DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800

Search This thread

Jaxbot

Inactive Recognized Developer
Mar 14, 2009
1,224
548
windowsphonehacker.com
Just so people know, none of the OperatingModes give me Qualcomm, which is expected. I either get it as a Windows Phone, or as either PID_05EE or PID_05ED. WinDIAG doesn't do anything useful, aside from making it impossible to communicate using the tools we have. Probably meant for, well, diagnostics tools.
 
  • Like
Reactions: Briefcase

faenil

Member
Aug 18, 2008
37
14
Pisa
Hmmm on my Lumia I get no usb device on Ubuntu 12.04..

I hear a short vibration, plug the usb, the screen stays black and nothing happens on ubuntu (no new devices on /dev either)

after 30 seconds a long vibration, and after 30 more seconds a second long vibration, and WP boots
 

cdbase

Senior Member
Aug 24, 2009
74
11
maybe it's time to look into cab update files also I would not be so sure that it doesen't mess with osbl, maybe there we can find
something useful im starting research.
Second thing is that qualcomm mode was brought with first phones which had
11414 max for 2.3 hw while on 2.4 hw we have 11501 as the lowest firmware
so our osbl got updated (2.4) while in factory :/
and for those with 2.3 who can't manage this to work
so what we can see is that in osbl updated firmwares
we can find an updated file while in lower ones there is no such file
this means they locked the feature cuz older osbl was already
on teh phone and thats why it's not there,
but there must be a way to GET BACK TO FUTURE :D ,I ONCE AGAIN AM ASKING IF SOMEONE WITH WORKING qualcomm can Please make a restore point and upload it .thanks
 

Jaxbot

Inactive Recognized Developer
Mar 14, 2009
1,224
548
windowsphonehacker.com
maybe it's time to look into cab update files also I would not be so sure that it doesen't mess with osbl, maybe there we can find
something useful im starting research.
Second thing is that qualcomm mode was brought with first phones which had
11414 max for 2.3 hw while on 2.4 hw we have 11501 as the lowest firmware
so our osbl got updated (2.4) while in factory :/
and for those with 2.3 who can't manage this to work
so what we can see is that in osbl updated firmwares
we can find an updated file while in lower ones there is no such file
this means they locked the feature cuz older osbl was already
on teh phone and thats why it's not there,
but there must be a way to GET BACK TO FUTURE :D ,I ONCE AGAIN AM ASKING IF SOMEONE WITH WORKING qualcomm can Please make a restore point and upload it .thanks

Windows Phone hacking 101: You can't restore another device's backup.
 

ombadboy

Senior Member
Oct 11, 2008
318
31
London
maybe it's time to look into cab update files also I would not be so sure that it doesen't mess with osbl, maybe there we can find
something useful im starting research.
Second thing is that qualcomm mode was brought with first phones which had
11414 max for 2.3 hw while on 2.4 hw we have 11501 as the lowest firmware
so our osbl got updated (2.4) while in factory :/
and for those with 2.3 who can't manage this to work
so what we can see is that in osbl updated firmwares
we can find an updated file while in lower ones there is no such file
this means they locked the feature cuz older osbl was already
on teh phone and thats why it's not there,
but there must be a way to GET BACK TO FUTURE :D ,I ONCE AGAIN AM ASKING IF SOMEONE WITH WORKING qualcomm can Please make a restore point and upload it .thanks

I thought that this would not work.. ANyway am up for creating a restore point IF there is a way to remove personal info!
 

faenil

Member
Aug 18, 2008
37
14
Pisa
Thats probably Nokia DLOAD...try running lsusb from the terninal...

Sent from my GT-I9100 using XDA

after short vibration I get:
Bus 002 Device 013: ID 0421:05ee Nokia Mobile Phones

after 30secs, there's a long vibration, and it turns to:
Bus 002 Device 014: ID 045e:041e Microsoft Corp.

after 30secs, there's a long vibration, and it turns to:
Bus 002 Device 015: ID 045e:04ec Microsoft Corp. Windows Phone (Zune)

and WP boots...

HW rev 2.3, fw12070 updated (once) via Zune
 

cdbase

Senior Member
Aug 24, 2009
74
11
sorry I was mistaken after one more pipe I thought that only rename zip method is
needed. :p
 
Last edited:

donpromillo

Senior Member
Nov 26, 2011
74
16
This is all true, but again, you can't use another device's backup.
Just an idea: In the zune backup folder C:\Users\xxxx\AppData\Local\Microsoft\Windows Phone Update\0096b358 - cf04f399 - xxxxxxxx - xxxxxxxx\Properties is a file named properties.xml and it contains a pointer to a certificate in users private certification store. My guess is, that this cert is used to crypt the backup. Unfortunatly, this certs private key is marked as not exportable, so you can't directly send this cert to try a restore on other pc with this reimported cert. But perhaps this cert can be moved with the user-migration-wizard in windows , which moves the complete userprofile and so the complete certification store too.
I'd try this, but haven't a second phone to restore the backup.

regards

donpromillo

Edit: The export of the certs private key is possible with this tool: jailbreak. I now have this cert and can restore it on every pc. But ever not yet a second phone :-(
 
Last edited:

speculumrotae

Member
Jul 1, 2007
7
1
I have debranded my lumia 800 with ncs, I´ve downgraded too, before the process I had branded 12070 orange 2.4 hw with Dload.
After the process 11501 debranded spanish with Dload too.

Perhaps 2.4 hw it´s the problem, new phones come with new loader. Phone is two weeks old.

Im not sure if Ncs changes the loader anyway.
 

xsacha

Senior Member
Sep 18, 2008
327
230
There's about 100 posts in here asking why it isn't working for them and describing what happens when they try it. No need, I already showed why this happens several pages back.


This will not work if:
* Your device came with 11500 or higher firmware (eg. most 2.4 hw).
OR
* You flashed 11500 or higher firmware (flashed means via NCS).

This is because both of these overwrite the Qualcomm bootloader with the Nokia DLOAD one. The only way to get back to the Qualcomm one is to flash it but we don't know how to flash it yet.

Also, backups won't help us at all because they do not include bootloader.

End of Story.
 
Last edited:

ap3rus

Senior Member
May 8, 2010
109
10
Saint-Petersburg
There's about 100 posts in here asking why it isn't working for them and describing what happens when they try it. No need, I already showed why this happens several pages back.


This will not work if:
* Your device came with 11500 or higher firmware (eg. most 2.4 hw).
OR
* You flashed 11500 or higher firmware (flashed means via NCS).

This is because both of these overwrite the Qualcomm bootloader with the Nokia DLOAD one. The only way to get back to the Qualcomm one is to flash it but we don't know how to flash it yet.

Also, backups won't help us at all because they do not include bootloader.

End of Story.

I believe everything is not so tragically straightforward, we just need to keep search.
 

xsacha

Senior Member
Sep 18, 2008
327
230
I believe everything is not so tragically straightforward, we just need to keep search.

Which part are you confused about?

You need to flash the qualcomm_osbl.mbn on to your device somehow and then you will have the Qualcomm bootloader (ala 'disk mode').
It's not some magic here, it's quite straightforward. I've opened the bootloaders in hex editor and know what I'm talking about :). Everything you see being done is quite blatant in the bootloader but not in the nokia_osbl.mbn which overwrites it.
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 81
    UPDATE: First custom rom with Interop Unlock flashed succesfully. Requires hard reset after installing and an unlocked bootloader. See post for proof:
    http://xdaforums.com/showpost.php?p=24818275&postcount=242
    BIG THANK YOU TO ULTRASHOT!
    Without you I couldn't have done it!
    NOTICE: Testing full unlock (XIP unlock etc) with ultrashot. Will post new files as soon as I get a working build which doesn't get stucked on boot ;)

    Disclaimer:
    I AM NOT RESPONSIBLE IF YOU LOOSE DATA, BREAK YOUR PHONE, OR SET YOUR HOUSE ON FIRE. DO THIS AT YOUR OWN RISK. BTW, REQUIRES A HARD RESET SO YOU WILL LOOSE ALL THE DATA IN YOUR PHONE BY FLASHING THIS. IF UNSURE, DON'T DO IT.
    PLEASE STOP PM'ING ME FOR HELP, I CAN'T REPLY 20 PMS/HR. Please use the forum, maybe someone can create a discussion topic to help others and leave this for links and development. Thank you very much!

    PLEASE STOP SENDING ME PMS ASKING FOR HELP AND USE THE DEDICATED THREAD
    THIS THREAD IS FOR DEVELOPMENT ONLY, PLEASE RESPECT THAT AND USE THE Q&A THREAD FOR YOUR QUESTIONS.
    LINKS:
    Lumia 800: Full Unlock
    New firmware: May 16, 2012 (removed foursquare and stuff)
    sdb3.rar: Flash it to PARTITION #3. It contains 12070's amss & adsp. Not absolutely required but if you have an older version this should give you better battery life.
    http://www.mediafire.com/?kwjladlgvq81rha
    OS-NEW:
    As always, flash it to PARTITION #9.
    Part1: http://www.mediafire.com/?21by2oj7acnhkhw
    Part2: http://www.mediafire.com/?wkeduvp9l4199qh
    Part3: http://www.mediafire.com/?cnbkms40dy4y06z
    Part4: http://www.mediafire.com/?rabunpmnaqclq3o
    Complete Mediafire folder access: http://www.mediafire.com/?uo2dqcl34b9cy
    ___________________
    Alternate ROM with Full Unlock + Some apps:
    Part1: http://www.mediafire.com/?8gnqm418v32im3e
    Part2: http://www.mediafire.com/?bgtg2t5infrnua1
    Part3: http://www.mediafire.com/?l0sl5hbr0v9gfi1
    Part4: http://www.mediafire.com/?emt2dfswdhn0z0w
    Apps preinstalled:
    DS Supertool
    File Deployer
    Metro Theme
    WebServer
    WinTT
    WM Device Center
    WP7 Root Tool

    ___________________
    Lumia 710: Interop Unlock (no full unlock yet)
    ROM Based on: RM803_059N2L6_1600.3015.8107.12070_010
    Mediafire folder access: http://www.mediafire.com/?9z6og65ozgrnr
    http://www.mediafire.com/download.php?d3bj3dkfbffbakn
    http://www.mediafire.com/download.php?l35zjaebdrsm315
    http://www.mediafire.com/download.php?ys5bapu8ubezybo
    http://www.mediafire.com/download.php?tnadd4uuoxhatv3
    CAUTION: I don't have a 710, so these images AREN'T TESTED. Use at your own risk. Be careful, people are reporting problems with this rom.
    Full Unlock Image for Lumia 710 by lucifer3006 -BE CAREFUL, IT HAS BUGS, FOR TESTING PURPOSES ONLY- (thanks ultrashot & lucifer3006): http://www.mediafire.com/?p3318y5l19abb

    You have a mirror of all the stuff on mediafire on xdafil.es: http://xdafil.es
    Thank you mousey_!

    PLEASE DO A FULL BACKUP OF THE NAND BEFORE PLAYING AROUND.
    If you are developing fixes for the bootloader 'problem', feel free to grab a copy of the rest of partitions and stuff I posted over this thread here: http://www.mediafire.com/?kknt4lnc3tn7w


    INSTRUCTIONS:
    Requires an unlocked bootloader (a.k.a. qualcomm development bootloader).
    Easy to check: Turn the phone OFF, then press and hold VOLUME UP + POWER until you notice a short vibration. Plug in to the computer. If the phone turns up in disk mode (USB Mass Storage Device), then you have an unlocked bootloader. IF you're in Windows, it will ask if you want to format the disk. SAY NO OR IT WILL EXPLODE (it won't explode but you might break it)
    If the device detected by the computer is Nokia DLOAD you have a locked bootloader and you're out of luck, at least for now.

    I used 'dd' in Linux, I guess you can do it with Windows version too (http://www.chrysocome.net/dd) but it's more involved to find the appropiate partition:
    dd if=./os-new.nb of=/dev/sdX9
    Where X is the disk detected by your linux distribution.
    After that, you'll need to hard reset the phone. Hold Power button for 10 seconds to exit Qualcomm's disk mode, and press and hold POWER+VOLUMEDOWN+CAMERA until you feel the phone vibrate. After that, RELEASE power button but KEEP HOLDING volume down + camera for five or more seconds. This will trigger the hard reset.

    Now time to play with bootloaders and try to get this to work for everyone!

    If you like my work and want to donate for a beer (or two), follow this link
    22
    I'd suggest renaming on of the colors. Would be great if it was possible to interop the phone without losing data.

    Well, you can always make a backup and then restore via zune. The thing is the dumped OS is about 600Mb, the generated image is 378Mb. I don't know how it will reside on the flash, you could always check where the flash starts to get filled with zeros and clean it up before the first boot... If they had done it right and separated user data from the main OS we wouldn't have this problem...

    INTEROP UNLOCK ACHIEVED!

    Now time for a nice beeer ;)
    I'll put mediafire to work and upload the image I just did. Everyone who has an unlocked bootloader: after you flash this to the phone, DO A HARD RESET, otherwise it will get stucked on 'Installing Applications'
    12
    Hey everyone,

    I was hoping to be able to crack Nokia's osbl, but time already run out and wasn't able to get it. So sorry, guys, but I had to return both Lumias. It's been a fun month, and at least I helped getting custom roms for at least some of you.

    I'll be uploading here all the files I have on my computer so anyone can mirror them or use them for whatever you might need. If I can help you with something else (development related please) feel free to drop me a PM.

    Once again big thank you to Ultrashot, Beidl, Xsacha, cdbase, ceesheim, HeathCliff & everyone that helped out with this. Now back to my (almost) forgotten Galaxy S2 & to try Boot 2 Gecko and see what progress has been done since the last time I checked :)
    8
    Btw, here is my DppImplant app.
    Implants DPP partition with your stock Live Id to a custom rom.
    Usage:
    1) Put backup of the biggest partition to the folder with DppImplant.exe and call it "stock.nb"
    2) Put "os-new.nb" there - target firmware in which you want to see your old Live Id.
    3) Open DppImplant.exe. It will extract DPP from stock.nb and create mydpp.bin file. (After that you won't really need to have stock.nb in that folder).
    "os-new.nb" will be patched.
    4) Done.

    P.S. if you open DPP using Notepad or any hex editor, you'll see saved Live Id.
    6
    Ok L710 fully unlocked :)
    Those 2 parts are wrong. I used to narod.ru

    ---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
    http://www.youtube.com/watch?v=-rQbFp7yasc


    CAN WE KEEP THIS FOR DEVELOPMENT ONLY PLEEEEEEEEEEEEEASSSEEEEE?

    Gift from our friends at Qualcomm:

    Full AMSS firmware + Secboot Sources (Qualcomm loader)! Grab it while it's hot!

    http://www.mediafire.com/?ir2h15f663ja6wc