Cannot update Radio from Hell 1.65.17.10 : [SOLVED] with FrankenKaiser

Search This thread
By:
Advanced…
S

shutter13

Senior Member
Jul 4, 2007
195
1
austinsnyc said:
yes I have done that and got everything the same till when its suppose to boot into bootloader on the cego cmd just a blank screen.
Click to expand...
Click to collapse

I get the same thing.

Question; when running frakenkaiser in step 10 Sometimes I will get a code below the "be patient" line and sometimes I won't. Am I correct in assuming if I don't get the code, it's not going to work? At this point I am unsure what to do, I have tried both spl's via cmd prompt and it will not enter bootloader.
 
ugoff

ugoff

Senior Member
Nov 24, 2007
582
99
So... If we were to copy the text from step7 including remarks and run them, making the last command before 'setinfo' not output anything, then run setinfo and powerdown, to find that the setboot command still works but nothing else will....

How would we go about fixing that?
 
austinsnyc

austinsnyc

Senior Member
Mar 24, 2007
1,298
20
New York City
www.austinluker.com
shutter13 said:
I get the same thing.

Question; when running frakenkaiser in step 10 Sometimes I will get a code below the "be patient" line and sometimes I won't. Am I correct in assuming if I don't get the code, it's not going to work? At this point I am unsure what to do, I have tried both spl's via cmd prompt and it will not enter bootloader.
Click to expand...
Click to collapse

samething with mine sometimes i get a code that doesn't match the one in the picture and sometimes I get no code very strange. I wish Jocky was around! I am also trying to do all this on vista the mtty cmds seem to work but again can't get to bootloader
 
S

shutter13

Senior Member
Jul 4, 2007
195
1
shutter13 said:
I get the same thing.

Question; when running frakenkaiser in step 10 Sometimes I will get a code below the "be patient" line and sometimes I won't. Am I correct in assuming if I don't get the code, it's not going to work? At this point I am unsure what to do, I have tried both spl's via cmd prompt and it will not enter bootloader.
Click to expand...
Click to collapse

Also when I used MTTY in step 11 the first couple of times I would get a response when entering the commands. Now I don't. I can start back over at step 8 and MTTY responds for that step, but after repluging the USB in step 10 I get nothing. Type "echo_on" just goes to the next line, same with "setboot 0" and "cego". This is getting really frustrating. I'm sure it's something I'm not doing right, but I'll be damned if I can figure what it is.
 
G

gwhaley

Member
Apr 8, 2007
20
2
When performing step 10 I don't get a code either. Yeah this is frustrating. I've bricked it while trying to fix it. It's frustrating for me 'cause I get all the expected results except at the end.
 
Last edited:
S

shutter13

Senior Member
Jul 4, 2007
195
1
gwhaley said:
When performing step 10 I don't get a code either. Yeah this is frustrating. I've bricked it while trying to fix it. :)
Click to expand...
Click to collapse

I think I've narrowed it down...if I don't close the MTTY window, I don't get the code, if I do, I do get the code.

Step 8

ScreenHunter_01_May__19_22_11.jpg


Step 10

ScreenHunter_02_May__19_22_14.jpg


Step 11

ScreenHunter_03_May__19_22_16.jpg
 
G

gwhaley

Member
Apr 8, 2007
20
2
In the revised step 8 are we supposed to hold the send button for any period of time to ensure the phone enters the 'dload' state properly?
 
ugoff

ugoff

Senior Member
Nov 24, 2007
582
99
Is there anything we can do if, after step 7, step 8's 'enter 'dload'' instruction gives "invalid command : dload"?

Shutter13 made a very good point. Make sure mtty is closed when you run the FrankenKaiser program. I will answer my own question for those who believe they've messed up at step 7:

1. Remove power from your phone
2. Connect power and hold power button until the green light comes on
3. Make sure mtty is CLOSED
4. Run the "FrankenKaiser-V1.9517.exe /dev/com9 SPL1.56-KAIS-unbricker.nb" (with your own comport, etc.). It should show the 10 character code and instruct you to replug the USB.
5. REPLUG THE USB
6. Run mtty and connect to your comport.
7. 'echo_on' should now work. Do step 7 again.
 
Last edited:
sirooga

sirooga

Senior Member
May 13, 2007
604
99
Corona
This is just a guess here but I'm assuming this isn't going to work correctly in Vista. Has anyone gotten it to work with Vista? The driver issue has always been there for flashing with Vista and by default Vista wants to reload its own drivers. I had to reload the activesync drivers many times over in Vista to keep it working with flashing. Try an XP machine?
 
S

shutter13

Senior Member
Jul 4, 2007
195
1
sirooga said:
This is just a guess here but I'm assuming this isn't going to work correctly in Vista. Has anyone gotten it to work with Vista? The driver issue has always been there for flashing with Vista and by default Vista wants to reload its own drivers. I had to reload the activesync drivers many times over in Vista to keep it working with flashing. Try an XP machine?
Click to expand...
Click to collapse

I'm using vista, stuck at step 11. Everything seems to go fine before then.
 
T

thomassster

Senior Member
Jun 21, 2006
353
0
41
San Jose
wow...another success working here. Using XP. My drivers didn't show Qualcomm, but showed BenQ instead. Make sure you have device manager open and you have the port tree open so you see the ports appearing. If you don't see the ports, then you gotta go back to the USB thingy through MTTY.

Thanks so much JockyW!
 
P1Tater

P1Tater

Retired Senior Moderator
Nov 28, 2007
4,151
677
In UR Head
I cant get the moto q drivers to load for ****. Nothing but my usb port(com 4) is showing up in my device manage tree. Dammit, beginning to fell like a freakin n00b. ......sigh...... back to the drawing board.
 
shogunmark

shogunmark

Retired Senior Moderator
May 10, 2006
3,444
198
shutter13 said:
I think I've narrowed it down...if I don't close the MTTY window, I don't get the code, if I do, I do get the code.

Step 8

ScreenHunter_01_May__19_22_11.jpg


Step 10

ScreenHunter_02_May__19_22_14.jpg


Step 11

ScreenHunter_03_May__19_22_16.jpg
Click to expand...
Click to collapse

JOcky, I LOVE YOU :D

but it was shutter's trick that got me to boot back to tri-color!!!

so after pulling the battery and holding down send+power, run mtty, enter dload then close mtty run the dos command, re-open mtty and do the setboot and cego command (no pulling the cable).. this is what finally bailed me out!
 
You must log in or register to reply here.

Similar threads

AllTheWay
  • Poll
[4 December] The Ultimate Radio Thread
Replies
1K
Views
890K
G
gzaiat
J
HardSPL will not install - WHITE SCREEN: SOLVED (UPDATE 01. March 2008)
Replies
640
Views
437K
blautens
blautens
SH4YD33
  • Locked
WM6.1-Kaiser Radio Only-1.65.17.10
Replies
602
Views
116K
kyphur
kyphur
pof
HTC Kaiser Hard-SPL v1 - CID Unlock & Flash any ROM to your device (4 free)
Replies
1K
Views
968K
M
mg102670
ponch92
  • Locked
Kaiser Radios [OFFICIALLY A DEAD THREAD]
Replies
531
Views
392K
S
seridem

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 2
    J
    jockyw2001
    May 19th, 2008

    With my new and revolutionary tool "FrankenKaiser" you can now finally jailbreak your locked to "Radio from Hell" Kaiser :D

    ======================================================
    DISCLAIMER: This method involves erasing SPL & OS and requires correct data entry by the user. I will not take any responsibility for any malfunctions and or damages caused by using this method and software.
    ======================================================

    Pay attention: this method will only work on a Kaiser device with radio version 1.65.17.10 (check your radio version in the boot splash screen!)

    Note that you can not use copy & paste with MTTY, you must type the data exactly as written in the steps below. If in a step it is said to type a command always type them without the quotes.

    Note that during the entire procedure you should uncheck "Allow usb connections" in Activesync.

    I have tested the method on my own Kaiser, which was security locked and had original 1.65.17.10 installed. I'm on WinXP btw. GSLEON3 also succesfully unbricked his Kaiser with FrankenKaiser which had radio 1.64.08.21 installed. That should give you some confidence :)

    So read very carefully and apply following instructions:

    0) download and unzip the attached files on your PC in a single directory.
    It contains all needed to jailbreak or unbrick your device, such as MTTY 1.42, my revolutionary FrankenKaiser program, screenshots to accompany this readme, the appropriate drivers to connect to the radio bootloader ("Drivers MotoQ"), and two softload SPLs (SPL1.56-KAIS-unbricker.nb and sspl-0.92-jumpspl-force-usb.nb)

    1) Enter tricolor bootloader and make absolutely sure you have a HardSPL installed (either "olipof" or "1.1.JockyW"). If not you must first install a HardSPL.

    2) Connect with MTTY (USB) and type "rtask a" followed by Enter, then type "radata 90000000 1" followed by enter (Note that this is not echoed to screen!!). In some rare cases after "radata 90000000 1" you may see "HTCSUN 0[=(HTCE". When that happens type "radata A0000000 2000"

    Close MTTY and replug the USB cable. If you haven't installed them yet, your PC will now prompt you to install three drivers. Do a manual install of the MotoQ drivers. After the drivers are installed look them up in device manager and check which COM port is allocated to "Qualcomm diagnostics interface (COMxx)" => see screenshot "1. device manager search com.JPG" (on my PC it is COM4 but it may be anything else!).
    If the driver is connected to COM10 or higher you should reallocate it to a COM port lower than COM10. Go in device manager and rightclick on "qualcomm diagnositcs interface 6000 (com18)". Enter properties -> Port Settings -> Advanced -> Change COM port number to an unused port number below COM10. If you have nothing free below COM10 disable a device which uses a COM and change to that COM port. Reboot your PC afterwards.

    3) Remove and reinsert battery and enter tricolor bootloader, and connect with MTTY (USB)
    hit enter and when the Cmd> prompt is shown type "task 2a" (this erases SPL, OS and Splash, we used to call that a "hard brick") => see screenshot "2. mtty-tricolor - task 2a.JPG"

    After power cycling, the device will now enter the radio bootloader called oemsbl. Utterly the phone will look dead and the display is black, but it is still possible to connect with MTTY using the COM port as found in step 2. I indicate that in the next steps with MTTY (COMn) => see screenshot "3. mtty-com-connect.JPG". Also note that you never have to redo steps 1-3 again.

    4) Remove and reinsert battery, switch on and connect with MTTY (COMn). Type "setboot", if you are connected correctly the reply should be "ARM9BootMode:0". If you see nothing check in device manager if the drivers are loaded. If you got the reply to "setboot" you can type "radata 90000000 1" which will put the phone in a special "dload mode". In some rare cases after "radata 90000000 1" you see "HTCSUN 0[=(HTCE" and the phone will not change state to dload mode. When that happens type "radata A0000000 2000" and this time nothing should be returned on screen and the phone changed to dload mode.
    Again note that, like in step 2, nothing is echoed to screen!!

    Close MTTY.

    5) Replug USB cable !!

    6) Run FrankenKaiser in a DOS box: FrankenKaiser-V1.9517.exe /dev/com9 SPL1.56-KAIS-unbricker.nb
    (note substitute /dev/com9 by the com port indicated by diag driver in device manager, e.g. /dev/com4 on my PC)

    You should see:
    Code: 
    === FrankenKaiser Unbricker for HTC Kaiser (c)2008 by jockyw2001
=== Jailbreaker for the 'Radio from Hell 1.65.17.10'
=== Donations happily accepted, paypal to [email]jocky_wilson@hotmail.com[/email]

=== ATTENTION: only use this particular version with Kaiser:
===            radio version R1.65.17.10 - oemsbl HTC_BOOT V1.9517

SPL file read

Just be patient while I'm working ...
7e 02 6a d3 7e

Replug USB cable now!

Connect with MTTY and follow instructions !!!

    If you don't see "7e 02 6a d3 7e" underneath the line "Just be patient while I'm working ...", you have either not replugged the usb cable, not installed the drivers correctly or type the wrong com port (/dev/comx) in the command line parameters.
    => see screenshot "4. dos box - frankenkaiser.JPG"


    7) Run MTTY (COMn) and carefully enter following commands:
    echo_on (the reply in MTTY should be "ECHO ON MODE")
    setboot 1
    => see screenshot "5. mtty-echo_on setboot 1.JPG"

    mb 9de8bc => dump HTC security area
    mw 9de8bc 1 31313131 (replaces first half CID by SuperCID "1111")
    mw 9de8c0 1 31313131 (replaces second half CID by SuperCID "1111")
    mw 9de8e4 1 00000000 (Sets security flag to 0, sec unlocked)
    mb 9de8bc => dump HTC security area again and check if CID and security flag are modified in memory
    => see screenshot "6. mtty-mb 9de8bc.JPG"

    setinfo
    powerdown
    => see screenshot "7. mtty- setinfo - powerdown.JPG"

    Close MTTY

    At this point your Kaiser is unjailed, security unlocked (and SIM unlocked) and SuperCID :) Now we need to prepare another run with FrankenKaiser to softload a SPL which will allow us to flash a HardSPL. In principle steps 1-7 need never to be done again.

    8a) Unplug usb cable, remove and reinsert battery, replug usb cable and then power on. Connect with MTTY (COMn):
    - type "echo_on". (the reply in MTTY should be "ECHO ON MODE". if you see that it means you never have to perform steps 1-7 again. If you don't, something went wrong in steps 1-7 or there is a connectivity problem)
    - type "setboot 1" (you should see "ARM9BootMode:1").
    - Close MTTY !!

    8b) Unplug usb cable, remove and reinsert battery, replug usb cable and then power on. Connect with MTTY (COMn):
    - type "echo_on". (you should see "ECHO ON MODE")
    - type "dload" to put phone in dload mode.
    - Close MTTY !!

    9) Replug USB cable and then wait 10 seconds

    10) Run FrankenKaiser in a DOS box: FrankenKaiser-V1.9517.exe /dev/com9 SPL1.56-KAIS-unbricker.nb
    (note substitute /dev/com9 by the com port indicated by diag driver in device manager).
    You should see the lines:
    Just be patient while I'm working ...
    7e 02 6a d3 7e

    FrankenKaiser will prompt you to replug the usb cable. After you have done that you should wait about 10 seconds before proceeding with step 11.

    11) Run MTTY (COMn)
    - type "echo_on" (you should see "ECHO ON MODE", if not then there is a connectivity issue: close MTTY, unplug usb cable, wait 10 seconds, replug usb cable and repeat step 11.)
    - type "setboot 0" (you should see "ARM9BootMode:0")
    - type "cego" => tri-color screen should be visible and the reply in MTTY should be "Boot CE manually..." followed on the next line by "Done."

    => see screenshot "8. mtty-setboot 0 - cego.JPG"
    If after "cego" you don't see a tri-color bootloader screen, then unplug usb cable and unplug and reinsert battery and try steps 8-11 again.
    If still no tri-color screen, then repeat again but this time in step 10 run FrankenKaiser with the other SPL "sspl-0.92-jumpspl-force-usb.nb".

    Close MTTY

    12) Replug USB cable and flash HardSPL

    13) Remove and reinsert battery, enter tricolor bootloader and flash Splash

    14) Remove and reinsert battery, enter tricolor bootloader and flash OS

    15) Remove and reinsert battery, enter tricolor bootloader and flash Radio

    Note: at step 13 it's probably also possible to flash a full ROM update, I prefer to do it bits and pieces.

    This I hope shows the power of FrankenKaiser: it manages to unjail, security unlock, SIM unlock and superCID a device which is basically in a bricked state w/o the need to flash a patched radio. Look forward to other FrankenKaiser tools such as a fast SPL loader and radio dumper.

    Special versions of FrankenKaiser will be released for the new HTC models Diamond and Raphael and more :)
    View
    2
    Hakim Rahman
    Hakim Rahman
    forense said:
    Hi,

    My Kaiser stopped getting signal and I read some post about MTTY. I ran some commands and after a reboot, my Kaiser shows absolutely nothing. No LEDs, nothing on the display and that. But if I connect it to my PC and I try to turn it on, the PC starts looking for Modem drivers. I found the drivers but that's it. I don't know what else to do.

    Is there any hope for my phone?
    Click to expand...
    Click to collapse


    It looks like without you even knowing you've done the task 2a on MTTY where it will delete the SPL, OS and also the Splash (blank screen)

    you better follow the instruction that have been given by jockyw in the first post and is especially in step 3
    If earlier you use other radio versions then you can contact massivekid to make Frankenkaisers with oemsbl and radio according to the radio version which you use
    View
    1
    RoozbehDream
    RoozbehDream
    No More Radio From Hell!!! I Just Can Dsay One Word...thanks!
    View

New posts