GSM Shop GSM Shop
GSM-Forum  

Welcome to the GSM-Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features.
Only registered members may post questions, contact other members or search our database of over 8 million posts.

Registration is fast, simple and absolutely free so please - Click to REGISTER!

If you have any problems with the registration process or your account login, please contact contact us .

Go Back   GSM-Forum > GSM & CDMA Phones / Tablets Software & Hardware Area > Various > Siemens-Benq > Siemens-Benq Flash Patching > x4x, x5x Flashpatching

Reply
 
LinkBack Thread Tools Display Modes
Old 10-18-2005, 10:24   #16 (permalink)
Freak Poster
 
Join Date: Jun 2004
Location: Russia, Zelenograd
Age: 30
Posts: 336
Member: 70080
Status: Offline
Thanks Meter: 2

@Xinshou
you can public patches/sources/bin files from this forum?
  Reply With Quote
Old 10-18-2005, 11:25   #17 (permalink)
No Life Poster
 
Join Date: Mar 2004
Posts: 593
Member: 60520
Status: Offline
Thanks Meter: 0
I have disassembled some of the patches. I'll post them when I'm home again.

@xinshou; I have tried to port "Reject incoming call with confirmation", but it doesn't work properly. When I'm writing SMS and a call is incoming, I can press red button and have the confirm question. But if I press "no" (stands for no reject), I'm back in SMS editor window with no possibility to accept call (while caller still gets ringing signal...). If I press "yes" for abort call, it doesn't work either, phone hangs up.
  Reply With Quote
Old 10-18-2005, 11:45   #18 (permalink)
Freak Poster
 
Join Date: Jun 2004
Location: Russia, Zelenograd
Age: 30
Posts: 336
Member: 70080
Status: Offline
Thanks Meter: 2
I more interest binaries and RAM Microreader =)
  Reply With Quote
Old 10-20-2005, 01:27   #19 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Reject incoming call with confirmation (another version):
Modified by: Greenteas
Note: a small bug: long pressing RED key appears as connected, while the phone is hanged up.
0x361EAC: EA20581F FABF403D;hangup hook
0x1F3D40: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF EA20483DFAD6B01EDABF743DFAD6961F;DABF743D is dialog popup,if replaced with silent sound (DAA3B00D), no need to apply following codes.

0x1F3D50: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF D100FF7F00000000020000000000FF7F
0x1F3D60: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 00000000883DBF0000000000002E4203
0x1F3D70: FFFFFFFF 264E0200
0x1F3D74: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E6FC543DE6FDFC02E6FE503DF0FDDADD
0x1F3D84: FFFFFFFF DA80DB00
0x1F3D88: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F04E46FE23003D04DAA39C0CE6F4FFFF
0x1F3D98: FFFF DB00

@rc-flitzer: Pls try the above.
  Reply With Quote
Old 10-20-2005, 02:08   #20 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
@Seklth:
Yes, we have published on the Chinese forum many patches/sources/bin files from this forum.
All basic and important patches have been ported to SLCK v5508, and most of the other patches are ported, only a very few patches have not been ported or to be ported to SLCK v5508.
You can view all Chinese patches on this thread, which is updated from time to time:
http://bbs.0110.cn/viewthread.php?ti...extra=page%3D3
The above thread have two attachments, one for software of listing and displaying all patches, the other for database of all v55 patches.
One attachement contains all bin files recently developed by Chinese users. Some play ringtones, some are for shortcuts to go to certain directories, and some are for entrypoint control of profile functions.
The FAV BIN files are for opening Favorite menu. It is interesting that, when the SIM card is not inserted and when you open the Favorite menu through the FAV bin file, the phone returns to idle mainscreen mode after selecting "Conference"(1E8.D5FA36) on the favorite menu, instead of the usual screen displaying "Please insert SIM card" when the patch "Phone without SIM card" is not applied.
The other attachment is Ram Reader, which views BIN text files, which are in fact Unicode texts including BIN header and footer. The vkp contains useful functions, such as MP3 background control. Press RECORD button to view English.
(The header and footer BIN files are not enclosed here. To load BIN text file, you can just add DB00 on UltraEdit as the header of the unicode text file, and rename it as textfile.bin instead of textfile.txt.)
The final attachment is Java Ram Reader, which loads Unicode text file part by part, each part is 50k bytes. After loading the first part, the midlet gives up MMC access back to MP3. When your reading reaches the end of first part, you may pause MP3 to load another part, or just exit the midlet and restart it, it will load another part from the position (byte position) you define.
Press left softkey to find Help, right softkey to open file and define the position where the file is loaded, press down arrow to select OK. Press 5 to go to specific position (byte) and setup auto-scroll time frame.
Other keys: 1 - up 500 bytes, 2 - select file, 3 - down 500 bytes,
4 - page up, 5 - go to page, 6 - page down, 7 - first page,
8 - auto scroll, 9 - last page, 0 - illumination,
RECORD - toggle scroll between line & page.
You may contact the author, Mr. Potter for English version of the midlet.
Attached Files
File Type: txt Sl45v55Bin.rar.txt (6.0 KB, 62 views)
File Type: txt RAMReader_v2[1].5.rar.txt (17.4 KB, 52 views)
File Type: txt TXTReader.rar.txt (6.9 KB, 50 views)

Last edited by Xinshou; 10-20-2005 at 08:39.
  Reply With Quote
Old 10-21-2005, 09:47   #21 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Lock keyboard immediatly after phone start.
Author: RainMoon
Remark: This patch works together when "Auto Lock Keypad" in the main menu is selected.

0x3637FA: DAB304DF DAC710E9
0x27E910: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DAB304DFD7403400F2F1AA2248102D07
0x27E920: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DAD5DAE8E001D7403400F6F1AA22DB00
  Reply With Quote
Old 10-21-2005, 20:10   #22 (permalink)
No Life Poster
 
trustkill's Avatar
 
Join Date: May 2003
Location: GERMANY
Age: 44
Posts: 980
Member: 27745
Status: Offline
Thanks Meter: 0
I warn everyone to try out the .bin files above with a v56 !!!
I just killed my phone and had no actual backup of it... Damn !
  Reply With Quote
Old 10-22-2005, 02:19   #23 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Using .bin files of wrong version will cause phone shut down immediately. Unfortunately I am not aware that it will kill the phone.
  Reply With Quote
Old 10-25-2005, 01:56   #24 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
An attempt to unravel the KI on the SIM card:
;Use together with KV_SIM0.11, and run ATCGSNDebug2 to read the memory data at the corresponding address given below, then utilize A3A8 algorithm to unravel the KI data!
;RAND data from the Operator base,RAND address: 0X31010 (16 bytes)
;Calculated result by A3A8 algorithm, address: 0X32000 (12bytes)
;IMSI of the phone, address: 0X32020(9bytes)
;KV_CB_RAND :0X31010
0x1fa422: dabf34a8 dabf80AA;redirect A3A8 action to output 0X32000
0x1fa3ea: dabf7aaa dabfA0AA; shift IMSI output to IMSI 0X32020
0x1FAA80: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E6FC100088C0E6FC0020E0CDF0E1F0F2
0x1FAA90: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DAC7B4830802DB00FFFFFFFFFFFFFFFF
0x1FAAA0: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 88C088D098F098E0E6FC2020E0CDDAC7
0x1FAAB0: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF B483DB00FFFFFFFFFFFFFFFFFFFFFFFF
;After using the above patch, undo it, otherwise you cannot use KVSIM normally.
;Attached is an unravel tool base on source code. It is not tested, perhaps it is time-consuming. Hope to have more discussion.
Delete .txt extension after downloading.
Attached Files
File Type: txt AA9FAnFU.rar.txt (5.6 KB, 39 views)
  Reply With Quote
Old 10-25-2005, 08:49   #25 (permalink)
Insane Poster
 
Join Date: Feb 2003
Location: Poland
Age: 45
Posts: 76
Member: 22528
Status: Offline
Thanks Meter: 0
Is possible finding, by this method, KI from new SIM cards (comp128 v2)?
  Reply With Quote
Old 10-25-2005, 10:10   #26 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
It seems no one has succeeded in finding, by this method, KI from any SIM cards. Perhaps there should develop some kind of Collision Algorithm.
  Reply With Quote
Old 10-29-2005, 02:23   #27 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Auto shift the number of the SMS service center in KvSim:
Author: xhjjxm

1. Go to Main menu - Messages - SMS - Setup, if you have only one "SMS" configuration, press Options to creat another "SMS" configuration, and rename it as "Virtual card SMS". In "Virtual card SMS", input the number of the SMS service center for the virtual card, for example, +8613812345678. Then, save it & exit.
This patch will auto shift the number of the SMS service center in KvSim and set it as default one, according to the other "SMS" configuration, after one virtual Sim card is selected. If the real Sim card is selected, the phone will auto change back to original "SMS" configuration.

2. Modify your KvSim patch, add the number of the SMS service center for each virtual Sim card. Put the number in the last line of the patch of each virtual Sim card.
Encoding method of the number of the SMS service center:
E.g. +8613812345678, remove +86 and add F as final letter, it becomes 13812345678F. Then, for every two letters, reverse its positions, the encoding result is 3118325476F8.
Copy encoding results to the last line of the patch of each virtual Sim card, and add 0 to replace free FFFF area.

Final KvSim patches are like the following:
;KvSim v0.6: card 1
;0x1FA060: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 456D7074790000000000000000000000 ; card name, Empty here
;0x1FA070: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 00000000000000000000000000000000 ; IMSI
;0x1FA080: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 00000000000000000000000000000000 ; KI
;0x1FA090: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 3118325476F800000000000000000000 ; SMS service number

;KvSim v0.8: virtual card 1
;0x1FA040: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 322D4E6F6E6500000000000000000000 ; card name
;0x1FA050: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 00000000000000000000000000000000 ; IMSI (9 bytes, ended with 00)
;0x1FA060: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 00000000000000000000000000000000 ; KI
;0x1FA070: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 3118325476F800000000000000000000 ; SMS service number


;the following is the Auto shifting patch for KvSim v0.6

0x1F0500: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 8810884088C088D088E088F0E011D740
0x1F0510: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 3600C2F8780D48402D11E6FE502006FE
0x1F0520: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 400028413DFCE0648840E6FCA622E0DD
0x1F0530: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E6FFFE02DAC7DC830802E021D7400D00
0x1F0540: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F7F2102298F098E098D098C098409810
0x1F0550: FFFF DB00

;The following hook is for KVSIM v0.6

0x1FA1F6: DABF201E DABF0005
0x1F0550: DB00FFFFFFFF FABF201EDB00


;the following is the Auto shifting patch for KvSim v0.8

0x1F0500: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 8810884088C088D088E088F0E011D740
0x1F0510: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 3600C2F8780D48402D11E6FE302006FE
0x1F0520: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 400028413DFCE0648840E6FCA622E0DD
0x1F0530: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF E6FFFE02DAC7DC830802E021D7400D00
0x1F0540: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F7F2102298F098E098D098C098409810
0x1F0550: FFFF DB00

;The following hook is for KVSIM v0.8
0x1FA35A: 0812DC42 FABF0005
0x1F0550: DB00201EDB00 FABF201EDB00

The attachment contains source code of above patches. Just delete .txt after downloading it.
Attached Files
File Type: txt KVSC.rar.txt (3.0 KB, 29 views)
  Reply With Quote
Old 10-29-2005, 05:00   #28 (permalink)
Freak Poster
 
Join Date: Jun 2004
Location: Russia, Zelenograd
Age: 30
Posts: 336
Member: 70080
Status: Offline
Thanks Meter: 2
Konca going to publish sources of kvsim0.8?
or recompile for v56?
  Reply With Quote
Old 10-29-2005, 08:42   #29 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Don't know that.
You can port above patch according to the KvSim for v56.
  Reply With Quote
Old 11-08-2005, 08:22   #30 (permalink)
Freak Poster
 
Join Date: Apr 2005
Age: 19
Posts: 237
Member: 137411
Status: Offline
Thanks Meter: 1
Change the size of Idle Picture on mainscreen, & move its position:
Author: Greenteas
Note: Idle picture has a max. size of 101 x 72, but the phone cannot store the size bigger than 101 x 56 (?).
Bug: If you change the size larger than 101 x 60 (?), the ringtone will be dim unless you restart the phone.
5439E2:08 12;position - coordinate Y
2F29D5:2E 3C;picture height 3C (hex), max.48 (hex)

  Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
thread Thread Starter Forum Replies Last Post
Download Dct4 Patch Imei Files from Support Celumoviles Fast Dongle Solution 3 11-25-2010 13:35
http://bbs.mydigit.cn--All mp4/mp5 firmware_Free _Jamuna Electronics Media babul_worldnet Game Consoles & Mp3/4 , HD players 3 02-11-2010 19:50
http://bbs.mydigit.cn--All mp4/mp5 firmware_Free _Jamuna Electronics Media babul_worldnet Game Consoles & Mp3/4 , HD players 3 02-03-2010 09:30
people from jdtx.com/cn InfernoNordOst The Market Feed Back 0 01-05-2008 13:31

 



All times are GMT +1. The time now is 06:13.



Powered by Searchlight © 2019 Axivo Inc.
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
- GSM Hosting Ltd. - 1999-2017 -
Page generated in 0.49462 seconds with 9 queries

SEO by vBSEO