[HOWTO] GT-I9100 Free SIM Unlock via nv_data.bin by Odia

Search This thread
By:
Advanced…
D

Damienoid

Senior Member
Oct 3, 2011
217
42
Sunshine Coast
spocky12 said:
Hi,

It seems that samsung added the same checks than in GS3 in recent GS2 roms.
I think my app should work with no pb on GS2 (if you have any doubt, send me your efs folder by pm)
Click to expand...
Click to collapse

I also had the same issue as the poster you replied to, where my phone would lock again after a reboot or just randomly lock itself again(I suspect it randomly locks itself if signal drops out), I used Galaxy S unlock previously but the issue remained, but this app would easily unlock my phone each time thank goodness.

I just read your post and tried your app, and now my phone seems to not lock upon reboot, tested a couple times now :fingers-crossed:

I'm very thankful and will send a donation for solving frustrating issue, after I've tested this fix for a couple days to see if I get the random lock issue still.

Either way I'll provide feedback :good:

Just a bit of background, my SGS2 came locked from my carrier, but you can unlock for free from the carrier which I did very soon after receiving the phone, I've had no issues for 8 months until I flashed wanams 12.3 4.0.4 firmware, so obviously this 4.0.4 is the issue.

I tried unlocking from the carrier again, and it would just come up with error, why my phone should lock itself after having my phone unlocked so long is probably due to me using another carriers sim which only arose because of the 4.0.4 firmware, as I got this phone cheap from another carrier to use with my current carrier.
 
lomistars

lomistars

Senior Member
Jul 5, 2012
324
127
i'm having same problem !

if i use "Free SIM Unlock via nv_data.bin by Odia" it doesnt work at all

if i use Helroz app <<Galaxy_S Unlock>> it works perfectly but after i reboot the phone it gets locked again

i'm running LPX 4.0.4 & Siyah kernel 4.1.4

anyone can help plz ? it's a disaster having a phone & cant do CALLS or sms
 
sziegu

sziegu

Member
Apr 13, 2012
28
4
sziegu.blogspot.com
lomistars said:
i'm having same problem !

if i use "Free SIM Unlock via nv_data.bin by Odia" it doesnt work at all

if i use Helroz app <<Galaxy_S Unlock>> it works perfectly but after i reboot the phone it gets locked again

i'm running LPX 4.0.4 & Siyah kernel 4.1.4

anyone can help plz ? it's a disaster having a phone & cant do CALLS or sms
Click to expand...
Click to collapse

Use the app galaxsim unlock by spocky. It's a well spent 2 euros and it will work. It did for me :)
 
  • Like
Reactions: lomistars
lomistars

lomistars

Senior Member
Jul 5, 2012
324
127
THANKSSSSS sziegu works perfect now i'm so happy LOL

galaxsim unlock by spocky did the job well thanks u are great devs !!!
 
  • Like
Reactions: hornedfiend
S

semaster

Member
Jul 6, 2010
14
6
i9100 new-sec now 100% working in Omnius

Hi all, who received "<ERROR>" codes,

we've found a major calculation bug in i9100 new-sec algo today and fixed it. Even if the recalculation of all failed request is still in progress, it seems to calculate 100% of the phones correctly now.

Feel free to try, but hurry up, the free period will most probably end soon under these circumstances.

Regards
semaster
 
  • Like
Reactions: fnair
K

K22

Member
Apr 29, 2006
5
5
semaster said:
Hi all, who received "<ERROR>" codes,

we've found a major calculation bug in i9100 new-sec algo today and fixed it. Even if the recalculation of all failed request is still in progress, it seems to calculate 100% of the phones correctly now.

Feel free to try, but hurry up, the free period will most probably end soon under these circumstances.

Regards
semaster
Click to expand...
Click to collapse

Just tried this on my Locked T-Mobile UK v1.5 with Siyah 4.1.4 Kernel, and what do you know... it spat out both the MCK and the NET in under 2 minutes. Punched in the code prompted by an old (inactive) O2 sim and BOOM, unlock successful :D I've yet to try with a live SIM from a different network, but it looks like they've cracked it!

Q: Assume if I flash the latest stock ROM this will remove the modem patch?

Much respect and thanks for your generosity (even if we are guinea pigs!),

K22
 
S

semaster

Member
Jul 6, 2010
14
6
K22 said:
Just tried this on my Locked T-Mobile UK v1.5 with Siyah 4.1.4 Kernel, and what do you know... it spat out both the MCK and the NET in under 2 minutes. Punched in the code prompted by an old (inactive) O2 sim and BOOM, unlock successful :D I've yet to try with a live SIM from a different network, but it looks like they've cracked it!

Q: Assume if I flash the latest stock ROM this will remove the modem patch?

Much respect and thanks for your generosity (even if we are guinea pigs!),

K22
Click to expand...
Click to collapse

If you want to remove the patch, make sure to flash the "modem.bin" file. Ofcourse this will not affect the unlocked status nor the codes. Althoug, from the user point-of-view, there is no need to revert the patch, because it does not affect any working parts of it, just some external diagnostic, which is even not supported on those phones, so the probability it will be detected even in service center is almost zero. Anyway, make as you wish.
 
fnair

fnair

Senior Member
Sep 1, 2011
66
8
Montreal
I can confirm that Omnius' unlock code (new security) works for Bell Canada's GT-I9100M (HW 1.0). Downgraded my phone to the stock GB release (2.3.3 UGKG2), ran Omnius and it found the code which works perfectly.

Thanks!!! :)
 
toffiko

toffiko

Senior Member
Nov 23, 2009
86
39
Warsaw
Help please :)

Hello lads. Please somebody can help me with getting unlock code for my phone. Ive tried Galaxy S2 SIM ulnock and it just will not produce any code. So Ive tried the Odia's method but Im not good enought with getting the proper hashes from my nv_data.bin :( Ive spend few hours trying to solve that but no result yet. And it makes me headin'. All I managed to do yesterday was to pull out the nv_data.bin from /efs folder from my phone. And thats all. Please If anyone can help me please write me PM so I can send that file via email. Thanks a lot in advance:silly:.
My current ROM is I9100_XEU_I9100XWLPX_PRE-ROOTED_I9100XXLQ6_I9100XEULPA. My phone is I9100P
Mishu
 
Last edited:
sziegu

sziegu

Member
Apr 13, 2012
28
4
sziegu.blogspot.com
semaster said:
Hi all, who received "<ERROR>" codes,

we've found a major calculation bug in i9100 new-sec algo today and fixed it. Even if the recalculation of all failed request is still in progress, it seems to calculate 100% of the phones correctly now.

Feel free to try, but hurry up, the free period will most probably end soon under these circumstances.

Regards
semaster
Click to expand...
Click to collapse

Tried omnius unlock on rooted stock ICS, apparently not supported, and after I downgraded to stock gingerbread I9100BVKJ4_I9100OROKJ4_ORO, rooted it using doomlords method and retried omnius. It worked like a charm.

Thanks semaster!
 
NOMIOMI

NOMIOMI

Senior Member
Nov 4, 2010
1,357
1,287
Abbottabad
i have unlock the sim setwork unlock pin but WTF every time i reboot my its ask me to Sim network unlock pin ...
please give me some solution
 
mocoyombiflash

mocoyombiflash

Senior Member
Nov 2, 2010
271
48
Maricao
www.recargatusim.com
Help appreciated!!! CLARO PR GALAXY S2

I have an issue here i tried the apps they seem to hang for a while sometimes force close but one time i always let it fight it's way out and it does gives me done unlocked please restasrt your device when i do it asks for my unlock code. Then when i do odia way and i get rid of the network unlock window i never read my sim card it has liike the icon of a sim card no inserted on top the bars are full sometimes they stay even if i pull the sim card out! And when i dial i get mobile network unavaible i'm on gingerbread 2.3.4 unbranded argetina rom (just try8ing to not use a stock claro rom to avoid simlock and yet))) when i verify if it's unlocked i get everything is off network lock is off so is everything else , i tried this last appa called gaalaxy sim unlock and everything is off but my network lock reads partially unlocked???

It's a mess .... I have my nv data file it's looks nothing like you guys have posted here even after reading and trying to figure out hex editor! Please help !!!
 

Attachments

  • nv_data.rar
    14.5 KB · Views: 3,549
mocoyombiflash

mocoyombiflash

Senior Member
Nov 2, 2010
271
48
Maricao
www.recargatusim.com
Hey bro ....

Sent from my SPH-D710 using xda premium

---------- Post added at 01:00 AM ---------- Previous post was at 12:57 AM ----------
spocky12 said:
Check My sig.

Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse

Can u help i tried ur app now i.got a partially unlocked stock lock lock and yea to pay for the app will it work? I bet it would i tried a bunch of stuff jaja i dont think i slept that night ... It was a customers phone

Sent from my SPH-D710 using xda premium
 
Xeon3D

Xeon3D

Senior Member
Apr 10, 2006
84
15
41
Albufeira
xeon3d.net
Any love for GT-I9100P Owners (HW Version 1.4) ?

I managed to relock mine (bought it unlocked already, dunno how it was unlocked tbh), with some firmware flashes (4.0.4...grrr) but I was saved by my backed up EFS Folder.

I'm willing to be a guinea pig if needed.

According to instructions by Odia, my NET Hash is FB A0 7F D7 17 6F C6 66 A8 E2 88 3D 94 32 9B 37 2B F0 FF 26, all others are F5 68 75 09 D7 FC B8 A9 D9 EE 0B 93 C0 43 5F 00 B2 DD 51 AC (Which I assume being 00000000 since it was only locked to the network per se, not the actual card or anything else). Sadly I do not own a GPU complatible to follow thru with odia's instructions.

Also tried the helroz tool but like other people found out, it was relocked after reboot and chainfire's crashed thru the process... twice...

Attached is nv_data.bin.
 

Attachments

  • nv_data.zip
    12 KB · Views: 1,207
Last edited:
Xeon3D

Xeon3D

Senior Member
Apr 10, 2006
84
15
41
Albufeira
xeon3d.net
spocky12 said:
If you don't want to pay, GSU is free in xda and will perfectly work on your phone.
It won't compute codes though.

Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse

I dont need an unlock (so I won't pay for anything) since I'm already unlocked and have a backup of the unlocked efs folder. I do want to know my unlock codes and if possible help in finding a solution for later hardware versions so others can unlock their handsets.

Sent from my GT-I9100 using Tapatalk 2
 
M

Mr_Bartek

Guest
They can unlock by patching EFS though. There's no need for codes.
 
costi.tattoo

costi.tattoo

Senior Member
Dec 17, 2006
98
13
Bucharest
i unlock my phone with GalaxyS2 SIM Unlock and it worked but every time i instal a new rom or reboot the phone, it ask for network unlock key. what can i do to not be forced to be asked every time for this?
 
You must log in or register to reply here.

Similar threads

codeworkx
[ROM][GT-I9100][4.0.4] CyanogenMod 9 nightly builds | DEVELOPMENT THREAD
Replies
3K
Views
4M
limitedMUSCL
limitedMUSCL
Chainfire
[30.10.2012][CF-Root 5.6] K**,LA*,LP-126BHJQ73SC89DEFWGKIQOTUXY,LQ-5B - su+bb+CWM4/5
Replies
7K
Views
6M
jokeromafiaa
jokeromafiaa
gokhanmoral
  • Locked
[KERNEL][ExTweaks] SiyahKernel v2.6.14 - "One kernel to rule them all"
Replies
20K
Views
5M
Crescendo Xenomorph
Crescendo Xenomorph
bajee11
[ROM][4.2.2] Android Open Kang Project (AOKP) - GT-I9100 - [JB-MR1][Milestone 2]
Replies
3K
Views
806K
Z
Zolorn
atinm
[ROM][GWK74] CyanogenMod 7 [DEVELOPMENT ONLY]
Replies
2K
Views
1M
Vaedryn
Vaedryn

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 81
    O
    Odia
    Free SIM Unlock for SGS2 by Odia. (ONLY for HW Version MP 1.200)

    1. Root your phone.
    2. Extract your nv_data.bin
    3. Look at the file with an hex-editor and goto offset 0x181460 (Ultra Edit, HxD, Hex-Workshop etc)
    4. Take the hashes from 0x18146e (20 bytes), 0x18148e, 0x1814ae, 0x1814ce, 0x1814ee
    5. If the hash is 7D 3E 17 CF CD 81 6C AC D4 E0 25 FA A6 50 04 FD D1 7D 51 F8 ignore it since that is 00000000
    6. Put the hash into the BF exe for example:-
    ighashgpu.exe /h:EF63BF26E2382917D96850CCF9632458EE6E6C77 /t:sha1 /c:d /max:8 /min:8 /salt:0000000000000000
    and wait for it to finish, do that for each hash which is not zeros, the Found password: [50681318] is the code.
    7. Put unaccepted simcard in the phone and when it asks for the unlock code enter them in order
    8. Job done, phone is now unlocked for free.

    If you cannot find a block which looks like hashes @ 0x181460, then search for SSNV and add 5216, but from the files which I have seen the block appears to be fixed @ 0x181460.

    If it will not accept the code which you believe to be correct, it means the attempts have been used up, so you need to use the MCK code to unfreeze your phone, note it will not request unfreeze code, just say network lock unsucessful even your code is valid. (MCK HASH is @ offset 0x180049)

    Added an example for what you need to look for.


    Mastercode

    Dynamic located PERSO section, holds the mastercode (MCK / unfreeze), search for PERSO and look for a hash, can be multiple old sections, added screendump with an example.
    MCK HASH is also in the SSNV section @ offset 0x180049


    Direct Offsets

    GT-I9100
    NET 0x18146e -
    SUB 0x18148e -
    SP 0x1814ae -
    CP 0x1814ce -
    MCK 0x180049 -

    GT-I9000
    NET 0x18154b -
    SUB 0x18155f -
    SP 0x181573 -
    CP 0x181587 -
    MCK 0x1815af -


    If this saved you a few quid, maybe you would like to buy me a beer ;)

    View attachment 602403

    View attachment 602464

    I could not have made this solution and proved my theory without the special help from pulser_g2 and Fall Guy.

    I have been advised by pulser_g2 that Chainfire will make a software solution next week using this information.
    (APK is here http://xdaforums.com/showthread.php?t=1092451)
    View
    13
    dh2311
    dh2311
    Might try that, but can the phone boot without the nv_data, i thought it would fail


    On the subject of resetting the counter I found out how!!!!

    It also tells you your kernel is origional when it is supercurios or chainfires :D:D

    my phone claims to be unhacked but its rooted n everything.

    I'm uploading video proof now!



    How did I do it?

    Well, you know the download mode jig you can make to put the sgs into download mode. I make them and sell them on ebay to make a few quid. (not too great, too many others doing it)

    I thought "it worked on my sgs, will it work on this?"

    powered off the sgs II plugged the jig in and encountered a sceen saying "erasing download information succeeded" and now it says I have no custom binaries and my current binary is "samsung official", when its chainfires.

    It also removes the triangle warning on first boot because it thinks its genuine. But I still have my root privelages.

    I call this a warranty solution. All thanks to a resistor and u micro usb plug. :D
    http://www.youtube.com/watch?v=poH6TMbuj3E
    View
    7
    O
    Odia
    So without asking me or pulser_g2, who can work it out from this?

    Found 1 CUDA device(s)
    Starting brute-force attack, Charset Len = 10, Min passlen = 8, Max passlen = 8
    Charset (unicode -> 0) [0123456789]
    Charset in HEX: 30 31 32 33 34 35 36 37 38 39
    Starting from [00000000]
    Hash type: SHA1, Hash: ef63bf26e2382917d96850ccf9632458ee6e6c77
    Salt: 00 00 00 00 00 00 00 00
    Device #0: [GeForce 8800 GT] 1625.00 Mhz 112 SP
    Hardware monitoring disabled.
    CURPWD: 46886710 DONE: 75.50% ETA: 0s CURSPD: 134.8M
    Found password: [50681318], HEX: 35 30 36 38 31 33 31 38
    Processed 75 497 472 passwords in 1s.
    Thus, 130 844 838 password(s) per second in average.

    and to the person who approached me and said lets do this and make lots of money FCUK YOU!!!

    Took me less than 1 hours working time to find the solution, big thanks to pulser_g2 for supplying the needed files to speed up my work.

    PS: How do I get a donate button ;)
    View
    5
    pulser_g2
    pulser_g2
    nintendolinky said:
    Im happy to test for you. Mine is locked, tried tmobile earlier today, and it required a code, im rooted so i can provide anything.
    Click to expand...
    Click to collapse

    Grab that file from the device and pop me a PM. I presume you know how to get ADB up and running?
    View
    4
    S
    solarj
    Just did an efs backup before unlock a phone using a purchased unlock code, and immediately after unlocking did another efs backup

    comparing these two backups, the only difference is nv_data.bin, and there are 2 differences in nv_data.bin:

    1. In locked nv_data.bin, at offset 00180069-0018006e, there is a 5-bytes string and a "#" sign, represent the original locked operator name. Unlock the phone will replace all these bytes with FF

    2. In locked nv_data.bin, at offset 00181469, that byte is 01, as we all know, the Helroz's app will change this byte to 00, thus unlock the phone

    So, the bit-flipping method will work, and if you want a clean unlock, remove those original locked operator name at offset 00180069

    I bought the unlock code because my phone refuse to work any more, last month one of the operator became disabled (emergency call only), and after I changed to another operator, this operator became disabled again recently. I thought it maybe because I unlocked the phone using bit-flipping method and I should try unlocking it using real unlock code. Unfortunately my phone is still disabled for those 2 operators by using real unlock code, I have to send it to samsung service (I guess some thing in the intel xmm6260 platform is broken)

    (ok, typo fixed)
    View

New posts