Unlock all bands of your Qualcomm device! Use your phone globally! No bs!
- Thread starter olokos
- Start date
No need to use them. Simply avoid for now the unlicensed ones .
Follow the instructions included in the patched ones [P].
I have to say that is really a very valuable colection. It is an exclusive source, at least in the english spoken forums.
Thanks to BlackSoulxxx for his gift to all.
---------- Post added at 04:10 PM ---------- Previous post was at 03:29 PM ----------
According to 2016/06 QDART Help, it's not advisable to backup NVRAM contents in .QCN file format anymore:
... Though I dont know how relevant is this strategy for older Qualcomm phone models.
Thank you for your addition. I didn't known about these possible issues which could occure in any various aspects while working with Qualcomm EFS/NVRAM data (e.g. fixation/recovery of the dead phones). However if one have any suspections and to be on the safe side we could backup NVRAM contents to the xQCN format. xQCN seems to be the same storage as QCN with the difference it stores QCN's binary data as a text 'codes' between the xml tags, while QCN simply stores the binary data as binary data with some proprietary Qualcomm and M$-document headers.
It is simplier to patch binary data directly neither convert text to the binary data, patch it, then revert back to the 'text codes' and write into the xml.
There is no technical problem to store NVRAM in the text file with the binary tree. You can use provided (w/QPST) QCNView utility to load QCN/xQCN and view all the contents as a binary tree of the named hives and fields and even export this text tree to the text file to process with any tools you want. In this text you will see named ITEMs and EFS files with a quoted text of binary values that is relatively much easier to understand and patch. The problem is QCNView can NOT load/import [patched/any] text files and export them to the QCN/xQCN. It can only load/import QCN/xQCN and export it to the text. It's the one direction road. Qualcomm intentionally prevents us from easy patching of the modem data.
Unlike the described text file xQCN, which in fact is also the text file, quotes the binary structures of the proprietary format QCN data but not the readable ITEMs and EFS files structure. You'll not see plain text ITEM with numbers and EFS files with name definitions there. Just an 3-times size excessive way to store binary file as xml-text.
So I just can advise you to save NVRAM backups as QCN and xQCN one by one, then export both files to the text (by QCNView) and compare to be sure all the required NVRAM/EFS data was backed up. You should then explore text and find the ITEMs you need to patch. If QCN and xQCN backups seems to be equivalent in the containing data you can patch QCN and Restore it to the device to check/use your patch targets. If xQCN seems to store more data, then QCN, you will be forced to patch xQCN. To do so you may need convert binary data twice, once from text to the unique binary sequence (you have found in the plain text backup), then revert it to the text sequence encoding the QCN binary data to the xml xQCN. The search these data in xQCN and patch as you need.
It would be nice if someone will write an app to convert data between plain text NVRAM backup and QCN/xQCN format. To be more correct we just miss the one direction converter from text to QCN (while we can export text from QCN/xQCN in the QCNView). Form some stupid reason no one have written app to deal with QCN/xQCN backups. The authors of the commercial 'box' apps prefer to read/write NVRAM/EFS directly mostly using QMI protocol ('Diag port'). Qualcomm noted a long ago that preferred way to deal with NVRAM from outside the device, is to backup/restore the whole contents neither edit particular ITEMs directly (e.g. by older RF_NV_Manager like apps). Qualcomm have added some protective techs to the NVRAM/EFS procedures (e.g. IMEI OTP feature). OEM's add their own stupid custom protections, especially related to their unlawful SIM locking techs (locking directly violates consumer right and antimonopoly laws in many countries but big-money overall any laws).
At the same moment NVRAM backup/restore protocol/procedure uses some Qualcomm-common-reference-design backup privilege rights inside of the modem FW (any QMI dealing SW, including 'miracle boxed', fully depends on the modem FW and doesn't edit any data directly, I never heard the one have decrypted EFS storage, i.e. ModemST* partitions, independently of the modem FW). This make service SW dev dependable on the modem FW, which could be easily customized in any new version to prevent 'boxes' to make a things OEM doesn't want they do. On other hand service SW dev isn't fully aware of all the internals of the modem FW. It tries to support more and more models selling more and more 'box' copies and he has no enough time to fully reverse every model and every FW version. And as a final point, many boxed SW's do NOT backup NVRAM data before they try to edit it, or DO backup, but in the proprietary encrypted format (trying to 'protect' their 'TOP Secret' techs) which is not easy or impossible to restore by the SW itself and/or common SW like QPST and partition restore using ADB. This situation leads to the multiple failures when users and/or service engineers stuck with a NVRAM-broken devices with no backups and no recovery technique and forced to participate in a long term product support dialogs (which, BTW, doesn't warrant the successfull solution)..
There are the tools in the QDART package available to make such or simular actions with NVRAM (to provide devs with ability to initially make and tune custom NVRAM image). But QDART is a monster app of 400-700MB in size. It is designed to create full cycle test environment for devs, while we need just a 10-1000KB app
to make our narrow job most comfortable way. I will not setup QDART even too I have a few modern versions. It's too excessive. I have extracted some console QCN/xQCN related utils from the QDART package (forgot the names) and got half a way to use it but failed to finish due to the time lack. One can explore and find/make the fully working solution for the problem.But I prefer one(s) will reverse not-so-complicated QCN/xQCN format and write an independent app (most preferred open sourced at least since the EOD) to provde the community with open technology independent of the any proprietary SW. It's a long term project of honor. Other goal is to find a common way to decrypt/encrypt-back EFS partitions (ModemST*) using/not-using internal modem FW procedures, but it seems to be much more harder tech to develop. One who will make it will be the Earth scale Hero.
Old good RevSkills/QMAT can import (it seems to be no export there) unencrypted EFS image but just from very old devices (up to the beginning of the 201x) and someone seems to have forced the author to stop development in the 2012. You shouldn't be here, Neo!
Maybe someone knows how to calculate the value of "LTE BC Configuration"?
NV Calculator is not appropriate, it lacks some of the ranges.
NV Calculator is not appropriate, it lacks some of the ranges.
Someone just leak another version of QPST and QXDM which fully support new snapdragon chip.... I will try them out
Hi,for Xperia T2ultra dual (D5322)
Snapdragon 400(msm8228) please can u tell how to enable 4G
I'm also running a SD400 device, mine is 8226 nd it doesn't support LTE nd the 8228 also doesn't support 4G capabilities, so no 4G for this device, mostly the 8926 supports it
Zacharee1
Recognized Developer / Retired Forum Moderator
If the chip doesn't support LTE at all, it probably isn't just disabled, but rather nonexistent.
good lord this thread is huge.. i have the zenfone ultra.. will i be the first one willing to try this? or has somebody beat me to the punch?
rbeavers
Senior Member
After a quick search you seem to be the first!
Sent from my SM-N950U using XDA-Developers Legacy app
Hello,
I have tried it for Asus Zenfone ZE520KL, but without success.
I cannot make it connect (or to be found) on QPST, even add port does not work.
Do you have any idea what is wrong? I installed many different drivers and also use a skript
on the phone to force Qualcomm USB driver installation.
I will be thankful for any help.
I have tried it for Asus Zenfone ZE520KL, but without success.
I cannot make it connect (or to be found) on QPST, even add port does not work.
Do you have any idea what is wrong? I installed many different drivers and also use a skript
on the phone to force Qualcomm USB driver installation.
I will be thankful for any help.
People, can somebody provide answers to these questions?
Maybe someone knows how to edit the configuration amss_fsg_***_ims_tar.mbn?
Last edited:
There is a hidden activity for it. It's called "Customization Selector/Modem switcher" and you can find it with various shortcut managers, I'm using Quick Shortcut Maker for this purpose. Just open the ACTIVITIES tab and search for "modem". Only the right one will be found.
BUT: Normaly it won't run, you need to edit build.prop and change the "user" build type to "userdebug". After that it will be startable (just make a shortcut or do "Try" in QSM).
WIth regards,
Pavel
Why did you write this?
I need to change the configuration file in order not to adjust every time the settings in QXDM.
I wrote it, because you asked for it.
Quoting:
"Maybe someone knows how to edit the configuration amss_fsg_***_ims_tar.mbn?"
So, my answer is an exact answer for your question. By Modem switcher, you can permanently edit the configuration of modem being used.
Otherwise, you know: Stupid quetion -> Stupid answer
.
I wrote it, because you asked for it.
Quoting:
"Maybe someone knows how to edit the configuration amss_fsg_***_ims_tar.mbn?"
So, my answer is an exact answer for your question. By Modem switcher, you can permanently edit the configuration of modem being used.
Otherwise, you know: Stupid quetion -> Stupid answer
Okay, You didn't even bother to read the last few pages before replying.
Did you ever try this on your Zonefone 3 Ultra? I have the same phone and would love to give it a shot.
Similar threads
![[NUT]](/data/avatars/s/4904/4904057.jpg?1600603615){kind=avatar}
- Poll
Top Liked Posts
-
There are no posts matching your filters.
-
207You do everything here at your own risk. I take no responsibility for any broken devices/sdcards/your house going down on fire and everything else.
PLEASE DO NOT MIRROR THESE FILES!
Requirements:
root
ability to use mouse and keyboard
terminal emulator on your phone
What do you get for doing this?
Propably you'll be able to use a lot more bands than before. Most likely your phone will work on every place in the world now.
Check the third post for a link to OPO guide
C6903
before
after
1. Download this zip Google it as it's banned from xda for the ability of imei change
2. Extract it and install QPST from that zip
3. Open the caller app and type in *#*#8778#*#* (it should go off the screen after you type in the last symbol "*"
3.5 Those on custom roms (tested on cyanogen 11 with s4 mini) can use the efs professional toolkit to change the mode to enable the diag port.(Thanks @blackburn !)
4. Connect your phone to your PC
5. Open ADB console
6. Type in these commands:
7. Turn off USB Debugging, Disconnect your phone from the PCCode:adb shell su setprop persist.usb.eng 1
8. Wait about 10 seconds (don't have to be exact, just let it all disconnect in the PC) and turn USB Debugging back on
10. Connect it back to the PC. It should try to install drivers. Wait until it fails to install all of them.
11. Open device manager - you will see your device model a few times. Go to details tab. Scroll down a single time on that tab. You will see MI_0x there.
12. Go through those devices until you find MI_04 under the second drop down position.
13. Select "update driver" for this device and install the htc driver from the zip.
14. Press start button and navigate to QPST -> QPST Configuration
15. Go back to device manager -> modems -> HTC
16. Find "COM*" in my case it was "COM3". It might be different for you.
17. In QPST Configuration click on "Add new port" and in "Port" type in your "COM*". In my case It's "COM3" in there. In Port label it could be anyting u want. In my case I used a Z1 so I typed IN "Z1".
18. It should look like this now.
19. Navigate to QPST/bin and open RV_NV_Manager.exe
20. press on settings -> Comport and choose your COM port.
21. Press on file -> read from phone
22. Wait patiently until it is finished. Now pay attention!
23. Go to line 1877, click it and copy the decimal number on the right side of a programme. right click - copy
24. Go to the place where you extracted the zip from the first step and start mzTool
25. On the left side you will see "Input radix" - press decimal there.
26. On the right side you will see "RF BC CONFIG" paste your previously copied number from the RV_NV_Manager.exe there.
27. You will see now what bands are you able to use on the bottom of the app in "Bit information"
28. Switch tab to "Band Preference (NV Value)"
29. In there select all GSM bands and WCDMA bands. This place is really a field of testing. In my case (C6903 LTE) I selected all of GSM and WCDMA. I wouldn't suggest you to do anyting else in here unless you know what your'e doing. Let me know if you got something interesting in there.
30. After you're done choosing what bands do you want - copy decimal number from the bottom right
31. Remove all commas from that number ( "," ) so it would be just a bunch of numbers without anything else.
32. Open RV_NV_Manager.exe from the point you left it (step 23) and paste your new number without commas "," there.
33. Press on write NV and then press on file ->write changed NV to the phone.
34. Open up the terminal emulator on your phone and write there this:
35. Reboot the device and hope you'll have the reception. If you do, hooray!Code:su setprop persist.usb.eng 0
36. Type in *#*#SERVICE#*#* (*#*#7378423#*#*) to see your new bands that your phone can use!
If your phone can't boot then flash stock FTF to your device and you should have your reception back!
Enjoy!
I wanted to mention that I'm just the guy that was interested in this and the person that actually made it possible is @BlackSoulxxx all thanks go to him! He's the guy that did it! Please thank him in the second post!
PLEASE DO NOT ASK ME IF IT WORKS ON YOUR DEVICE! I DON'T KNOW. YOU HAVE TO TRY IT YOURSELF.
If you have any problems or issues here's some help from other users http://xdaforums.com/showpost.php?p=55321344&postcount=3
Tested on: ZU, Z1,SP,Xperia TL,Sharp-DOCOMO Aquos Zeta SH-04F147Dangerous stuff to experiment with. Already lost 2 phone(2 expensive paper-weight with OmniBalance design -_- )
But ENJOY!
@olokos17Wow, works overloadPLs send me more hardware ids so I can mod them....
BTW here is the driver for g906s (S5 lte-a) http://d-h.st/Yqi Tks @D.O.C for the hardware ids
http://d-h.st/nMV i9505
http://d-h.st/On8 OnePlusOne ( lucky guys, I always want this stuff)
http://d-h.st/2zZ Nexus 5 (D821)
I will make driver for other devices and update here.....
For anyone use HTC, use the official htcdiagdriver. Simply.....
P/S: The driver are untested, use with careful...
And the titile are a little bit misleading (I say this method is for sony and a few device, depend on the phone, @olokos put the title "for all Qualcomm devices"
---------- Post added at 03:33 AM ---------- Previous post was at 03:12 AM ----------
Step to unlock LTE band 19.21 in Z2 D6503, SO-03F (Yeah it have band 19,21 but need int' band)
Install QXDM http://www.mediafire.com/download/r1z2r6iu94habrp/QXDM-3.12.714-www.getdriver.com-.rar
Do the guide and unlock all, include "[60] Reserved for BC10...."
Write NV to phone
Do to step 33 then stop
Open QXDM, go to Option -> Communication
In Target port, choose your phone com port and press OK
Now in View -> NV Browser
QXDM will open new window, in Category Filter choose LTE
Scroll to id 06828 and click on that, click read then in Input and Value change the value to "1904863" (The value of int' Z2 with LTE band 19,21 add)
Click "write" and do the step 34 on the guide till the end
Reboot the phone, and check 7378423 to see the band
Works on Z1, Z215
Nexus connection
1. Remove all installed drivers.
2. Install LG United Mobile Driver
3. Enable debugging and install adb driver if it's not automatically installed.
4. Using adb issue the following commands on a separate line
5. Your phone should start installing drivers, once installed under Ports in device manager there should be (* indicates a number):Code:adb shell su setprop sys.usb.config diag, adb
- LGE AndroidNet for Diagnostics Port (COM*)
- LGE AndroidNet USB Serial Port (COM*)
One Plus One guide
Moto Droid RAZR Guide
XIAOMI MI2 Guide
LG G3 D852 Guide10
Moto users
Ok, Moto users follow steps 1-6. Steps 7-13 get tweaked. 7. Turn off phone and disconnect from PC. 8. While phone is off, press both vol + and vol - and then press the power button. 9. Vol - to BP Tools and then press vol +. Let device boot up and then reconnect to PC. 10. Phone will then install drivers and will fail. 11. Open device manager and find Other Devices. You will see 2 lines that state Motorola QC and Motorola QC NMEA Interface. 12. Choose one and go Update driver>Browse my computer for driver software>Let me pick from a list of device drivers on my computer>Ports (COM & LPT)>Motorola>Motorola QC Diag Port>Yes. 13. Repeat for other one and note which ports become available. Steps 14-end of steps are the same
Note: this process only unlocks the bands, it does not sim unlock your device.
Sent from my ATRIX HD using XDA Free mobile app
