|
|
 |
|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
| |||||||
| Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
| GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
 |
| | LinkBack | Thread Tools | Display Modes |
03-08-2006, 04:58
| #1 (permalink) |
| No Life Poster   Join Date: Dec 1999 Age: 44
Posts: 837
Member: 790 Status: Offline Sonork: 100.82414 Thanks Meter: 99 | to all prof in mobile i want to know in the flash file for nokia . where i can get the address for erase flash i know in the flash the address for erase and wright where it is like in patched flash for 6610i it is erase from adress xxxxxxx to address xxxxxx and wright where that address puted in the flash ?????? and i want to know how i can debuging and anlise and assmbly the flash file for nokia by ida ?? what the prosseccor i must chose ???? i have flash from mobile 3510i and i want to deassmbly it by ida i take that flash from the phone by read flash in tornado . thnx for dejan and sorry for my bad english thnx for all of u  |
 |
|
03-09-2006, 17:26
| #2 (permalink) |
| Crazy Poster  Join Date: Jun 2005
Posts: 54
Member: 152989 Status: Offline Thanks Meter: 11 | After the first 9 bytes, the header of flash file are organised as a series of TLV (Type, Length, and Value). The type and length field are one byte each. The erase address belong to type 0xc8, and this field is organised as 0xc8 <len> <start addr of region 1><end addr of region 1> <start addr of region 2><end addr of region 2> ... <start addr of region n><end addr of region n> Each of the specified region will be erased (unless you choose not to) if you use flasher like JAF prior to flashing the phone. Read g3gg0 webpage for more details. As for ida pro, it can't be used to debug nokia firmware. You can only disassemble and analyse it. Typically, you can choose ARMB as the architecture. But for Symbian phone, you should choose ARM. |
| |
|
03-14-2006, 16:59
| #3 (permalink) |
| No Life Poster Join Date: Dec 1999 Age: 44
Posts: 837
Member: 790 Status: Offline Sonork: 100.82414 Thanks Meter: 99 | thnx man for ur very nice replay but i can not find it u can help me in that A20000010000000011C810013200000132FFFF015200000152 FFFFDD20020100120084080880101020044440800100022004 020900100020084001A000DE088B7FDD632ABE7CA2AA040152 0000C2054443543400C30F4443543420414C474F524954484D 00DA0101C90109CA020D0CCB20E40120420001001F00030000 0000FFFF00000000235C040F00000340C6052290CD08000186 A000000000CE0800632EA000000000CF0800632EA000000000 D1080000C73800000000D40401201120D9020010D3406522E4 A7ADC7FF7B0A8AE6DAFCC9059D2B8C244A53574093CB2A188F 7243CA86F43339A637EE53F65CB738E0AACEEAE4C0FEC23E49 987E9B7EDA7EBB16A26A571401320000D0004000BCCE4873CE B758BDE8A37FBB4A2DB21E0E299D6DBC20F39A46693BCDAF34 6C4B1EC8 where the len and start address and end address here ??? thnx for ur help |
| |
|
03-15-2006, 08:22
| #4 (permalink) |
| No Life Poster  Join Date: Dec 2004 Location: 0x001FD00
Posts: 1,285
Member: 98572 Status: Offline Thanks Meter: 36 | A20000010000000011 here it start. C8 10 013200000132FFFF015200000152 FFFFDD020100120084080880101020044440800100022004 020900100020084001A000DE088B7FDD632ABE7CA2AA040152 0000C2054443543400C30F4443543420414C474F524954484D 00DA0101C90109CA020D0CCB20E40120420001001F00030000 0000FFFF00000000235C040F00000340C6052290CD08000186 A000000000CE0800632EA000000000CF0800632EA000000000 D1080000C73800000000D40401201120D9020010D3406522E4 A7ADC7FF7B0A8AE6DAFCC9059D2B8C244A53574093CB2A188F 7243CA86F43339A637EE53F65CB738E0AACEEAE4C0FEC23E49 987E9B7EDA7EBB16A26A571401320000D0004000BCCE4873CE B758BDE8A37FBB4A2DB21E0E299D6DBC20F39A46693BCDAF34 read the instructions carefully. good luck... |
| |
|
03-15-2006, 08:44
| #5 (permalink) |
| No Life Poster Join Date: Dec 2004 Location: 0x001FD00
Posts: 1,285
Member: 98572 Status: Offline Thanks Meter: 36 | Taken from http://www.g3gg0.de ===================================== [DCT4] Flash Header Tag ID's Februar 13, 2006 oh i think i never made them public.... here are the flash header tags i know. C2 secondary_id C3 algorithm_id C8 erase_area C9 vpp CA vcc CB hw_config_byte CC hw_config_offset CD secondary_speed CE algorithm_speed CF program_speed D0 secret_info D1 msg_read_speed D3 claudia_info D4 mcu_id_info D5 vcc_off_time D9 programming_options DA fps8_options DE fps8_timeouts DF mm_bus_config E0 mm_open_config E1 mm_part_config E3 mm_prog_config but dont ask me what all the options mean or how you can tell what all the bits are for ================================================== |
| |
|
03-15-2006, 15:27
| #6 (permalink) | |
| Crazy Poster Join Date: Jun 2005
Posts: 54
Member: 152989 Status: Offline Thanks Meter: 11 | Quote:
01320000 - 0132FFFF, 01520000 - 0152FFFFD | |
| |
|
| Bookmarks |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How To Enable GPRS in mobile phone. | Kiran0309 | Samsung Flashers, Software, Firmware. | 2 | 03-11-2009 08:23 |
| How to sold jumpers in mobile phone | nitinhindustani | Nokia Hardware & Hardware Repair | 1 | 02-27-2009 13:25 |
| if you don't want to use Sim in mobile SL45 | blazefr | x4x, x5x Flashpatching | 11 | 04-24-2005 11:24 |
|
|
Linear Mode
