DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800

Search This thread

biktor_gj

Senior Member
Jan 25, 2008
1,408
7,008
UPDATE: First custom rom with Interop Unlock flashed succesfully. Requires hard reset after installing and an unlocked bootloader. See post for proof:
http://xdaforums.com/showpost.php?p=24818275&postcount=242
BIG THANK YOU TO ULTRASHOT!
Without you I couldn't have done it!
NOTICE: Testing full unlock (XIP unlock etc) with ultrashot. Will post new files as soon as I get a working build which doesn't get stucked on boot ;)

Disclaimer:
I AM NOT RESPONSIBLE IF YOU LOOSE DATA, BREAK YOUR PHONE, OR SET YOUR HOUSE ON FIRE. DO THIS AT YOUR OWN RISK. BTW, REQUIRES A HARD RESET SO YOU WILL LOOSE ALL THE DATA IN YOUR PHONE BY FLASHING THIS. IF UNSURE, DON'T DO IT.
PLEASE STOP PM'ING ME FOR HELP, I CAN'T REPLY 20 PMS/HR. Please use the forum, maybe someone can create a discussion topic to help others and leave this for links and development. Thank you very much!

PLEASE STOP SENDING ME PMS ASKING FOR HELP AND USE THE DEDICATED THREAD
THIS THREAD IS FOR DEVELOPMENT ONLY, PLEASE RESPECT THAT AND USE THE Q&A THREAD FOR YOUR QUESTIONS.
LINKS:
Lumia 800: Full Unlock
New firmware: May 16, 2012 (removed foursquare and stuff)
sdb3.rar: Flash it to PARTITION #3. It contains 12070's amss & adsp. Not absolutely required but if you have an older version this should give you better battery life.
http://www.mediafire.com/?kwjladlgvq81rha
OS-NEW:
As always, flash it to PARTITION #9.
Part1: http://www.mediafire.com/?21by2oj7acnhkhw
Part2: http://www.mediafire.com/?wkeduvp9l4199qh
Part3: http://www.mediafire.com/?cnbkms40dy4y06z
Part4: http://www.mediafire.com/?rabunpmnaqclq3o
Complete Mediafire folder access: http://www.mediafire.com/?uo2dqcl34b9cy
___________________
Alternate ROM with Full Unlock + Some apps:
Part1: http://www.mediafire.com/?8gnqm418v32im3e
Part2: http://www.mediafire.com/?bgtg2t5infrnua1
Part3: http://www.mediafire.com/?l0sl5hbr0v9gfi1
Part4: http://www.mediafire.com/?emt2dfswdhn0z0w
Apps preinstalled:
DS Supertool
File Deployer
Metro Theme
WebServer
WinTT
WM Device Center
WP7 Root Tool

___________________
Lumia 710: Interop Unlock (no full unlock yet)
ROM Based on: RM803_059N2L6_1600.3015.8107.12070_010
Mediafire folder access: http://www.mediafire.com/?9z6og65ozgrnr
http://www.mediafire.com/download.php?d3bj3dkfbffbakn
http://www.mediafire.com/download.php?l35zjaebdrsm315
http://www.mediafire.com/download.php?ys5bapu8ubezybo
http://www.mediafire.com/download.php?tnadd4uuoxhatv3
CAUTION: I don't have a 710, so these images AREN'T TESTED. Use at your own risk. Be careful, people are reporting problems with this rom.
Full Unlock Image for Lumia 710 by lucifer3006 -BE CAREFUL, IT HAS BUGS, FOR TESTING PURPOSES ONLY- (thanks ultrashot & lucifer3006): http://www.mediafire.com/?p3318y5l19abb

You have a mirror of all the stuff on mediafire on xdafil.es: http://xdafil.es
Thank you mousey_!

PLEASE DO A FULL BACKUP OF THE NAND BEFORE PLAYING AROUND.
If you are developing fixes for the bootloader 'problem', feel free to grab a copy of the rest of partitions and stuff I posted over this thread here: http://www.mediafire.com/?kknt4lnc3tn7w


INSTRUCTIONS:
Requires an unlocked bootloader (a.k.a. qualcomm development bootloader).
Easy to check: Turn the phone OFF, then press and hold VOLUME UP + POWER until you notice a short vibration. Plug in to the computer. If the phone turns up in disk mode (USB Mass Storage Device), then you have an unlocked bootloader. IF you're in Windows, it will ask if you want to format the disk. SAY NO OR IT WILL EXPLODE (it won't explode but you might break it)
If the device detected by the computer is Nokia DLOAD you have a locked bootloader and you're out of luck, at least for now.

I used 'dd' in Linux, I guess you can do it with Windows version too (http://www.chrysocome.net/dd) but it's more involved to find the appropiate partition:
dd if=./os-new.nb of=/dev/sdX9
Where X is the disk detected by your linux distribution.
After that, you'll need to hard reset the phone. Hold Power button for 10 seconds to exit Qualcomm's disk mode, and press and hold POWER+VOLUMEDOWN+CAMERA until you feel the phone vibrate. After that, RELEASE power button but KEEP HOLDING volume down + camera for five or more seconds. This will trigger the hard reset.

Now time to play with bootloaders and try to get this to work for everyone!

If you like my work and want to donate for a beer (or two), follow this link
 
Last edited:

xsacha

Senior Member
Sep 18, 2008
327
230
Can't reproduce here.
I press both volume buttons and power and I get 'Nokia DLOAD'.

If I stop holding volume buttons, it boots WP7.

The method you've described is how I do dead-mode flash. I don't see why it would show a USB disk.
 
Last edited:
  • Like
Reactions: sebastianrojas27

surya467

Senior Member
awesome work mate!! having a look right now!

seems NAND cant be accessed directly form windows PC! strange! need to check more..

im getting usb input on device manager...but no drivers install!

so looks like i need the drivers.


no drivers found...now i need to goto linux.
 
Last edited:

biktor_gj

Senior Member
Jan 25, 2008
1,408
7,008
Can't reproduce here.
I press both volume buttons and power and I get 'Nokia DLOAD'.

If I stop holding volume buttons, it boots WP7.

The method you've described is how I do dead-mode flash. I don't see why it would show a USB disk.

The only other thing I did was change usb mode from Zune to Serial on diagnostics app, and tap a bit on the 4 serial ports it shows when in serial mode, but I tried and for me it still works even in zune mode.

Also, what I have is a retail phone, not a development one.. just in case:
OS version: 7.10.7720.68
Firmware rev: 1600.2475.7720.11414
SoC version: 0.74.2.1
Bootloader version: 7.35.0.0

What do you have in your phone?

Sent from my GT-I9100 using XDA
 

xsacha

Senior Member
Sep 18, 2008
327
230
The only other thing I did was change usb mode from Zune to Serial on diagnostics app, and tap a bit on the 4 serial ports it shows when in serial mode, but I tried and for me it still works even in zune mode.

Also, what I have is a retail phone, not a development one.. just in case:
OS version: 7.10.7720.68
Firmware rev: 1600.2475.7720.11414
SoC version: 0.74.2.1
Bootloader version: 7.35.0.0

What do you have in your phone?

Sent from my GT-I9100 using XDA

OS version: 7.10.8107.79
Firmware rev: 1600.2483.8107.11501
SoC version: 0.74.2.1
Bootloader version: 7.35.0.0

I'm in Zune mode. I'll try this serial mode. Edit: Serial is same. I just get 'Nokia USB connectivity' instead (in Windows). Shows nothing on Linux.
 
Last edited:
  • Like
Reactions: sebastianrojas27

beidl

Senior Member
Apr 30, 2009
467
217
Vienna
fredl.me
Great discovery, works great on my Lumia 710 (tried it with Ubuntu 11.10).
OS version: 7.10.8107.79
Firmware version: 1600.3015.8107.12070
Bootloader version: 7.33.0.0
 

biktor_gj

Senior Member
Jan 25, 2008
1,408
7,008
Okay, I kept digging a little deeper, and this is what I know so far (if you want copies of dumps, files etc, just ask for them :))

First of all... Thank you Nokia!

LUMIA 800 FLASH FILE SYSTEM LAYOUT:

Partition Begin End Blocks ID
/dev/sdb1 * 1 1000 500 4d Initial Bootloader - SECBOOT

/dev/sdb2 1001 4000 1500 46 Second stage loader? - OSBL, also looks like it has the download mode and seems to init LCD, enable USB etc.

/dev/sdb3 4001 304000 150000 c W95 FAT32 (LBA) - Writable partition with EMMCBOOT, AMSS etc.
EMMCBoot is responsible for loading Windows Kernel (nk.exe). I got a copy of Samsung Galaxy i9001's emmcboot.mbn, and putted it in there. It tries to start, but seems to crash (expected). But hey! it tries to boot it (it even vibrates for 1/10 of a second), so getting something else (did anyone say...android?)running on this phone should be easier than in lots of other phones... Does anyone have u-boot ports for Qualcomm 8255?

/dev/sdb4 304001 31037579 15366789+ 5 Extended partition which holds the OS
/dev/sdb5 304006 304133 64 ef EFI (FAT-12/16/32) - Linux detects it as an EFI partition, but it's just 64Kb size, and seems to have some markers, not sure yet what it is, but could be anything from IMEI and simlock to an actual efi partiton for WinCE...
EDIT AGAIN: this partition contains phone serial number and product code, and possibly imei and simlock. For sure its not an efi partition :p

/dev/sdb6 304134 310277 3072 58 3Mb size
/dev/sdb7 393216 399359 3072 4a 3Mb size
/dev/sdb8 399360 405503 3072 4b 3Mb size
These three partitions have similar start and end data on their partitions, no idea what they are, since I haven't been able to see if it's even a file system. All the documentation I see seems to tell Windows Mobile uses exFAT for the filesystem, but can't seem to find its header anywhere on the flash... still looking. It could even be where WinMo stores application installers for first boot on the device (but could be perfectly wrong)

All of them start with the following header (hex):
7D 8D 27 82 D7 40 F8 90 53 22 82 43 6D EC 6F 69 49

/dev/sdb9 524288 31156362 15316037+ 48
This las partition is 15Gb size, and contains all the Operating System and all the data on the phone.

Anyone know about how does Windows Phone manage filesystems on NAND? Some help would be really appreciated...

EDIT: A little bit more... The file system for the 15Gb partition has _wmstore header, still incompatible with some kitchens, but still looking...
Here's part of the header:
_wmstore
!zLH?k
_wmpart_B
_wmpart_S
_wmpart_S
_wmpart_N
_wmpart_U
_wmpart_D
_wmpart_I
_wmpart_P
_wmpart_U
PSBdX
GFCB
SRPX

Once we can mount this thing and inject some files we'll have interop unlock :)
 
Last edited:

biktor_gj

Senior Member
Jan 25, 2008
1,408
7,008
You can dump and write back whatever you want to the flash, so if anyone finds some application to read wmstore dumps and build them back I can check it...

tl;dr: you can do custom roms and whatever you want with it,but need some app to manage it first

Sent from my GT-I9100 using XDA
 

surya467

Senior Member
this is awesome! +1 for u for this!! i am gonna install ubuntu in next 2 hrs and downgrde my lumia...since im on updated, it doesnt have options fro zune serial modes! :///

crap wer da hell was linux!! :p hahah


anyways...keep it up..hope to see this baby rock!
 

ombadboy

Senior Member
Oct 11, 2008
318
31
London
this is awesome! +1 for u for this!! i am gonna install ubuntu in next 2 hrs and downgrde my lumia...since im on updated, it doesnt have options fro zune serial modes! :///

crap wer da hell was linux!! :p hahah


anyways...keep it up..hope to see this baby rock!

Apparently there's no need to downgrade. beidl said he managed to get it working using 12070 firmware
 

biktor_gj

Senior Member
Jan 25, 2008
1,408
7,008
but on lumia 710 man on lumia 800 diagnostic app is updated on those firmware and is lack of serial mode

It seems it has more to do with firmware version than Serial/Zune menu availability on Diagnostics app. I haven't updated my Lumia, so I can't know for sure. Try powering down the phone and holding vol+, vol- & power. If windows detects a USB disk and tells you it's not formatted, it probably works for you (you can check it by going to Control Panel -> Administrative tools -> Computer Management -> Disk Management)

AGAIN, BE CAREFUL, YOU CAN BRICK YOUR PHONE.
 
  • Like
Reactions: Briefcase

Top Liked Posts

  • There are no posts matching your filters.
  • 81
    UPDATE: First custom rom with Interop Unlock flashed succesfully. Requires hard reset after installing and an unlocked bootloader. See post for proof:
    http://xdaforums.com/showpost.php?p=24818275&postcount=242
    BIG THANK YOU TO ULTRASHOT!
    Without you I couldn't have done it!
    NOTICE: Testing full unlock (XIP unlock etc) with ultrashot. Will post new files as soon as I get a working build which doesn't get stucked on boot ;)

    Disclaimer:
    I AM NOT RESPONSIBLE IF YOU LOOSE DATA, BREAK YOUR PHONE, OR SET YOUR HOUSE ON FIRE. DO THIS AT YOUR OWN RISK. BTW, REQUIRES A HARD RESET SO YOU WILL LOOSE ALL THE DATA IN YOUR PHONE BY FLASHING THIS. IF UNSURE, DON'T DO IT.
    PLEASE STOP PM'ING ME FOR HELP, I CAN'T REPLY 20 PMS/HR. Please use the forum, maybe someone can create a discussion topic to help others and leave this for links and development. Thank you very much!

    PLEASE STOP SENDING ME PMS ASKING FOR HELP AND USE THE DEDICATED THREAD
    THIS THREAD IS FOR DEVELOPMENT ONLY, PLEASE RESPECT THAT AND USE THE Q&A THREAD FOR YOUR QUESTIONS.
    LINKS:
    Lumia 800: Full Unlock
    New firmware: May 16, 2012 (removed foursquare and stuff)
    sdb3.rar: Flash it to PARTITION #3. It contains 12070's amss & adsp. Not absolutely required but if you have an older version this should give you better battery life.
    http://www.mediafire.com/?kwjladlgvq81rha
    OS-NEW:
    As always, flash it to PARTITION #9.
    Part1: http://www.mediafire.com/?21by2oj7acnhkhw
    Part2: http://www.mediafire.com/?wkeduvp9l4199qh
    Part3: http://www.mediafire.com/?cnbkms40dy4y06z
    Part4: http://www.mediafire.com/?rabunpmnaqclq3o
    Complete Mediafire folder access: http://www.mediafire.com/?uo2dqcl34b9cy
    ___________________
    Alternate ROM with Full Unlock + Some apps:
    Part1: http://www.mediafire.com/?8gnqm418v32im3e
    Part2: http://www.mediafire.com/?bgtg2t5infrnua1
    Part3: http://www.mediafire.com/?l0sl5hbr0v9gfi1
    Part4: http://www.mediafire.com/?emt2dfswdhn0z0w
    Apps preinstalled:
    DS Supertool
    File Deployer
    Metro Theme
    WebServer
    WinTT
    WM Device Center
    WP7 Root Tool

    ___________________
    Lumia 710: Interop Unlock (no full unlock yet)
    ROM Based on: RM803_059N2L6_1600.3015.8107.12070_010
    Mediafire folder access: http://www.mediafire.com/?9z6og65ozgrnr
    http://www.mediafire.com/download.php?d3bj3dkfbffbakn
    http://www.mediafire.com/download.php?l35zjaebdrsm315
    http://www.mediafire.com/download.php?ys5bapu8ubezybo
    http://www.mediafire.com/download.php?tnadd4uuoxhatv3
    CAUTION: I don't have a 710, so these images AREN'T TESTED. Use at your own risk. Be careful, people are reporting problems with this rom.
    Full Unlock Image for Lumia 710 by lucifer3006 -BE CAREFUL, IT HAS BUGS, FOR TESTING PURPOSES ONLY- (thanks ultrashot & lucifer3006): http://www.mediafire.com/?p3318y5l19abb

    You have a mirror of all the stuff on mediafire on xdafil.es: http://xdafil.es
    Thank you mousey_!

    PLEASE DO A FULL BACKUP OF THE NAND BEFORE PLAYING AROUND.
    If you are developing fixes for the bootloader 'problem', feel free to grab a copy of the rest of partitions and stuff I posted over this thread here: http://www.mediafire.com/?kknt4lnc3tn7w


    INSTRUCTIONS:
    Requires an unlocked bootloader (a.k.a. qualcomm development bootloader).
    Easy to check: Turn the phone OFF, then press and hold VOLUME UP + POWER until you notice a short vibration. Plug in to the computer. If the phone turns up in disk mode (USB Mass Storage Device), then you have an unlocked bootloader. IF you're in Windows, it will ask if you want to format the disk. SAY NO OR IT WILL EXPLODE (it won't explode but you might break it)
    If the device detected by the computer is Nokia DLOAD you have a locked bootloader and you're out of luck, at least for now.

    I used 'dd' in Linux, I guess you can do it with Windows version too (http://www.chrysocome.net/dd) but it's more involved to find the appropiate partition:
    dd if=./os-new.nb of=/dev/sdX9
    Where X is the disk detected by your linux distribution.
    After that, you'll need to hard reset the phone. Hold Power button for 10 seconds to exit Qualcomm's disk mode, and press and hold POWER+VOLUMEDOWN+CAMERA until you feel the phone vibrate. After that, RELEASE power button but KEEP HOLDING volume down + camera for five or more seconds. This will trigger the hard reset.

    Now time to play with bootloaders and try to get this to work for everyone!

    If you like my work and want to donate for a beer (or two), follow this link
    22
    I'd suggest renaming on of the colors. Would be great if it was possible to interop the phone without losing data.

    Well, you can always make a backup and then restore via zune. The thing is the dumped OS is about 600Mb, the generated image is 378Mb. I don't know how it will reside on the flash, you could always check where the flash starts to get filled with zeros and clean it up before the first boot... If they had done it right and separated user data from the main OS we wouldn't have this problem...

    INTEROP UNLOCK ACHIEVED!

    Now time for a nice beeer ;)
    I'll put mediafire to work and upload the image I just did. Everyone who has an unlocked bootloader: after you flash this to the phone, DO A HARD RESET, otherwise it will get stucked on 'Installing Applications'
    12
    Hey everyone,

    I was hoping to be able to crack Nokia's osbl, but time already run out and wasn't able to get it. So sorry, guys, but I had to return both Lumias. It's been a fun month, and at least I helped getting custom roms for at least some of you.

    I'll be uploading here all the files I have on my computer so anyone can mirror them or use them for whatever you might need. If I can help you with something else (development related please) feel free to drop me a PM.

    Once again big thank you to Ultrashot, Beidl, Xsacha, cdbase, ceesheim, HeathCliff & everyone that helped out with this. Now back to my (almost) forgotten Galaxy S2 & to try Boot 2 Gecko and see what progress has been done since the last time I checked :)
    8
    Btw, here is my DppImplant app.
    Implants DPP partition with your stock Live Id to a custom rom.
    Usage:
    1) Put backup of the biggest partition to the folder with DppImplant.exe and call it "stock.nb"
    2) Put "os-new.nb" there - target firmware in which you want to see your old Live Id.
    3) Open DppImplant.exe. It will extract DPP from stock.nb and create mydpp.bin file. (After that you won't really need to have stock.nb in that folder).
    "os-new.nb" will be patched.
    4) Done.

    P.S. if you open DPP using Notepad or any hex editor, you'll see saved Live Id.
    6
    Ok L710 fully unlocked :)
    Those 2 parts are wrong. I used to narod.ru

    ---------- Post added at 07:29 PM ---------- Previous post was at 06:40 PM ----------
    http://www.youtube.com/watch?v=-rQbFp7yasc


    CAN WE KEEP THIS FOR DEVELOPMENT ONLY PLEEEEEEEEEEEEEASSSEEEEE?

    Gift from our friends at Qualcomm:

    Full AMSS firmware + Secboot Sources (Qualcomm loader)! Grab it while it's hot!

    http://www.mediafire.com/?ir2h15f663ja6wc