[REF] How to unlock SGS 4G or Vibrant 4G (IMEI Problems fixed)[Updated 11-19-11]

Search This thread

badb4lyfe

Senior Member
Dec 28, 2009
104
11
so i'm using hex editor app on phone... and i can't find address 1469... i have 1468 and 1470... any ideas?

Edit: i'm assuming its 1468 on mine cause it looks close but i may be wrong .... :/.... dont wanna jack my phone up lol
 
Last edited:

dagentooboy

Senior Member
Feb 16, 2008
544
156
Kansas
so i'm using hex editor app on phone... and i can't find address 1469... i have 1468 and 1470... any ideas?

Edit: i'm assuming its 1468 on mine cause it looks close but i may be wrong .... :/.... dont wanna jack my phone up lol

As long as you are changing the 01 after several blocks of FF you should be fine.
 

niraviry

Member
Dec 22, 2006
21
3
I just got a band new SGS 4G dated MAy 2011.
I used the method of using address 1469.
After the FF 01 00 00 00 00 there is an 8 digit number.

This is simplly the unlock key. For me no need to re-flash the file.

Nir
 
  • Like
Reactions: atb1183

cannondale0815

Senior Member
Apr 21, 2009
603
222
Sorry to the OP, but this tool is dangerous, as it is altering your nv_data.bin file and, in some reported cases, results in your phone being unusable after. You should use this method instead, which gives you the proper unlock code an doesn't require you to tamper with the all-important nv_data.bin file.

http://xdaforums.com/showthread.php?t=980157
 

dagentooboy

Senior Member
Feb 16, 2008
544
156
Kansas
Sorry to the OP, but this tool is dangerous, as it is altering your nv_data.bin file and, in some reported cases, results in your phone being unusable after. You should use this method instead, which gives you the proper unlock code an doesn't require you to tamper with the all-important nv_data.bin file.

http://xdaforums.com/showthread.php?t=980157

I wouldn't consider it dangerous... we are simply changing 1 bit in the file and putting it back AND the app and guide both tell you to make a backup first. I will check this out and add instructions for using the code to the first post. The thing to be aware of is that since the Samsung Galaxy S series has been released about 50% of the phones will not successfully unlock with the code. So far the hex hack is far more reliable.
 

junkiee24

Senior Member
Jul 8, 2011
214
9
CA/HI
i dont see the nv_data.bin file in the systems..
it says file not found when i type in the commands "cat /efs/root/afs/settings/nv_data.bin >> /sdcard/nv_data.bin"

also it created a 0 byte file on my SD with the same name..
what to do?
 

junkiee24

Senior Member
Jul 8, 2011
214
9
CA/HI
su
ls /efs/
ls /efs/root/afs/settings/


Let me know what you see....

su
#
ls /efs/
nv_data.bin.md5
nv.log
nv_data.bin
imei
ls /efs/root/afs/settings/
ls /efs/root/afs/settings/: No such file or directory

what to do now? i used file expert to check the contents of the efs folder.. nothing in there.
 
Last edited:

dagentooboy

Senior Member
Feb 16, 2008
544
156
Kansas
su
#
ls /efs/
nv_data.bin.md5
nv.log
nv_data.bin
imei
ls /efs/root/afs/settings/
ls /efs/root/afs/settings/: No such file or directory

what to do now? i used file expert to check the contents of the efs folder.. nothing in there.

Hmmm this looks like the /efs/ folder from the original vibrant. You might want to check both addresses for the lock bits. if you don't see FF FF FF 01 00 00 at that address then don't change anything... also it looks like your phone has an .md5 file in the /efs/ folder so you will have to delete that after you unlock your nv_data.bin. You can email me your nv_data.bin and I can look for you if you want. Use the email in my donate link in my sig (no you don't need to donate I just try not to explicitly post my email online)
 
  • Like
Reactions: junkiee24

junkiee24

Senior Member
Jul 8, 2011
214
9
CA/HI
Hmmm this looks like the /efs/ folder from the original vibrant. You might want to check both addresses for the lock bits. if you don't see FF FF FF 01 00 00 at that address then don't change anything... also it looks like your phone has an .md5 file in the /efs/ folder so you will have to delete that after you unlock your nv_data.bin. You can email me your nv_data.bin and I can look for you if you want. Use the email in my donate link in my sig (no you don't need to donate I just try not to explicitly post my email online)

sent you the email with the nvdata file.. using HXD as my hex editor. What should the settings be 16 bytes per row, byte group size, chat set, offset base? right now the stock option is 16-ansi-hex (byte group size 1).

i copied the nvdata file to my SD using this, since my nv file was in the efs folder..

"cat /efs/nv_data.bin >> /sdcard/nv_data.bin"

so when i get the nvdata file edited.. and i reinstall do i change the folder to efs instead of setting like how i copied over the file?
su
rm /efs/root/afs/settings/nv_data.bin
cat /sdcard/nv_data.bin >> /efs/root/afs/settings/nv_data.bin
chmod 755 /efs/root/afs/settings/nv_data.bin
chown radio.radio /efs/root/afs/settings/nv_data.bin || chown 1001.1001 /efs/root/afs/settings/nv_data.bin
reboot
 
Last edited:

junkiee24

Senior Member
Jul 8, 2011
214
9
CA/HI
Hmmm this looks like the /efs/ folder from the original vibrant. You might want to check both addresses for the lock bits. if you don't see FF FF FF 01 00 00 at that address then don't change anything... also it looks like your phone has an .md5 file in the /efs/ folder so you will have to delete that after you unlock your nv_data.bin. You can email me your nv_data.bin and I can look for you if you want. Use the email in my donate link in my sig (no you don't need to donate I just try not to explicitly post my email online)

thanks for the help.. it worked like a charm!
 

GDofWR420

Senior Member
May 3, 2011
1,249
218
Works great. The first time I tried I was entering the code wrong. Thanks for this

Sent from my SGH-T959V using XDA Premium App
 

sgtmedeiros

Senior Member
Nov 26, 2009
674
79
31
Barrington, RI
When you have your galaxy 4g unlocked call att they will switch internet to non smartphone unlimited i have it its only 10 bucks a month for unlimited internet

Sent from my SGH-T959V using XDA App
 

rpgdev

Senior Member
Jul 31, 2011
591
86
For the record guys, I did not see this address on my hex editor: 0x181468 to find it I had to actually look for the hex code "FF 01 00 00 00 00 46 46" and it was scattered between the line 00181450 and 0018146D. I changed the 01 to 00 in 00181450 as the tutorial said and the sim was unlocked now I can move on to follow on to set the rest of the phone

The editor I used was ghex2 on ubuntu. The ROM was Andromeda3 (probably why it was different)...

Oh, and thanks for providing the manual method. The apps didn't work for me.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 12
    PLEASE KEEP POSTS ON TOPIC.

    This method works on my Vibrant 4G. Please email me if it doesn't work on your Vibrant 4G or SGS 4G.

    PRO App also works on Vibrant 4G/SGS 4G for anyone who doesn't feel comfortable with a hex editor

    Please note the same information used to develop the app is in the guide for free... the app just makes it easier

    ALL METHODS FOR NEWER PHONES REQUIRE ROOT... PLEASE GO GET ROOT ON YOUR PHONE AND THEN COME BACK.

    Oh and BTW... I cannot be held responsible for anything that happens to your phone.... EVER!


    Before you start... if you don't have root you WILL need it.

    tooter1 reports an alternate method. Please tell me if this works for you.

    BTW please note the importance of a BACKUP!!!!


    My UPDATE:

    I did just like the OP stated and, it messed up my IMEI number. Glad I had a backup of the file. :)

    So I went back into the HEX editor (I used HxD editor) and looked where I did the the change and noticed to the right side there were a series of numbers that started at row 41460 and ended on row 41470.

    It was an 8 digit series started with 75 ending in 13, something like this 75382313. I was sure it had something to do with the unlock code but, didn't have a different SIM to check.

    I sold the phone and, the guy said he had to get it unlocked so he could use it with O2 network (I think).

    I text him later that day to ask if he got the phone unlocked, he said no, the place wanted $45 to SIM unlock it.

    I told him to try the number listed above and it "SIM UNLOCKED" the phone. He called me back and thanked me many times for saving him $45.

    Hope this helps someone else and not mess with the IMEI number!!!!

    IMEI Restore Method
    All you need to do is restore your backup nv_data.bin and delete the md5. Even the unlocked file will work as long as you delete the .md5
    Code:
    su
    cp /sdcard/nv_data.bin /efs/root/afs/settings/nv_data.bin
    rm /efs/root/afs/settings/nv_data.bin.md5



    Step 1. - Retrieve nv_data.bin file
    Check locks... go to phone and enter *#7465625#

    use "adb shell" or a terminal emulator to get a terminal prompt and run the following commands
    Code:
    su
    cat /efs/root/afs/settings/nv_data.bin >> /sdcard/nv_data.bin

    Step 2. - Edit nv_data.bin file
    mount the internal SD Card on your computer
    make a backup copy of the nv_data.bin file on your computer
    using your favorite HEX editor open the nv_data.bin on the sdcard
    jump to address 0x1469

    you should see a string like this
    ff ff 01 00 00 00 00
    there are 5 different types of locks in 5 different bytes
    the FF bytes should be left alone
    the first byte after the FF is the network lock
    the next byte is the network subset lock
    the next byte is the sp lock
    the next byte is the cp lock
    the last byte appears to be a data lock.
    Change any 0x01 to 0x00 (or 0x00 to 0x01 to lock for warranty)
    save and close file
    unmount SD Card

    Step 3. - Replace nv_data.bin file
    I want to say it again so no one misses it MAKE SURE YOU HAVE A BACKUP OF YOUR NV_DATA.BIN FILE BEFORE YOU CONTINUE!!!!!

    use "adb shell" or a terminal emulator to get a terminal prompt and run the following commands
    Code:
    su
    rm /efs/root/afs/settings/nv_data.bin
    cat /sdcard/nv_data.bin >> /efs/root/afs/settings/nv_data.bin
    rm /efs/root/afs/settings/nv_data.bin.md5
    chmod 755 /efs/root/afs/settings/nv_data.bin
    chown radio.radio /efs/root/afs/settings/nv_data.bin || chown 1001.1001 /efs/root/afs/settings/nv_data.bin
    reboot
    your phone is now unlocked... enjoy :D

    [OPTIONAL] Use the PRO app [OPTIONAL]
    Please note that this step is ONLY here for people that are not comfortable using a Hex editor.
    Search "Vibrant unlock" in the market or scan the QR code:
    img.php


    Install and run app
    press menu
    press Unlock Phone
    Select phone
    allow root
    at this point if you get an error code make SURE you mount your internal SD card on your computer and backup the nv_data.bin.orig file that is there.
    press unlock
    restart and your phone is now unlocked

    to lock your phone for warranty
    press lock instead of unlock
    restart your phone, remove root, and take your phone in for warranty

    To restore your IMEI try this.....
    Code:
    su
    rm /efs/root/afs/settings/nv_data.bin
    busybox cp /sdcard/nv_data.bin.orig /efs/root/afs/settings/
    rm /efs/root/afs/settings/nv_data.bin.md5
    chmod 755 /efs/root/afs/settings/nv_data.bin
    chown radio.radio /efs/root/afs/settings/nv_data.bin || chown 1001.1001 /efs/root/afs/settings/nv_data.bin
    reboot

    LEGAL NOTES (because information should be free for all):
    YOU MAY NOT, BY ANY MEANS, USE THIS SOLUTION/CODE OR PART OF IT FOR COMMERCIAL PURPOSES.
    DO NOT USE THIS EXTRACTION METHOD COMMERCIALLY



    PLEASE give credit (and donations if you can) to everyone listed on the original thread here
    For those of you that have donated THANKS! (You know who you are...)
    2
    Your imei is blacklisted. The end.

    Sent from my SGH-M919 using xda premium
    2
    Hi guys. I'm stuck at: "rm /efs/root/afs/settings/nv_data.bin.md5" . I get "rm failed. No such file or directory." I didn't get any errors on the previous steps so I don't get it.

    Thanks

    why not just use fb's unlocker? http://xdaforums.com/showthread.php?t=1419468
    1
    Can anyone confirm if this device supports At&t 3g after being unlocked like the vibrant does? I know out didn't list the bands but neither did the vibrant...
    That would future proof this device for tmo customers as far as hspa is concerned.
    1
    pls someone should gv me thw unlock code for samsung sgh i897...pleeeeease

    54763114

    Just joking... this method only works for the vibrant or sgs4g