[TUT] Dumping an Rhodium ROM / SPL

DaveShaw · Apr 8, 2009

Stolen from udk's Jade Dumping thread

First all, thanks to Pof, here his original thread and cmonex for her orginal post here.

Download itsme's utils: http://nah6.com/~itsme/itsutilsbin-20080923.zip

List NAND Partitions

Code:

pdocread.exe -l

210.38M (0xd260000) [COLOR="DarkOrchid"]FLASHDR[/COLOR]
|           3.12M ([COLOR=DarkRed][B]0x31f000[/B][/COLOR]) Part00
|           3.50M ([COLOR=DarkOrange][B]0x380000[/B][/COLOR]) Part01
|          69.38M ([COLOR=Olive][B]0x4560000[/B][/COLOR]) Part02
|         134.38M ([COLOR=Teal][B]0x8660000[/B][/COLOR]) Part03
STRG handles:
handle e7489c1a134.38M (0x8660000)
handle 474960e6 69.38M (0x4560000)
handle c74b0fda  3.50M (0x380000)
handle 074b0eee  3.12M (0x31f000)
disk e7489c1a
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk 474960e6
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk c74b0fda
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk 074b0eee
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Dump Them!

Code:

pdocread -w -d [COLOR="DarkOrchid"]FLASHDR [/COLOR]-b 0x800 -p Part00 0 [COLOR=DarkRed][B]0x31f000[/B][/COLOR] Part00.raw
pdocread -w -d [COLOR="DarkOrchid"]FLASHDR [/COLOR]-b 0x800 -p Part01 0 [COLOR=DarkOrange][B]0x380000[/B][/COLOR] Part01.raw
pdocread -w -d [COLOR="DarkOrchid"]FLASHDR [/COLOR]-b 0x800 -p Part02 0 [COLOR=Olive][B]0x4560000[/B][/COLOR] Part02.raw
pdocread -w -d [COLOR="DarkOrchid"]FLASHDR [/COLOR]-b 0x800 -p Part03 0 [COLOR=Teal][B]0x8660000[/B][/COLOR] Part03.raw

The most important files are part01 (XIP) and part02 (ROM).

Dumping the SPL

Code:

pmemdump 0x9a000000 0x80000 spl.nb

As monx points out below you may need to "App Unlock" your device before pdocread will work.
Either follow his reg hack, or just use this CAB by Chainfire : http://xdaforums.com/showthread.php?p=3973249#post3973249.

Have fun.

Thanks to d474rpr for testing SPL dumping

Dave

d474rpr · Apr 8, 2009

For those interested here is the extracted SPL from the Rhodium.

Rhodium SPL

enjoy!

monx® · Jun 11, 2009

Just an additional info. need to apply this reg :

[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000101a"=dword:1
"00001001"=dword:1

(Dumping with Vista SP2 x64 + WMDC6.1 with virgin Rhodium

)

EDIT: Done. Will upload in case somebody want it.

monx® · Jun 11, 2009

Okay here is RHODIUM_WWE_ASIA_v1.19.707.1(51489)_051509_OEM_FULL

CHfish · Jun 22, 2009

DaveShaw said:

Dump Them!

Code:

pdocread -w -d FLASHDR -b 0x800 -p Part00 0 [COLOR=DarkRed][B]0x31f000[/B][/COLOR] Part00.raw
pdocread -w -d FLASHDR -b 0x800 -p Part01 0 [COLOR=DarkOrange][B]0x380000[/B][/COLOR] Part01.raw
pdocread -w -d FLASHDR -b 0x800 -p Part02 0 [COLOR=Olive][B]0x4560000[/B][/COLOR] Part02.raw
pdocread -w -d FLASHDR -b 0x800 -p Part03 0 [COLOR=Teal][B]0x8660000[/B][/COLOR] Part03.raw

The most important files are part01 (XIP) and part02 (ROM).

I assume it's a stupid question - but I need to change the storage adresses according to the list of the NAND Partitions?

Thank you

CHfish

monx® · Jun 22, 2009

yes. follow the address shown in ur prompt windows.

CHfish · Jun 22, 2009

monx® said:
yes. follow the address shown in ur prompt windows.

Thank you monx® - faster then all support hotlines

e60202 · Jun 23, 2009

@monx:

I have a Hong Kong CHT version of the Rhodium that I would like to switch to WWE. Can I use the RHODIUM_WWE_ASIA_v1.19.707.1(51489)_051509_OEM_FULL dump you provided to do so? If so, how?

Or is there an RUU package that I can use?

Pardon my ignorance...this is my first WinMo device and I'm still learning...

monx® · Jun 24, 2009

@e60202
Hi friend, my dump is not a complete rom (it is just rom sources to share)
Yes, we can rebuild the rom becomes the complete one but it wont have the required signature required by stock device SPL. So, we cant flash it until our device is flashed with Rhodium HardSPL (not available yet)

To change your device rom language, it is possible. U need to create GoldCard using QMAT (if i'm not mistaken u hv to buy this for full function to create GoldCard) & Mtty. Then u can flash stock shipped (signed) WWE rom.

For more info, pls search for GoldCard or u can try ur luck to ask for cmonex further help

drawflex · Jun 26, 2009

so i take it then... if i do a rom/spl backup of my phone and then bugger it up, i'm unable to flash the backup back to the phone ?

DaveShaw · Jun 26, 2009

drawflex said:
so i take it then... if i do a rom/spl backup of my phone and then bugger it up, i'm unable to flash the backup back to the phone ?

If you bugger up your phone, just Hard Reset to get it back to how it was.

You dump your ROM so that after flashing custom ROMs you can go back the one your phone came with. But we need Hard SPL to flash custom ROMs as well as dumped ones.

Dave

-adrian- · Jun 27, 2009

is there actually no problem in warranty? flash new rom .. **** it up.. flash original rom.. send it in

monx® · Jun 27, 2009

-adrian- said:
is there actually no problem in warranty? flash new rom .. **** it up.. flash original rom.. send it in

Re-flash original SPL so they dunno u hv modified it

-adrian- · Jun 27, 2009

well .. never tried it before .. hope it will work with the tmobile GER branded phone

already ordered.

wootty2000 · Jun 27, 2009

monx® said:
Re-flash original SPL so they dunno u hv modified it

Doesn't this only work though if you have a signed ROM installed. I didn't think that you could use HardSPL to install a dump and then push the OEM SPL back.

bombastikde · Jun 27, 2009

Okay here is RHODIUM_GER_v1.19.407.0(51489)_051609_OEM_FULL
the German Version

cmonex · Jun 30, 2009

wootty2000 said:
Doesn't this only work though if you have a signed ROM installed. I didn't think that you could use HardSPL to install a dump and then push the OEM SPL back.

yes, you can use HardSPL to do this! (when it comes out

)

wootty2000 · Jun 30, 2009

cmonex said:
yes, you can use HardSPL to do this! (when it comes out )

I know that with HardSPL I can install a cooked ROM, but my understanding is that if I install HardSPL, then a cooked ROM and then push the OEM SPL back, the OEM SPL will fail to validate the cooked ROM and refuse to boot it

Or does the OEM SPL only do validation when flashing and not booting?

DaveShaw · Jun 30, 2009

wootty2000 said:
I know that with HardSPL I can install a cooked ROM, but my understanding is that if I install HardSPL, then a cooked ROM and then push the OEM SPL back, the OEM SPL will fail to validate the cooked ROM and refuse to boot it

Or does the OEM SPL only do validation when flashing and not booting?

No, if you have a cooked ROM and a stock SPL it will still boot. The SPL checks signing, device id, model id, etc when attempting to flash a ROM, not booting.

Dave

net_walker · Jul 27, 2009

I already dumped the ROM/SPL of my Rhodium according to DAVE's guide.

And I know from the guide the Part01.raw is XIP and the Part02.raw is ROM. However, what's the part00.raw and part03.raw?

And how can I put all of these raw files together to a NBH file? It's need to be NBH file before flash back, am I right?

[TUT] Dumping an Rhodium ROM / SPL

Senior Moderator Emeritus

Senior Member

Senior Member

Senior Member

Senior Member

Senior Member

Senior Member

Member

Senior Member

Senior Member

Senior Moderator Emeritus

Senior Member

Senior Member

Senior Member

Senior Member

Member

Retired Recognized Developer

Senior Member

Senior Moderator Emeritus

Member

Similar threads