Universal ReadBack Extractor for mtk feature watchphones

Search This thread

GargoyI

New member
Jun 20, 2016
1
0
0
Hi all,
I'm new here, sorry if my english is not that good.
It seems to be a nice Plattform, the most Threads of "Golem_" are informative, thx for that.
About me, I bought a DZ09 Smartwatch and read many threads about it, think it is a clone.
I have tryed all tutorials and programs offered here, every thing told me it offers only 32MB space.
(By the way, i think there is an error... a note would be nice,... in the read back tutorial.
If you own a DZ09 clone, you have to change the "scatter file" to a 32 MB Version)

I would like to know is there is a way to check out the real memory size of the watch i owned.
Tryed every cfg file (original and 64MB not work,... only 32MB) is says it have only 32MB Spae of memory.
is this the truth or may only a configuration (cfg-file) result?

Is there a way to change the memory or is it includet into the microprocessor?

If i really owned a clone, is there a way to change Watch faces or rewrite / expand the Firmware?

Kind regards Gargoyl
 

Golem_

Senior Member
Oct 23, 2015
2,228
824
193
Hi all,
I'm new here, sorry if my english is not that good.
It seems to be a nice Plattform, the most Threads of "Golem_" are informative, thx for that.
About me, I bought a DZ09 Smartwatch and read many threads about it, think it is a clone.
I have tryed all tutorials and programs offered here, every thing told me it offers only 32MB space.
(By the way, i think there is an error... a note would be nice,... in the read back tutorial.
If you own a DZ09 clone, you have to change the "scatter file" to a 32 MB Version)

I would like to know is there is a way to check out the real memory size of the watch i owned.
Tryed every cfg file (original and 64MB not work,... only 32MB) is says it have only 32MB Spae of memory.
is this the truth or may only a configuration (cfg-file) result?

Is there a way to change the memory or is it includet into the microprocessor?

If i really owned a clone, is there a way to change Watch faces or rewrite / expand the Firmware?

Kind regards Gargoyl

Hi there Gargoyl, unfortunately it is truth, is not just a cfg reflection hence you have 32Mb, there is no way to replace watchfaces because they are archived. . .

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
 

dingoland

Member
Feb 26, 2008
13
4
0
Montauban
Readback error

Hi all and Golem ;)

First, thank you for the procedure to readback firmware on the first posts, it helped me !
I tried to use your soft to check the dump i done from my kingwear kw18 (a bad clone of the No1 g3).
I use the scatter file of the g3 and made my readback perfectly without error (16Mb file).
But when i check the dumped file in your readback extractor 2.0 and 2.1 it says that the firmware is not mtk compatible.
I would like to flash this bad clone (with an awful, light and bugged firmware) with the g3 firmware, so i done a dump to be sure i can go back if something went wrong with the new firmware.
How can i do to have a dumped firmware usable (flashable) if something went wrong ?
Can you help me please ?

Best regards
Greg
 

Golem_

Senior Member
Oct 23, 2015
2,228
824
193
Hi all and Golem ;)

First, thank you for the procedure to readback firmware on the first posts, it helped me !
I tried to use your soft to check the dump i done from my kingwear kw18 (a bad clone of the No1 g3).
I use the scatter file of the g3 and made my readback perfectly without error (16Mb file).
But when i check the dumped file in your readback extractor 2.0 and 2.1 it says that the firmware is not mtk compatible.
I would like to flash this bad clone (with an awful, light and bugged firmware) with the g3 firmware, so i done a dump to be sure i can go back if something went wrong with the new firmware.
How can i do to have a dumped firmware usable (flashable) if something went wrong ?
Can you help me please ?

Best regards
Greg

Man, before to do any move send me the dump, I can check if everything is fine or not with your dump, eventually to extract the firmware

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
 

dingoland

Member
Feb 26, 2008
13
4
0
Montauban

dingoland

Member
Feb 26, 2008
13
4
0
Montauban
Your dump is ok, I did the extraction, you can find your original firmware here

Use your money wisely, DO NOT WASTE IT buying from GEARBEST

Waou faster than i though :D

Thank you a lot Golem !

I can now make some tests with this smartwatch.....
Do you have some advices to give me before flashing new firmware ?

Best regards.
Greg
 
Last edited:

Golem_

Senior Member
Oct 23, 2015
2,228
824
193
Waou faster than i though :D

Thank you a lot Golem !

I can now make some tests with this smartwatch.....
Do you have some advices to give me before flashing new firmware ?

Best regards.
Greg

Most important, when you're flashing something do not break usb connection!

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
 

mordor621

Member
Apr 12, 2016
32
3
0
Update Mar-12/2016: as long as on the market appeared a long line of new types of mtk6260 mtk6261 mtk2502C mtk2502A (etc) watches equipped with strange new PCB or flash_ID parameters, the new release <Readback Extractor mtk 2.0> now has the capacity to identify, to read, check, rebuild firmware and collect and insert in the .cfg files the flash_ID's coded inside the ROM dump for almost all types of mtk watchphones or smartwatches based on RTOS Nucleus

NOTE: being tested already for mtk6260 mtk6261 mtk2502C and mtk2502A

In short - if you intend to install in your smartwatch new firmwares, mods etc, before to initiate any flashing with the Flash Tool app (pushing that goddamn < Download > button) think twice, 'bove all better DO a backup for the original firmware, why so? because it's containing all original drivers hence you'll be able to recover 100% your watch in case of bricking.

How to:
First you have need of a full dump of your ROM. Assuming that you already got a Flash Tool 5.15.16 and drivers, and you were at the point of flashing something (already chose the download agent and scatter file)

preparations:
a. Set options/backup and restore on no action
b. load the download agent (you find this file inside the flash tool folder)
c. load a scatter file - for initialization flash tool needs a scatter file (.cfg) - for dz09 you get this one
d. in case you have W10 - go to the start menu and click on power and hold down the shift key while clicking on restart. A screen then comes up and you need to choose troubleshooting and then startup options. It will then reboot and give you a menu. press 7 which is ignore signed drivers and then when windows comes up, you will be able to install the drivers.

for instance let's say you have a DZ09 smartwatch:
1 - press < Readback > in upper menu and so < Add > in the middle menu
2 - click twice on the item appears in the main window, set name as ROM_DZ choose in browser the path and save
3 - set as Physical start address 0x00000000 and as Length 0x01000000 or 0x00800000 or 00400000 (try them in this order) then ok
4 - turn off the watch, press < Readback > in the middle menu wait 2 seconds and connect through USB your watch
5 - wait until the upload is complete (big green ring)

Now second stage:
1 - download the app I've built attached here (Readback Extractor mtk) and unzip it
2 - create a folder where you intend to keep in safe the original firmware and name it for instance DZ09-Orig
3 - do a copy of Readback Extractor mtk 2.0.exe and place it inside the DZ09-Orig folder then click twice on it
4 - press <Load Readback file> and browse after the ROM_DZ file created before with the Flash Tool then open
5 - Wait about a minute while the app will check bit by bit the integrity of your file
6 - If everything went ok and your file is healthy then app will show " health 100% " so you can proceed to the next step
7 - Press <Rebuild Firmware> and wait about one minute (it shows a progress counter)
8 - When appears the message " - ALL DONE!!!" close app and go back in the DZ09-Orig folder, now you'll find there a set of new files which are the original firmware kit ready to be flashed back in your phone anytime you want
9 - Enjoy flashing anything you like without any fear that something bad can happen

Some tricks for writing IMEI in your watch NVRAM:
you connect to usb your watch (turned on this time) and set the com port on the watch screen, go in device manager and check the port number your watch is connected, then you open Tera Term hyperterminal (google for this app), connect it as serial com on watch com port and then give the command:
AT + EGMR = 1, 7, " imei number "
if on screen appears OK then ready, you've changed your imei

Use your money wisely, DO NOT WASTE IT buying from GEARBEST!
- worst shipping ever (10 days in case you're lucky)
- most products are defective (this is referring just to smartwatches and watch phones - can't say anything about other products)
- in case of complain (ticket) the answers are standard corporation statements - they are not fixing any issue - just will waste your time, week after week for months - for instance, in my case started in august 2015 and finished in april 2016
- if you are continuing to complain, trying to obtain your money back or a new item - your mistake, they will switch off in your account the capacity of opening tickets (disputes), they will wipe out your account of any points, credits or previous tickets

AFTERWARDS READ ME story - Anywhere you search, there is no one to tell you explicitly how to extract from your mtk smartwatch the firmware kit
All says a halfmouth: Do a full < Readback > in Flash Tool, you'll do it being confident that from now on you say goodbye to any risk because you have A BACKUP hence you start flashing new firmwares. And the Big Brick is coming , you smile and get back to your < Readback > backup discovering that, sadly, you have a binary bulk at first sight good for nothing. It cannot be so useless, isn't it? after all it contains full dump of your ROM! I was in exactly the same situation, so 'cause I didn't find any answer I've started reverse engineering . . . and it worked, first I did it manually for guys being in the same situation, 've noticed that is a common issue so I had to choose how to help, simpler but dangerous (for you) way, to create a tutorial <how to> or the hard way (hard for me), to develop an app which will do all "cooking" automatically and I choose the second because in manually way there is a quite big "chance" to mess up with your primary bootloader which could get to a real tragedy - no modem - brickest brick you saw in your entire life


Readback extractor mtk 2.1 beta
Flash Tool and drivers
Hi,i have a GT08s. What download agent and scatter file must choose? I dont have no one.

Enviado desde mi LG-D855 mediante Tapatalk
 

Jorge Moreira

Senior Member
Dec 24, 2010
308
123
0
Porto
Hi @Golem_,

I try to make a backup of my firmware, but i have the follow error:

error.jpg


My smartwach is a Ulefone GW01 with MTK2502.

Can you help me? :confused:

Thanks,

Regards,
Jorge
 

Golem_

Senior Member
Oct 23, 2015
2,228
824
193
Hi @Golem_,

I try to make a backup of my firmware, but i have the follow error:

My smartwach is a Ulefone GW01 with MTK2502.

Can you help me? :confused:

Thanks,

Regards,
Jorge

Hi there,
Of course man, as your watch is 2502 you have to use as scatter a (any) firmware from this folder with length of 0x0080000 if is about 2502C or one of the firmwares from this folder with length of 0x01000000 for 2502A

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
 
  • Like
Reactions: Jorge Moreira

Jorge Moreira

Senior Member
Dec 24, 2010
308
123
0
Porto
Hi there,
Of course man, as your watch is 2502 you have to use as scatter a (any) firmware from this folder with length of 0x0080000 if is about 2502C or one of the firmwares from this folder with length of 0x01000000 for 2502A

Use your money wisely, DO NOT WASTE IT buying from GEARBEST

Many thanks @Golem_ :)

I try with Zeblaze Crystal mtk2502A with length of 0x01000000 and it works.

But when I use the readback extractor mtk 2.0 and load readback file, give me the follow message:

error_1.jpg


What am I doing wrong? :confused:

Regards,
Jorge
 

Attachments

  • error_1.jpg
    error_1.jpg
    24.1 KB · Views: 51
Last edited:

Golem_

Senior Member
Oct 23, 2015
2,228
824
193
Many thanks @Golem_ :)

I try with Zeblaze Crystal mtk2502A with length of 0x01000000 and it works.

But when I use the readback extractor mtk 2.0 and load readback file, give me the follow message:

error_1.jpg


What am I doing wrong? :confused:

Regards,
Jorge

Yea, lately I didn't do any updates for readback extractor - no worries about, just new different (newcomers) standards my app didn't know about - good you "woke me up" - too busy and forgot about the latest release I was working on, compiled it right now and "voila" - check on the first page the 2.4 release and let me know if it's working for you

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
 

quebrada76

New member
Jun 28, 2016
1
0
0
Yea, lately I didn't do any updates for readback extractor - no worries about, just new different (newcomers) standards my app didn't know about - good you "woke me up" - too busy and forgot about the latest release I was working on, compiled it right now and "voila" - check on the first page the 2.4 release and let me know if it's working for you

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
Hello. I also have a GW01 ulefone and just tested the 2.4 release and works perfectly.:good:
 

Jorge Moreira

Senior Member
Dec 24, 2010
308
123
0
Porto
Yea, lately I didn't do any updates for readback extractor - no worries about, just new different (newcomers) standards my app didn't know about - good you "woke me up" - too busy and forgot about the latest release I was working on, compiled it right now and "voila" - check on the first page the 2.4 release and let me know if it's working for you

Use your money wisely, DO NOT WASTE IT buying from GEARBEST
It works now.

Many thanks.

The files of my backup is:
Config_mtk.cfg
Ext_bootloader
File_01_mtk
Int_bootloader

No need anything else, right?

Thanks for your help!

Regards,
Jorge

Enviado do meu Redmi Note 2 através de Tapatalk
 

Top Liked Posts

  • There are no posts matching your filters.
  • 60
    Update Mar-12/2016: as long as on the market appeared a long line of new types of mtk6260 mtk6261 mtk2502C mtk2502A (etc) watches equipped with strange new PCB or flash_ID parameters, the new release <Readback Extractor mtk 2.0> now has the capacity to identify, to read, check, rebuild firmware and collect and insert in the .cfg files the flash_ID's coded inside the ROM dump for almost all types of mtk watchphones or smartwatches based on RTOS Nucleus

    NOTE: being tested already for mtk6260 mtk6261 mtk2502C and mtk2502A

    In short - if you intend to install in your smartwatch new firmwares, mods etc, before to initiate any flashing with the Flash Tool app (pushing that goddamn < Download > button) think twice, 'bove all better DO a backup for the original firmware, why so? because it's containing all original drivers hence you'll be able to recover 100% your watch in case of bricking.

    How to:
    First you have need of a full dump of your ROM. Assuming that you already got a Flash Tool 5.15.16 and drivers, and you were at the point of flashing something (already chose the download agent and scatter file)

    preparations:
    a. Set options/backup and restore on no action
    b. load the download agent (you find this file inside the flash tool folder)
    c. load a scatter firmware - for initialization flash tool needs a scatter file (.cfg) - for dz09 you get this one - for any other than mtk6260A get here and get a firmware compatible with your PCB
    d. in case you have W10 - go to the start menu and click on power and hold down the shift key while clicking on restart. A screen then comes up and you need to choose troubleshooting and then startup options. It will then reboot and give you a menu. press 7 which is ignore signed drivers and then when windows comes up, you will be able to install the drivers.

    for instance let's say you have a DZ09 smartwatch:
    1 - press < Readback > in upper menu and so < Add > in the middle menu
    2 - click twice on the item appears in the main window, set name as ROM_DZ choose in browser the path and save
    3 - set as Physical start address 0x00000000 and as Length 0x01000000 or 0x00800000 or 00400000 (try them in this order) then ok
    4 - turn off the watch, press < Readback > in the middle menu wait 2 seconds and connect through USB your watch
    5 - wait until the upload is complete (big green ring)

    Now second stage:
    1 - download the app I've built attached here (Readback Extractor mtk) and unzip it
    2 - create a folder where you intend to keep in safe the original firmware and name it for instance DZ09-Orig
    3 - do a copy of Readback Extractor mtk 2.0.exe and place it inside the DZ09-Orig folder then click twice on it
    4 - press <Load Readback file> and browse after the ROM_DZ file created before with the Flash Tool then open
    5 - Wait about a minute while the app will check bit by bit the integrity of your file
    6 - If everything went ok and your file is healthy then app will show " health 100% " so you can proceed to the next step
    7 - Press <Rebuild Firmware> and wait about one minute (it shows a progress counter)
    8 - When appears the message " - ALL DONE!!!" close app and go back in the DZ09-Orig folder, now you'll find there a set of new files which are the original firmware kit ready to be flashed back in your phone anytime you want
    9 - Enjoy flashing anything you like without any fear that something bad can happen

    Some tricks for writing IMEI in your watch NVRAM:
    you connect to usb your watch (turned on this time) and set the com port on the watch screen, go in device manager and check the port number your watch is connected, then you open Tera Term hyperterminal (google for this app), connect it as serial com on watch com port and then give the command:
    AT + EGMR = 1, 7, " imei number "
    if on screen appears OK then ready, you've changed your imei

    Use your money wisely, DO NOT WASTE IT buying from GEARBEST!
    - worst shipping ever (10 days in case you're lucky)
    - most products are defective (this is referring just to smartwatches and watch phones - can't say anything about other products)
    - in case of complain (ticket) the answers are standard corporation statements - they are not fixing any issue - just will waste your time, week after week for months - for instance, in my case started in august 2015 and finished in april 2016
    - if you are continuing to complain, trying to obtain your money back or a new item - your mistake, they will switch off in your account the capacity of opening tickets (disputes), they will wipe out your account of any points, credits or previous tickets

    AFTERWARDS READ ME story - Anywhere you search, there is no one to tell you explicitly how to extract from your mtk smartwatch the firmware kit
    All says a halfmouth: Do a full < Readback > in Flash Tool, you'll do it being confident that from now on you say goodbye to any risk because you have A BACKUP hence you start flashing new firmwares. And the Big Brick is coming , you smile and get back to your < Readback > backup discovering that, sadly, you have a binary bulk at first sight good for nothing. It cannot be so useless, isn't it? after all it contains full dump of your ROM! I was in exactly the same situation, so 'cause I didn't find any answer I've started reverse engineering . . . and it worked, first I did it manually for guys being in the same situation, 've noticed that is a common issue so I had to choose how to help, simpler but dangerous (for you) way, to create a tutorial <how to> or the hard way (hard for me), to develop an app which will do all "cooking" automatically and I choose the second because in manually way there is a quite big "chance" to mess up with your primary bootloader which could get to a real tragedy - no modem - brickest brick you saw in your entire life


    Readback extractor mtk 2.1 beta
    Flash Tool and drivers
    3
    Are there apps in the works to change watch faces without flashing?

    Unfortunately, yet, there is no way to get in contact with the watch else than through proprietary mediatek drivers so that the only ways to communicate for now are Flash Tool app and bluetooth modem proprietary commands (the most important of them being secret as well)
    To do such a reverse engineering is way way way over my pay grade
    Still I'm working for an app which could replace any media in the watch (backgrounds, icons) but through flashing method of course
    3
    Yes , no problem.
    I took me also great time, i did it with google translate.
    But i will put in google drive.
    And i am also looking for MTK RESOURSE EDITOR.
    I find one but my virus scanner saying that there is a virus on it.
    Here is the rom gv08s full master
    https://drive.google.com/open?id=0B2z3YUYL-iowR3FXVmVPYm9YNWM

    Thanks for the link and here attached you have the MTK RESOURSE EDITOR, no virus version :)
    Unfortunately is pretty poor, It sees just official compressors (jpg, gif . . . this kind of things) but cannot see mtk compressors - I found that lately (few fellows around came with their firmwares) mediatek is trying to eliminate any common formats so I found inside these JUST mtk media format which right now I have it in process of reverse engineering
    3
    Hello, I followed the procedure but in my firmware I can not find the ROM file.
    While it is present in the firmware XDA DZ09 ...
    In the reading of the Watch did not appear the ROM file.
    As revenue?
    thank you.

    ---------- Post added at 10:41 AM ---------- Previous post was at 10:07 AM ----------



    For clarity, I redid Read Back and saved the ROM file in the folder of my original firmware.
    I open MTK Res 1.3, I open my ROM file and edit the faces, then save and overwrite the same file ROM.
    I open Flashtool, Scatter / config file, I select the file * .cfg of my original firmware folder (where the ROM file is present).
    Flash clock, okay.
    They turn on the clock, but come out the same faces (do not I see those I changed). :crying:
    Where am I wrong? :confused:

    So you are calling original firmware the firmware from where you get the scatter? No, that is just other firmware you're using in order to initialize the flash tool. As in description, you create a folder (empty one!!!) where you have to save the readback dump. then look UNDER description, there is attached an app, readback extractor, download the app and move it in the same folder with the readback dump, then follow the next steps - in this way will be generated A NEW FIRMWARE - if readback extractor doesn't show at the end of the process that "all done" then stop everything, is something wrong with your readback dump and you have to redo the readback with other parameters - we are calling it the original one because is extracted from your watch! this kit has its own cfg and a rom file (which can have different names - in our case FILE_01_mtk). Do a copy of this folder, go in mtk res choose the rom file (FILE_01_mtk) and modify watchfaces, then go in flash tool, choose the cfg file from the folder copy where you did modification, check in options/backup and restore - preserve backup data and backup-download/format-restore, then press download button (which is flashing) - connect your watch, wait till the flashing is ready
    3
    Many thanks @Golem_ :)

    I try with Zeblaze Crystal mtk2502A with length of 0x01000000 and it works.

    But when I use the readback extractor mtk 2.0 and load readback file, give me the follow message:

    error_1.jpg


    What am I doing wrong? :confused:

    Regards,
    Jorge

    Yea, lately I didn't do any updates for readback extractor - no worries about, just new different (newcomers) standards my app didn't know about - good you "woke me up" - too busy and forgot about the latest release I was working on, compiled it right now and "voila" - check on the first page the 2.4 release and let me know if it's working for you

    Use your money wisely, DO NOT WASTE IT buying from GEARBEST
Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone