So there's the prevention. But do you put a sha1 hash of a file inside of the file? By adding the hash, the hash would no longer be valid. So what exactly is the hash of?
DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800
- Thread starter biktor_gj
- Start date
So there's the prevention. But do you put a sha1 hash of a file inside of the file? By adding the hash, the hash would no longer be valid. So what exactly is the hash of?
maybe is the sha1 from the osbl ?
did they change the size also to the corosponding ?
on changeing the model check the size will be div to
the certificate isn't hashing itself, the information up to this point will be hashed, and signed for the next part, this hash is the hash of the mbn
---------- Post added at 11:58 PM ---------- Previous post was at 11:57 PM ----------
I imagine that an esco has some kind of integrity check as well
I don't think thats the hash of the file it's self.. If am not mistaken its not possible 'in the real world'. Could it be the hash of the mbn file?
Hmm interesting. The esco files are just zip files (duh), but is there any sort of signing on them? I didn't find anything on a quick look, but I'm not too familiar with the PKZIP format
I have been documenting the .cert format. This is what I have so far:
It seems there is indeed device-dependent stuff in the header.
I always wanted to know how you guys derive this kind of information from just a hexadecimal view of the binary data. Could someone elaborate on this? This thread is f*cking awesome to read!!
.I always wanted to know how you guys derive this kind of information from just a hexadecimal view of the binary data. Could someone elaborate on this? This thread is f*cking awesome to read!!
A hex editor ?
Not sure how to do it properly. I'm using 'Store' and the final file is 854KB (as before) but it's not working.
Section: nokia_osbl.mbn - data container (873000 bytes)
Section: nokia_osbl.mbn.cert - data container (480 bytes)
Section: nokia_osbl.mbn - info header
Scanning failed. No point to continue.
I think it might have something to do with the access/modify times being added (they were blank before).
Last edited:
Uhh, yes, of course. But how do you find out from just this hexadecimal view of the file content that the red part is device specific, the brown part contains the date, and for example
If the final file is the same size, I have no idea why it wouldn't work... open it up with a hex editor and see if anything is noticeably different that might cause the flasher to trip
there is certain data which is going to follow certain patterns, when it came to the sha hash, no signing goes without a hash of some kind, so I generated about half a dozen hashes of nokia_osbl.mbn and checked for the same data in nokia_osbl.mbn.cert
The only difference I can see is that the accessed/modified times are no longer blank. They have a timestamp. Could this affect it. If so, how do I add to archive without those?
Thank you (already out of thanks so will do it this way ;-)). I guess the device specific parts are then discovered by comparing the L800 cert with the L710? But since the mbn are different versions (Nokia DLOAD vs Qualcomm) I do not see how you could extract the device specific places in the cert file as xsache did. For example the hash location you discovered will also be different (as it is a different mbn file).
The device dependent stuff I found was identical for all Lumia 710 and identical (but different to Lumia 710) for all Lumia 800.
Last edited:
Here's a couple of links for you mate:
http://www.nirsoft.net/utils/bulk_file_changer.html (windows)
http://blog.rootsmith.ca/linux/unix-access-modify-and-change-times/ (unix)
none of the parts are unique to each device, but they are to the device family, so comparing them to each other will show those parts that are different, and those that are the same
By the way the device-dependent stuff is repeated again just before the certificate (thanks chessdragon136):
---------- Post added at 03:09 PM ---------- Previous post was at 02:40 PM ----------
Sweet! I got the .esco repack working now.
And I changed both device-dependant areas. Still rejected the bootloader though
Flash File: RM801_12w07_prod_generic_nokia_osbl.esco
Sending certificate...Done.
Sending file...Failed.
---------- Post added at 03:09 PM ---------- Previous post was at 02:40 PM ----------
Sweet! I got the .esco repack working now.
And I changed both device-dependant areas. Still rejected the bootloader though
Flash File: RM801_12w07_prod_generic_nokia_osbl.esco
Sending certificate...Done.
Sending file...Failed.
By the way the device-dependent stuff is repeated again just before the certificate (thanks chessdragon136):
---------- Post added at 03:09 PM ---------- Previous post was at 02:40 PM ----------
Sweet! I got the .esco repack working now.
And I changed both device-dependant areas. Still rejected the bootloader though
Flash File: RM801_12w07_prod_generic_nokia_osbl.esco
Sending certificate...Done.
Sending file...Failed.
also changed filesize to the coresponding ?
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
81UPDATE: First custom rom with Interop Unlock flashed succesfully. Requires hard reset after installing and an unlocked bootloader. See post for proof:
http://xdaforums.com/showpost.php?p=24818275&postcount=242
BIG THANK YOU TO ULTRASHOT!
Without you I couldn't have done it!
NOTICE: Testing full unlock (XIP unlock etc) with ultrashot. Will post new files as soon as I get a working build which doesn't get stucked on boot
Disclaimer:
I AM NOT RESPONSIBLE IF YOU LOOSE DATA, BREAK YOUR PHONE, OR SET YOUR HOUSE ON FIRE. DO THIS AT YOUR OWN RISK. BTW, REQUIRES A HARD RESET SO YOU WILL LOOSE ALL THE DATA IN YOUR PHONE BY FLASHING THIS. IF UNSURE, DON'T DO IT.
PLEASE STOP PM'ING ME FOR HELP, I CAN'T REPLY 20 PMS/HR. Please use the forum, maybe someone can create a discussion topic to help others and leave this for links and development. Thank you very much!
PLEASE STOP SENDING ME PMS ASKING FOR HELP AND USE THE DEDICATED THREAD
THIS THREAD IS FOR DEVELOPMENT ONLY, PLEASE RESPECT THAT AND USE THE Q&A THREAD FOR YOUR QUESTIONS.
LINKS:
Lumia 800: Full Unlock
New firmware: May 16, 2012 (removed foursquare and stuff)
sdb3.rar: Flash it to PARTITION #3. It contains 12070's amss & adsp. Not absolutely required but if you have an older version this should give you better battery life.
http://www.mediafire.com/?kwjladlgvq81rha
OS-NEW:
As always, flash it to PARTITION #9.
Part1: http://www.mediafire.com/?21by2oj7acnhkhw
Part2: http://www.mediafire.com/?wkeduvp9l4199qh
Part3: http://www.mediafire.com/?cnbkms40dy4y06z
Part4: http://www.mediafire.com/?rabunpmnaqclq3o
Complete Mediafire folder access: http://www.mediafire.com/?uo2dqcl34b9cy
___________________
Alternate ROM with Full Unlock + Some apps:
Part1: http://www.mediafire.com/?8gnqm418v32im3e
Part2: http://www.mediafire.com/?bgtg2t5infrnua1
Part3: http://www.mediafire.com/?l0sl5hbr0v9gfi1
Part4: http://www.mediafire.com/?emt2dfswdhn0z0w
Apps preinstalled:
DS Supertool
File Deployer
Metro Theme
WebServer
WinTT
WM Device Center
WP7 Root Tool
___________________
Lumia 710: Interop Unlock (no full unlock yet)
ROM Based on: RM803_059N2L6_1600.3015.8107.12070_010
Mediafire folder access: http://www.mediafire.com/?9z6og65ozgrnr
http://www.mediafire.com/download.php?d3bj3dkfbffbakn
http://www.mediafire.com/download.php?l35zjaebdrsm315
http://www.mediafire.com/download.php?ys5bapu8ubezybo
http://www.mediafire.com/download.php?tnadd4uuoxhatv3
CAUTION: I don't have a 710, so these images AREN'T TESTED. Use at your own risk. Be careful, people are reporting problems with this rom.
Full Unlock Image for Lumia 710 by lucifer3006 -BE CAREFUL, IT HAS BUGS, FOR TESTING PURPOSES ONLY- (thanks ultrashot & lucifer3006): http://www.mediafire.com/?p3318y5l19abb
You have a mirror of all the stuff on mediafire on xdafil.es: http://xdafil.es
Thank you mousey_!
PLEASE DO A FULL BACKUP OF THE NAND BEFORE PLAYING AROUND.
If you are developing fixes for the bootloader 'problem', feel free to grab a copy of the rest of partitions and stuff I posted over this thread here: http://www.mediafire.com/?kknt4lnc3tn7w
INSTRUCTIONS:
Requires an unlocked bootloader (a.k.a. qualcomm development bootloader).
Easy to check: Turn the phone OFF, then press and hold VOLUME UP + POWER until you notice a short vibration. Plug in to the computer. If the phone turns up in disk mode (USB Mass Storage Device), then you have an unlocked bootloader. IF you're in Windows, it will ask if you want to format the disk. SAY NO OR IT WILL EXPLODE (it won't explode but you might break it)
If the device detected by the computer is Nokia DLOAD you have a locked bootloader and you're out of luck, at least for now.
I used 'dd' in Linux, I guess you can do it with Windows version too (http://www.chrysocome.net/dd) but it's more involved to find the appropiate partition:
dd if=./os-new.nb of=/dev/sdX9
Where X is the disk detected by your linux distribution.
After that, you'll need to hard reset the phone. Hold Power button for 10 seconds to exit Qualcomm's disk mode, and press and hold POWER+VOLUMEDOWN+CAMERA until you feel the phone vibrate. After that, RELEASE power button but KEEP HOLDING volume down + camera for five or more seconds. This will trigger the hard reset.
Now time to play with bootloaders and try to get this to work for everyone!
If you like my work and want to donate for a beer (or two), follow this link22
Well, you can always make a backup and then restore via zune. The thing is the dumped OS is about 600Mb, the generated image is 378Mb. I don't know how it will reside on the flash, you could always check where the flash starts to get filled with zeros and clean it up before the first boot... If they had done it right and separated user data from the main OS we wouldn't have this problem...
INTEROP UNLOCK ACHIEVED!
Now time for a nice beeer
I'll put mediafire to work and upload the image I just did. Everyone who has an unlocked bootloader: after you flash this to the phone, DO A HARD RESET, otherwise it will get stucked on 'Installing Applications'12Hey everyone,
I was hoping to be able to crack Nokia's osbl, but time already run out and wasn't able to get it. So sorry, guys, but I had to return both Lumias. It's been a fun month, and at least I helped getting custom roms for at least some of you.
I'll be uploading here all the files I have on my computer so anyone can mirror them or use them for whatever you might need. If I can help you with something else (development related please) feel free to drop me a PM.
Once again big thank you to Ultrashot, Beidl, Xsacha, cdbase, ceesheim, HeathCliff & everyone that helped out with this. Now back to my (almost) forgotten Galaxy S2 & to try Boot 2 Gecko and see what progress has been done since the last time I checked8Btw, here is my DppImplant app.
Implants DPP partition with your stock Live Id to a custom rom.
Usage:
1) Put backup of the biggest partition to the folder with DppImplant.exe and call it "stock.nb"
2) Put "os-new.nb" there - target firmware in which you want to see your old Live Id.
3) Open DppImplant.exe. It will extract DPP from stock.nb and create mydpp.bin file. (After that you won't really need to have stock.nb in that folder).
"os-new.nb" will be patched.
4) Done.
P.S. if you open DPP using Notepad or any hex editor, you'll see saved Live Id.6Ok L710 fully unlocked
Those 2 parts are wrong. I used to narod.ru
---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
http://www.youtube.com/watch?v=-rQbFp7yasc
CAN WE KEEP THIS FOR DEVELOPMENT ONLY PLEEEEEEEEEEEEEASSSEEEEE?
Gift from our friends at Qualcomm:
Full AMSS firmware + Secboot Sources (Qualcomm loader)! Grab it while it's hot!
http://www.mediafire.com/?ir2h15f663ja6wc
