| Unlocking the User Lock Code on Nokia 2865i
The nokia 2865i cdma phone uses a different encoding scheme for the user lock code than older nokias. And the version of jaf that i have cannot decipher the user lock code on this phone. It states that it's 12345 even though it's really not.
However, jaf does communicate with the phone and can read the PM (permanent memory) section. Here are some notes about the user lock code on this phone that i compiled.
In this case, the user lock code is set to 6969
[154]
183=36393639
In this case, the user lock code is set to 12345
[154]
183=3132333435
Using jaf to erase pm field 183 of pm record 154 results in the user lock code being set to an unknown value. So don't erase this field or leave it blank.
To get back into the phone with the now unknown password, i looked at what values changed in the pm as incorrect lock codes were entered. And then used jaf to erase the corresponding fields.
Record 12 from field 11 erased!
Record 20 from field 11 erased!
Record 0 from field 98 erased!
I also saw a field with a 1 value near this record that looked like a boolean on/off toggle and decided to erase it
Record 13 from field 11 erased!
The phone now booted up without asking for a user lock code anymore.
For record, here's some more info about the phone that i was using:
MCU SW version: V FL100V1000.nep
15-09-06
RM-193
(c)NMP
PCI version:
UEM version: 400
UPP version: 8273
RFIC version: DSP510_FLT_06w13_01_TK2
DSP version: DSP510_FLT_06w13_01_TK2
LCD version: SUEZ
PPM version: V FL100_05w21_50_15.nbr
31-08-06
RM
AA
And i used the gsm nokia 3100 cable with this phone. It didn't quite fit properly into the phone. So i disassembled the phone, removed the motherboard and shielding over the fbus/mbus area and then held the phone adapter onto the motherboard using my hands. If you are going to work on a bunch of these phones, you'll probably want the proper adapter though. |