|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
Infineon C16X M51 & ARM7 M52 BASED MYxxx: MY3078, MY3026, MY3027 MWxxx: MW3052, MW3042, MW3040, MW3020, MW936, MW939, MW939, MW930, MW940, MW3026, MW3027 MCxxx: MC3000, MC959, MC950, MC940, MC939,MC936, MC932, MC912, MC850, MC825, MC820, MC922 RCxxx: RC922, RC750, RC730 WAxxx: WA3050 |
| LinkBack | Thread Tools | Display Modes |
04-08-2003, 19:34 | #1 (permalink) |
Junior Member Join Date: Feb 2003 Location: Serbia Age: 48
Posts: 22
Member: 21723 Status: Offline Thanks Meter: 0 | calc4.2.2 - i need using tips, PLEASE! and succesfully found ID, please let me give some using tips what to use as crypted/uncrypted fields, what is 41 or 01 lo9ck level etc. thanx. b.r. ALex. |
04-08-2003, 23:17 | #2 (permalink) |
Guest
Posts: n/a
Member: | How to use this calc: It 'calculates' (brute force) the phoneID for Sagem Phones To check, weather a ID is correct or not, it needs some input data: Field 0: This is the phone IMEI in a twisted form A pair of fields: a uncrypted and a crypted field The uncrypted field can be a field that is protected by checksum and the crypted field is the checksum for it. Or, if you know the locklevel, you can use field 251 as crypted field and as uncrypted field, you enter the locklevel (usually 41 or 01). The modes: Mode 0: This is for old Phones, where you know the beginning of the PhoneID. Usually this is 033170 or 033171. You have to enter the beginning of the ID. Mode 1: This i sthe same like mode 1, but the program automatically chooses the first 3 bytes. At first 033170, then 033171, then many other values between 033160 and 033179. Mode 2: This lets you determine the real phoneID out of the crypted phoneID, many well known sagem-loggers produce. Mode 3: This is phoneID determination for MX3XXX DX 3,5 X Phones. This is the most powerfull Option to find the ID in this Phone. But it takes a long time (up to 80h with 1Ghz processor) Mode 4: The same as mode 4, but faster. It tests not the compleate ID-range, but its faster Mode 5: This is also ID determination for MX3XXX DX 3,5 X Phones. It is based on a list of known 3-byte ID-suffixes. It cannot find IDs with unknown suffix, but its very fast (20 sec). So, i suggest, to use this mode first. It works finest for Firmwares DJ 3,5Cand quite well for DJ3,5D but bad for DJ3,5E Mode 6: The same like mode 5, but only with 2 byte suffixes. This way, you have a better chance, to get your ID, but it takes longer... Mode 7: Another suffix-based Method for MX3XXX DX 3,5 X Phones It tries out and recombines the most common bytes of the known suffixes. If this works well or not, i do not know. You may try it out. It needs ~ 4,5 h on a 1Ghz PC So what mode to choose for MX3XXX DX 3,5 X Phones? At first try option 5. The chance is good for DJ3,5C or D(but not for DJ3,5E). This are only 30 seconds Then try out Option 6. There you have a real chance to get your ID and its only some hours After that you may test the new Option 7, if you like... If this fails too, you have the coice :-) Either a try with the 'fast' Option 4 or the best detection mode, mode 3. But this can take very long (80h) Well.. Nobody is perfect, this program is based on statistic... It may be, that even this most powerfull mode fails... Thats life. Now good luck brute forcing your phoneID out... Heres a list of field pairs from some firmwares...In othe Phones, the combinations can be other way Perhapes it helps you :-) MW3026 DJ3,5 C/D/E Lock level 41 16128 <-> 5251 16129 <-> 5252 16140 <-> 5253 16141 <-> 5254 16177 <-> 5255 16178 <-> 5256 185 <-> 5257 227 <-> 5258 268 <-> 5259 5120 <-> 5260 5374 <-> 5261 5375 <-> 5262 5376 <-> 5263 5798 <-> 5264 5908 <-> 5265 995 <-> 5266 DH4,6J: 051201 1740 Lock level 42 5259 <-> 268 5251 <-> 16128 5252 <-> 16129 DI4.6G Lock level 00 16128 <-> 5251 16129 <-> 5252 16140 <-> 5253 16141 <-> 5254 16177 <-> 5255 16178 <-> 5256 185 <-> 5257 227 <-> 5258 268 <-> 5259 5120 <-> 5260 995 <-> 5266 |
04-09-2003, 07:04 | #4 (permalink) |
No Life Poster Join Date: May 2000 Location: Bacau, Romania Age: 50
Posts: 914
Member: 1447 Status: Offline Thanks Meter: 97 | OK... I undestand when CREW say HeHE..... Your response (legija) is like HeHe...... or ask at www.sagem.com The good response and easy for you is.....READ OLD TOPIC..... It is right response..... |
04-10-2003, 10:13 | #8 (permalink) | |
No Life Poster Join Date: Jan 2001 Location: La Coruņa-Spain
Posts: 1,146
Member: 3035 Status: Offline Thanks Meter: 2 | Quote:
Yes, it can find phone ID for ALL phones regardless of the version, but you should run the program many times, and when i say many i mean MANY MANY times untill a maximum of 256*256*256 times and you will find for sure your phone ID. So 16777216 times max at aprox 20 seconds/run... This yelds 335544320 seconds maximum time (in worst case) to find 100% your phone ID with chris calc. That's only 5592405.33 Minutes, or 93206.75 Hours, or 3883.61 days. But remember this is max wait time under worst conditions Am i wrong or not? | |
04-11-2003, 18:26 | #9 (permalink) |
No Life Poster Join Date: Mar 2002
Posts: 774
Member: 10175 Status: Offline Thanks Meter: 0 | @Trier You forgot to give a important advice: If field 251 and Locklevel is used in your method, you will find a Phone ID much earlier... Theres only one problem: This ID will not be correct. You check 256^6 times if the selected ID is valid. Field 191 is 4 byte long... So, the probabillity that this field matches by accident to your other data is 1:256^4 You see, you will find ~ 65536 IDs But you have ~10.5 years to check them all :-) :-) |
Bookmarks |
| |
|