HEX study - first results!!!

[ldril]

This message is a follow-up (with a small correction) for:<br /><a href="http://www.gsmcity.de/ubb/ultimatebb.php?ubb=get_topic&f=20&t=001687" target="_blank">http://www.gsmcity.de/ubb/ultimatebb.php?ubb=get_topic&f=20&t=001687</a>

The sub at 06F2 actually reads 13 bytes from PC and is the sub for MSID decoding. It returns to the PC 4 bytes with PPM CHK, 4 bytes with COBBA_ID and 3 check bytes:<br />First byte MSID ---- check bytes should be<br />81 ---- A5 A6 A7<br />82 ---- A8 A9 AA<br />83 ---- AC AD AB

I have written a program that emulates the PIC to decode the MSID number. I have to put it somewhere online. Most probably it will at http:\\www.geocities.com\ldril\

[ldril]

Oops, forgot to mention that you must have in the same directory the file dex0.hex <img src="rolleyes.gif" border="0">

ldril

[Freestyler2000]

Hi<br />Downloaded your program, but cannot calculate Cobba ID and flash checksum for 81111111111111111111111111.<br />Why?

Best regards<br />Daniel

[Y2K]

@daniel<br />checksum for 81111111111111111111111111<br />could it be that cobbaID starts with 2A....<br />and faid with EE9C.....

<img src="biggrin.gif" border="0"> <img src="biggrin.gif" border="0">

best regards Y2K

[ 15 February 2002: Message edited by: Y2K ]</p>

[ldril]

What exactly do you mean by cannot calculate? How did the program behave? Any error messages? What was the output?

Do you have the hex file in the same directory?

Anyway for me it works:<br />Flash chk: 941BD1C8 Cobba ID: 2A15CFB9 Check: 6EE49AA867<br />(ofc as you can see this is not a valid MSID)

[VsH-GsM]

@drill<br />Hey!!!<br />You are great!!!<br />Good work!!!<br />Keep on your Excellent work!!!<br />Please send me a source of your program to : [email protected] !!!<br />I want to Make Log Calculator...<br />Thank you!

@Y2K <br />No,Can not

[Y2K]

@VsH-GsM

<br />hehe could be for 10000% belife me <img src="biggrin.gif" border="0"> <img src="biggrin.gif" border="0">

daniel know what i'mtalking about <img src="wink.gif" border="0">

[dito]

misd.bat

dec_msid.exe 00112233445566778899001122

Gives Flash chk: 34BEAABF Cobba ID: 505DB56C and check 4B0CFA887E

Was goning to use a msid I knew, but anyway...

Best regards!

[Lead]

MSID: 819516F525579B6E7312075FAB<br />Flash chk: 92614E65 .... OK <br />Cobba ID: 006347F7 <br />Check: A5A6A7248B

[davieb]

Wow!<br />If source is released (or if you work on it now!) I expect a log calculator to be out within hours!

Forgive me for my ignorance but as I understand it - that program extracts flash, cobba, and check from readed MSID?<br />In which case, all that needs done is the faid calc algo, which takes in these values, to be "emulated"??

Well done idril!!!

[ldril]

I think the MSID can start only with 81, 82 or 83. Other values might not give an answer at all... and the program does very few checks for good input data. So GIGO (garbage in garbage out <img src="smile.gif" border="0"> ). If the first 3 bytes of check are not what I described earlier, then I guess the MSID is not right.

ldril

[ldril]

[quote]Originally posted by DavieB:<br /><strong>Wow!<br />If source is released (or if you work on it now!) I expect a log calculator to be out within hours!

Forgive me for my ignorance but as I understand it - that program extracts flash, cobba, and check from readed MSID?<br />In which case, all that needs done is the faid calc algo, which takes in these values, to be "emulated"??

Well done idril!!!</strong><hr></blockquote>

You're right, the values are decoded from MSID. I'm working to find out how the FAID is calculated. <br />For this I need some input and output of the loggers. Can someone send some logs to me pls?

ldril

[davieb]

idril check you mail - a calc'd and uncalc'd koci are attached...<br />Keep up the good work!

[VsH-GsM]

***************** OUTPUT LOG FROM LOGGER *****************<br />[ppm_ver]<br />in=Here is Phone version in hex format

[imei]<br />in=Here is Phone imei in hex format

[msid]<br />in=Here is Phone MSID

[data]<br />in=Here is Some bytes:<br />1st Bytes <img src="tongue.gif" border="0"> hone ID<br />2nd Byte <img src="tongue.gif" border="0"> PM Info<br />3th Byte:MSID Checksum<br />4th Byte <img src="biggrin.gif" border="0"> SP internal version<br />************************************************* ********************<br />*************** CALCULATED LOG FOR LOGGER ***************<br />[ppm_ver]<br />out=PPM ver in String<br />out=IMEI in DEC<br />out=MSID<br />out=FAID<br />out=FAID CHECKSUM<br />************************************************* ********************<br />Here is faid checksum calculating algorithm by VsH-GsM:<br />FAID Checksum: B8 + phone_id + all numbers of FAID<br />example:<br />Phone ID :2C (6150)<br />MSID : 821EE569C7B8F7E7CCECF3F204<br />FAID : 3D09CB14F43B4292702CFC37<br />FAID CHECKSUM : B8 + 2C + 3D + 09 + CB + 14 + F4 + 3B <br />+ 42 + 92 + 70 + 2C + FC + 37 = DB<br />************************************************* ********************

[GSMWIZARD]

[quote]Originally posted by ldril:<br /><strong>This message is a follow-up (with a small correction) for:<br /><a href="http://www.gsmcity.de/ubb/ultimatebb.php?ubb=get_topic&f=20&t=001687" target="_blank">http://www.gsmcity.de/ubb/ultimatebb.php?ubb=get_topic&f=20&t=001687</a>

The sub at 06F2 actually reads 13 bytes from PC and is the sub for MSID decoding. It returns to the PC 4 bytes with PPM CHK, 4 bytes with COBBA_ID and 3 check bytes:<br />First byte MSID ---- check bytes should be<br />81 ---- A5 A6 A7<br />82 ---- A8 A9 AA<br />83 ---- AC AD AB

I have written a program that emulates the PIC to decode the MSID number. I have to put it somewhere online. Most probably it will at http:\\www.geocities.com\ldril\</strong><hr></blockquote>

hi idril

excellent work.........!!!!!!!!