could be uninstalled, the other one uninstalls, and re-installs on reboot (same as the pre-installed apps).
-A few other apps show up installed twice as well..
-WP7EasyBackup doesn't seem to be working (however my backup was pre-flashing, so that may be the problem. Will look into it in more detail later on)
p.s DPPImplant from ultrashot works like a charm!
Don't worry, I will build a new custom rom with full unlock based on Tango as soon as I find a firmware with full language support and not only English+Chinese... anyone knows where to find it? I only found one on navifirm and it was that english & chinese...biktor_gj.. Flashed the UNLOCKED ROM last night for the 800, and I've noticed a couple of bugs, just wanted to let you know
- Some apps just won't uninstall. For some reason, 'pre-installed' apps won't uninstall, as well as some other 3rd party ones. i.e FourSquare shows up twice in my app list, one could be uninstalled, the other one uninstalls, and re-installs on reboot (same as the pre-installed apps).
-A few other apps show up installed twice as well..
-WP7EasyBackup doesn't seem to be working (however my backup was pre-flashing, so that may be the problem. Will look into it in more detail later on)
p.s DPPImplant from ultrashot works like a charm!
About bootloaders.... Anyone noticed this?
Code:
/sys_boot/keystore/key.str..Keystore read & decrypt failed!.Random seed init failed!....Security init (%d @ 0x%x)...
Security init status 0x%x...
DETAIL: Keys 0x%08x, 0x%08x, 0x%08x, 0x%08x.....°..â«`.ë³ÿÿê.@-éÛíÿëž.Oâ¦`.ë¬..â¤`.ë.0*ã. *ã..*ãÀ..âŸ`.ëÌ..â.`.ëä..â›`.ë«.Oâ™`.ë..*ãG.*ãš..ë..Pãì.Ÿ.ì Ÿ.ì.Ÿ..0..è.Ÿ.3ÿ/.Jÿÿë_±.ë..*ã‚c.ëVõÿë..Pã..*.....Ä..â…`.ë.
.*ãmc.ëtc.ë.@½èžþÿê.ÿ/á
[B]Security init skipped!..[/B]
======= Secure DLOAD started =======
Version: %d.%d.%d
Compiled: Feb 17 2012, 10:35:39.
====================================Anyway of tricking it into that USB HID device it shows sometimes after rebooting from the bootloader?
Guys dont give up! I hope you get the Bootloader unlocked soon for the Lumia 800 with the Nokia DLOAD
A friend of mine made this :
A friend of mine made this
:
Last edited:
Hey Guys just a little heads up, Zune is telling me i have an update but my phone's
Versions are as follows ;
OS: 7.10.8107.79
F/W Rev no. 1600.2487.8107.12070
H/W Rev no. 112.1402.2.3
Radio: 1.6.00.24
Bootloader: 7.35.0.0
Chip: 0.74.2.1
I will update an reply with any changes to the bootloader value and the result when going into the bootloader mode
Edit: This is a Nokia update not MS
The update downloaded really fast, Not a full ROM, I'm guessing. (Could be tweaks to the BL, Maybe they found a loophole before we did ?)
---------- Post added at 11:09 PM ---------- Previous post was at 10:40 PM ----------
Sorry wasn't anything important. Just the 12072 F/w
http://blog.vodafone.com.au/blog/nokia-lumia-800-firmware-12070-25042012/
BL Hasn't changed.
Versions are as follows ;
OS: 7.10.8107.79
F/W Rev no. 1600.2487.8107.12070
H/W Rev no. 112.1402.2.3
Radio: 1.6.00.24
Bootloader: 7.35.0.0
Chip: 0.74.2.1
I will update an reply with any changes to the bootloader value and the result when going into the bootloader mode
Edit: This is a Nokia update not MS
The update downloaded really fast, Not a full ROM, I'm guessing. (Could be tweaks to the BL, Maybe they found a loophole before we did ?)
---------- Post added at 11:09 PM ---------- Previous post was at 10:40 PM ----------
Sorry wasn't anything important. Just the 12072 F/w
http://blog.vodafone.com.au/blog/nokia-lumia-800-firmware-12070-25042012/
BL Hasn't changed.
Last edited:
yeaa...done this last nite...Theres a thread about this update..
battery performance
charging time fixed
camera addition
volume bug still not fixed
battery performance
charging time fixed
camera addition
volume bug still not fixed
I'm probably either lost or just dumb, but can someone clarify with me if it's possible to even activate WP7 to access windows live services, I have the Lumia 710 and I have the Tango rom flashed.
edit: called microsoft and they gave me a product key.
EDIT2: it wont read on zune.
EDIT: last time I restarted zune and it works now.
edit: called microsoft and they gave me a product key.
EDIT2: it wont read on zune.
EDIT: last time I restarted zune and it works now.
Last edited:
A little update...
Anyone over here knows assembler?
This function:
is called from:
Now, how can we make the key.str reading fail so we can skip the security initialization? Maybe it's nothing, and if security init is skipped it breaks and doesnt even let you flash, but it's another approach to be looked at, no?
Any help out there?
Now to search the nand dumps to try to find that key.str...
EDIT:
Could it have something to do with this?
Anyone over here knows assembler?
This function:
Code:
ROM:00005C40 ; ---------------------------------------------------------------------------
ROM:00005C40
ROM:00005C40 loc_5C40 ; CODE XREF: ROM:00005A74j
ROM:00005C40 ; ROM:00005A98j ...
ROM:00005C40 ADR R0, aSecurityInitSk ; "Security init skipped!"
ROM:00005C44 BL sub_1DEF8
ROM:00005C48 B loc_5B1C
ROM:00005C48 ; ---------------------------------------------------------------------------
Code:
ROM:00005A54 ; ---------------------------------------------------------------------------
ROM:00005A54
ROM:00005A54 loc_5A54 ; CODE XREF: ROM:00005A14j
ROM:00005A54 ADD R2, SP, #8
ROM:00005A58 ADD R1, SP, #0xC
ROM:00005A5C ADR R0, aSys_bootKeys_0 ; "/sys_boot/keystore/key.str"
ROM:00005A60 BL sub_B244
ROM:00005A64 MOVS R4, R0
ROM:00005A68 ADREQ R0, aKeystoreReadDe ; "Keystore read & decrypt failed!"
ROM:00005A6C BEQ loc_5A94
ROM:00005A70
ROM:00005A70 loc_5A70 ; CODE XREF: ROM:00005A50j
ROM:00005A70 CMP R4, #1
ROM:00005A74 BNE loc_5C40
ROM:00005A78 ADD R4, SP, #0x10
ROM:00005A7C MOV R0, R4
ROM:00005A80 MOV R1, #0x24 ; '$'
ROM:00005A84 BL sub_5588
ROM:00005A88 CMP R0, #0
ROM:00005A8C BNE loc_5A9C
ROM:00005A90 ADR R0, aRandomSeedInit ; "Random seed init failed!"
ROM:00005A94
ROM:00005A94 loc_5A94 ; CODE XREF: ROM:00005A6Cj
ROM:00005A94 BL sub_1DEF8
ROM:00005A98 B loc_5C40
ROM:00005A9C ; ---------------------------------------------------------------------------Any help out there?
Now to search the nand dumps to try to find that key.str...
EDIT:
Could it have something to do with this?
Code:
FUNCTION OSBL_ENCRYPT_KEYSTORE
DESCRIPTION
Encrypt plain key store file.
DEPENDENCIES
Must be done before APPS is released.
RETURN VALUE
None
SIDE EFFECTS
None
===========================================================================*/
static void osbl_encrypt_keystore( bl_shared_data_type *bl_shared_data )
{
#ifdef FEATURE_SDCC_BOOT
if ( FALSE == boot_encrypt_file(PLAIN_KEY_STORE_FILE_NAME, ENCRYPT_KEY_STORE_FILE_NAME) )
OSBL_ERR_FATAL( BL_ERR_OSBL );
#endif
}
Last edited:
I got some knowledge on MIPS assembly and some RISC, but that's about it.. not any ARM. Could help you with it after my exams are done, if you dont figure it out by then, since it's a hectic period at the moment!
Good catch, it seems that 'boot_encrypt_file' is not defined in the Hisense source? That's weird right? or have they stripped out everything regarding FEATURE_SDCC_BOOT?
If the security initialisation was skipped, that means that public-keys were not propetly loaded. Result you will be not able to load any cert for flash files
What I'd like to know if it security init is skipped, will it refuse to flash anything, or will it put itself in some 'developer mode'?
That 'Security init skipped!' message is a printf, which means its a debug message. You don't read debug messages in production phones unless you're a developer... or someone from Xda
Did you actually tried it or is it a guess?
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
81UPDATE: First custom rom with Interop Unlock flashed succesfully. Requires hard reset after installing and an unlocked bootloader. See post for proof:
http://xdaforums.com/showpost.php?p=24818275&postcount=242
BIG THANK YOU TO ULTRASHOT!
Without you I couldn't have done it!
NOTICE: Testing full unlock (XIP unlock etc) with ultrashot. Will post new files as soon as I get a working build which doesn't get stucked on boot
Disclaimer:
I AM NOT RESPONSIBLE IF YOU LOOSE DATA, BREAK YOUR PHONE, OR SET YOUR HOUSE ON FIRE. DO THIS AT YOUR OWN RISK. BTW, REQUIRES A HARD RESET SO YOU WILL LOOSE ALL THE DATA IN YOUR PHONE BY FLASHING THIS. IF UNSURE, DON'T DO IT.
PLEASE STOP PM'ING ME FOR HELP, I CAN'T REPLY 20 PMS/HR. Please use the forum, maybe someone can create a discussion topic to help others and leave this for links and development. Thank you very much!
PLEASE STOP SENDING ME PMS ASKING FOR HELP AND USE THE DEDICATED THREAD
THIS THREAD IS FOR DEVELOPMENT ONLY, PLEASE RESPECT THAT AND USE THE Q&A THREAD FOR YOUR QUESTIONS.
LINKS:
Lumia 800: Full Unlock
New firmware: May 16, 2012 (removed foursquare and stuff)
sdb3.rar: Flash it to PARTITION #3. It contains 12070's amss & adsp. Not absolutely required but if you have an older version this should give you better battery life.
http://www.mediafire.com/?kwjladlgvq81rha
OS-NEW:
As always, flash it to PARTITION #9.
Part1: http://www.mediafire.com/?21by2oj7acnhkhw
Part2: http://www.mediafire.com/?wkeduvp9l4199qh
Part3: http://www.mediafire.com/?cnbkms40dy4y06z
Part4: http://www.mediafire.com/?rabunpmnaqclq3o
Complete Mediafire folder access: http://www.mediafire.com/?uo2dqcl34b9cy
___________________
Alternate ROM with Full Unlock + Some apps:
Part1: http://www.mediafire.com/?8gnqm418v32im3e
Part2: http://www.mediafire.com/?bgtg2t5infrnua1
Part3: http://www.mediafire.com/?l0sl5hbr0v9gfi1
Part4: http://www.mediafire.com/?emt2dfswdhn0z0w
Apps preinstalled:
DS Supertool
File Deployer
Metro Theme
WebServer
WinTT
WM Device Center
WP7 Root Tool
___________________
Lumia 710: Interop Unlock (no full unlock yet)
ROM Based on: RM803_059N2L6_1600.3015.8107.12070_010
Mediafire folder access: http://www.mediafire.com/?9z6og65ozgrnr
http://www.mediafire.com/download.php?d3bj3dkfbffbakn
http://www.mediafire.com/download.php?l35zjaebdrsm315
http://www.mediafire.com/download.php?ys5bapu8ubezybo
http://www.mediafire.com/download.php?tnadd4uuoxhatv3
CAUTION: I don't have a 710, so these images AREN'T TESTED. Use at your own risk. Be careful, people are reporting problems with this rom.
Full Unlock Image for Lumia 710 by lucifer3006 -BE CAREFUL, IT HAS BUGS, FOR TESTING PURPOSES ONLY- (thanks ultrashot & lucifer3006): http://www.mediafire.com/?p3318y5l19abb
You have a mirror of all the stuff on mediafire on xdafil.es: http://xdafil.es
Thank you mousey_!
PLEASE DO A FULL BACKUP OF THE NAND BEFORE PLAYING AROUND.
If you are developing fixes for the bootloader 'problem', feel free to grab a copy of the rest of partitions and stuff I posted over this thread here: http://www.mediafire.com/?kknt4lnc3tn7w
INSTRUCTIONS:
Requires an unlocked bootloader (a.k.a. qualcomm development bootloader).
Easy to check: Turn the phone OFF, then press and hold VOLUME UP + POWER until you notice a short vibration. Plug in to the computer. If the phone turns up in disk mode (USB Mass Storage Device), then you have an unlocked bootloader. IF you're in Windows, it will ask if you want to format the disk. SAY NO OR IT WILL EXPLODE (it won't explode but you might break it)
If the device detected by the computer is Nokia DLOAD you have a locked bootloader and you're out of luck, at least for now.
I used 'dd' in Linux, I guess you can do it with Windows version too (http://www.chrysocome.net/dd) but it's more involved to find the appropiate partition:
dd if=./os-new.nb of=/dev/sdX9
Where X is the disk detected by your linux distribution.
After that, you'll need to hard reset the phone. Hold Power button for 10 seconds to exit Qualcomm's disk mode, and press and hold POWER+VOLUMEDOWN+CAMERA until you feel the phone vibrate. After that, RELEASE power button but KEEP HOLDING volume down + camera for five or more seconds. This will trigger the hard reset.
Now time to play with bootloaders and try to get this to work for everyone!
If you like my work and want to donate for a beer (or two), follow this link22
Well, you can always make a backup and then restore via zune. The thing is the dumped OS is about 600Mb, the generated image is 378Mb. I don't know how it will reside on the flash, you could always check where the flash starts to get filled with zeros and clean it up before the first boot... If they had done it right and separated user data from the main OS we wouldn't have this problem...
INTEROP UNLOCK ACHIEVED!
Now time for a nice beeer
I'll put mediafire to work and upload the image I just did. Everyone who has an unlocked bootloader: after you flash this to the phone, DO A HARD RESET, otherwise it will get stucked on 'Installing Applications'12Hey everyone,
I was hoping to be able to crack Nokia's osbl, but time already run out and wasn't able to get it. So sorry, guys, but I had to return both Lumias. It's been a fun month, and at least I helped getting custom roms for at least some of you.
I'll be uploading here all the files I have on my computer so anyone can mirror them or use them for whatever you might need. If I can help you with something else (development related please) feel free to drop me a PM.
Once again big thank you to Ultrashot, Beidl, Xsacha, cdbase, ceesheim, HeathCliff & everyone that helped out with this. Now back to my (almost) forgotten Galaxy S2 & to try Boot 2 Gecko and see what progress has been done since the last time I checked8Btw, here is my DppImplant app.
Implants DPP partition with your stock Live Id to a custom rom.
Usage:
1) Put backup of the biggest partition to the folder with DppImplant.exe and call it "stock.nb"
2) Put "os-new.nb" there - target firmware in which you want to see your old Live Id.
3) Open DppImplant.exe. It will extract DPP from stock.nb and create mydpp.bin file. (After that you won't really need to have stock.nb in that folder).
"os-new.nb" will be patched.
4) Done.
P.S. if you open DPP using Notepad or any hex editor, you'll see saved Live Id.6Ok L710 fully unlocked
Those 2 parts are wrong. I used to narod.ru
---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
http://www.youtube.com/watch?v=-rQbFp7yasc
CAN WE KEEP THIS FOR DEVELOPMENT ONLY PLEEEEEEEEEEEEEASSSEEEEE?
Gift from our friends at Qualcomm:
Full AMSS firmware + Secboot Sources (Qualcomm loader)! Grab it while it's hot!
http://www.mediafire.com/?ir2h15f663ja6wc
