[HOW-TO] [CDMA] Backup your HA and AAA keys
Sometimes when you flash a new radio, or you mess around in QPST you can break your data. Whats behind the breakage you may ask? Its your AAA and HA shared secrets.
A little background information:
The HA key is what gets you 1x data on your carrier. This is carrier specific, however is NOT phone specific. This could be google'd if you really required it.
The AAA key:
This IS device specific, you cant google it. Its connected to your account, and the way to get it is not what some consider easy. This is what gets you EVDO speeds, with out it you are stuck on 1x. If you call your carrier they will not give it to you either.
Continuing on to more information...
We will need a few tools to backup the keys, some free some not.
Team BlueRidge Sense 2.1 (it contains proper apps for using DM PORT)
QPST (free find it online)
CDMA Workshop (the demo should be fine, you could also borrow it)
HTC DIAG drivers (Just google it and find the installation guide)
A hex editor
Now for the fun.... (If something seems too vague, google it)
First, we must get msl, use the app MSL Reader in the market.
Now, dial ##PORT# on the you will get a menu, hit enable, and then
go ahead and enter your MSL.
Now, lets open QPST, set up the phone, and go to EFS in the services tab of QPST
Now in EFS, make a folder called "open sesame door" without quotes all lower case in the root directory of the file system
reboot your phone
Now---- Open CDMA workshop and connect to the com port of your phone
Lets do memory read here, see where stuff is
Readable area from: 013D:0000
Unreadable area from: 01EA:0000
Readable area from: C000:0000
Process is stopped at: C0F1:0000
That says, we can read 013D:0000 and C000:0000 Ill save you time and tell you we need to dump 013D:0000 however (for all vm ive seen)
So now, lets go back to cdma workshop (should be there already) and choose to read Memory, make sure eeprom is not checked
Start address will be 013D:0000 (what i mentioned earlier)
This will scan the phone and dump everything into a .bin
Lets get a snack while this dumps... It will take a while
Okay, now the thing is dumped, lets call this scan1.bin
Open this in hex now, and hit ctrl+f
search for the word "secret" No quotes of course
now (for vm) you will see vmug33k that is your HA key, the first one showed under secret is ALWAYS HA key
look down one line, whalla, your aaa key is right below. (BACK THIS UP email it to yourself take a picture, ect, DONT LOOSE IT EVER, YOU WONT GET IT BACK)
so now you have your keys backed up, i cant tell you what you can or cannot do with them, it is up to you the end user, however i cannot endorse flashing phones or any illegal activity. In the mannor I am providing this, it is to ONLY save your aaa key incase of a bad radio flash, if you ever find a leaked radio.