NSS 0.47.0 Beta - Quick Install & Restore of the 710 bootloader

[Bph&co]

Hi,

New NSS beta is available for download. It will implement installing and restoring
of the bootloader as single click solution. Although the Qcom loader could be
installed via normal flashing, it is much easier this way. Also recovery is intended
to save manual hex editing or cmd line commands.

1. Download the new version
2. Extract to a folder, start the program
3. Insert the 2 loaders in \loaders\special\wp7\ - the qualcom file: RM803_12w07_prod_generic_nokia_osbl.esco,
posted by xorizont here , second file: RM803_11w48_prod_raw_nokia_osbl.bin attached (unzip first)
4. Go to Flashing->WP7 Tools

You are ready to play. Quick description:

- Read PMM button - reads the PMM partition with Nokia specific values(product
code, MAC addresses, et), you can edit in the boxes
- Write PMM button - writes back to the partition a selected value (via Update
checkbox)

Install button - use this to quickly install Qcom loader on 710(no way to load on
800 as the cert is checked)

Parse FS button - you can use this to test NSS partition parser and compare
against 3rd party tool, to make sure something catastrophically wrong will not
happen during recovery

Restore button - This will attempt to recover the Nokia production loader (so called DLOAD)
via raw NAND write into partition 2 of the connected phone. Make
sure you start in Normal mode as NSS will need to check phone type and battery
value (to make sure wrong file is not written to 800, or if the battery is critically
low)

Please keep in mind, this is a Beta version, it has been tested only on one phone
and is possible to be a major phone killer, so thread lightly. It is offered as it is,
with the hope of being useful, and I can't be held responsible for fatal results.

My best recommendation is to check the partitions after write/recovery with
3rd party tool and make sure all is ok before restarting the phone power. All this
until some recovery method is found (if somebody has found flashing routines in
SECBOOT or other loader, pls PM me).

BR, Chris

 

[Briefcase]

Thanks for this nice tool!

I just wanted to stress that:

- Read PMM button - reads the PMM partition with Nokia specific values(product
code, MAC addresses, et), you can edit in the boxes
- Write PMM button - writes back to the partition a selected value (via Update
checkbox)

Are only possible when the phone has the qualcomm loader right? Because only then it's possible to overwrite the values using the NAND access mode (Qualcomm MSD).

 

[Bph&co]

Hi,

Yes, only in NAND mode, on phones that have it. If you have Nokia DLOAD loader
and not hacked phone, you can only read those value via JSON call to NCSD appl.
There isn't any method coded to change them in Normal mode(at least i did not
find one yet).

BR

 

[Briefcase]

Hi,

Yes, only in NAND mode, on phones that have it. If you have Nokia DLOAD loader
and not hacked phone, you can only read those value via JSON call to NCSD appl.
There isn't any method coded to change them in Normal mode(at least i did not
find one yet).

BR

It's good to see there is now a userfriendly way of doing stuff like this. Thanks again

 

[mariosraptor]

now all we need is a tool to write an .nb file with one click. can one do it?

 

[Bph&co]

now all we need is a tool to write an .nb file with one click. can one do it?

To be honest i have no idea how that exactly works - is there a need for a file
system parser and proper replacing of a file, or just writting to a const location
in the last partition.

The mount never worked on my Ubuntu install(and i am complete Linux newbie).

 

[mariosraptor]

To be honest i have no idea how that exactly works - is there a need for a file
system parser and proper replacing of a file, or just writting to a const location
in the last partition.

The mount never worked on my Ubuntu install(and i am complete Linux newbie).

Thanks God. there is someone else like me in linux.( humor, no offense ofcourse ;-) )
mate i have no idea how it works. nobody wants to write a very accurate tutorial.
not being able to flash the custom rom was the reason that i reverted my bootloader.

 

[djtonka]

To unlock bootloader I used to NCS and firmware posted by xorizont. So how make connection under Windows7 before flash xorizont's firmware if Nokia is in DLOAD mode?

 

[surya467]

this is very helpfull for many people to get to qulcomm on 710!

+1

 

[djtonka]

So You are able to load Qualcomm B. via NSS even if on the moment I have got DLOAD?

 

[Bph&co]

Hi,

New Beta - 0.47.1 - with ability to write moded OS files(.nb).

OS File button - select .nb file

Write OS button - loads the file onto the last partition (change to OSBL mode first)

As with the previous beta - make sure you check the partion parser for errors.
Write will be verified, but not the exact write address, so maybe good to have a
look with WinHex before restarting the phone.

BR

 

[Briefcase]

Already a new version, you're working hard man! ;-)

So if i understand correctly, you have automated the process of 'block writing' (which without this tool requires using dd) the created custom roms to the correct partition on the Lumia?

Of course this requires Qualcomm bootloader; for the 710 your tool can load this even if the phone currently has the newer Nokia DLOAD.

 

[Bph&co]

Hi,

Yes, i work even in my sleep Right now killing myself with the baseband diss, but
decided to have a break and make this.

It seems the OsBuilder creates raw partition image, to fit exactly into the OS part
of the NAND chip. So all i do is open the usb device as physical disk, parse the
partition structure and do a low level read/write to absolute addresses.

Yes, it is mostly for 710, but write OS function should be working for 800 with
Qcom loader too, just can't test it as i don't have such phone.

Also the Install/Recovery should work forever on a 710, unless Nokia/MS release
some updated bootloader that somehow prevents loading of the signed Qcom
loader and the user does a full flash (or via sneak Zune update) and overwrite
the current DLOAD loader.

BR

 

[mariosraptor]

Hi,

New Beta - 0.47.1 - with ability to write moded OS files(.nb).

OS File button - select .nb file

Write OS button - loads the file onto the last partition (change to OSBL mode first)

oh man you are a superstar. you did what i said it was missing. no more (hopefully) screwd phones.

@Mods please make this sticky.

 

[plumlovsky]

Amazing tool!

I just used it to load Full Unlock Image for Lumia 710 by lucifer3006!

No more linux stuff needed, this is great and almost one-click windows solution!

Thank you!

 

[djtonka]

When we talking about copy moded nb file into partition You mean sdx9 is default partition?

 

[Bph&co]

Hi,

The sdb thingi is something from Linux. On low level there are 4 primary partitions
in MBR, all the rest are logical, so the last entry in MBR points to the first logical one,
that for itself contains primary part and next one is logical as well. The last entry
in this linked list is the OS partition.

BR

 

[djtonka]

1. OK I went through this. Tell me please how is possible to unlock bootloader if Lumia is in DLOAD mode? NSS can't reconized WP in this mode.
2. In case of relocking bootloader did I need copy Your specific RM803_11w48_prod_raw_nokia_osbl.bin or download an from navifirm?

 

[heishanxiaoyao]

I hope it's add backup and restore the "DPP.BIN" function!

like this!

Thank you very much!

 

[Bph&co]

1. OK I went through this. Tell me please how is possible to unlock bootloader if Lumia is in DLOAD mode? NSS can't reconized WP in this mode.
2. In case of relocking bootloader did I need copy Your specific RM803_11w48_prod_raw_nokia_osbl.bin or download an from navifirm?

Hi,

1 - Maybe you have Zune running and NSS can't open the port ? Use the kill Zune
services option in NSS please

2 - Yes this specific loader is needed (its extract from an original file) and is hash
checked before writting to the second partition to prevent dead phones

BR