|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) Nokia Legacy Models Like 1011, 1610, 211x, 2x20, 6050, 3110, 8110, NKxxx , 2100, 3210, 3310, 3330, 3410, 5110, 5210, 5510, 6110, 6150, 6210, 6250, 7110, 8210, 8250, 8850 also 9110 & 9210 |
| LinkBack | Thread Tools | Display Modes |
01-13-2002, 02:40 | #1 (permalink) |
Freak Poster Join Date: May 2001 Location: Portugal
Posts: 132
Member: 4812 Status: Offline Thanks Meter: 0 | take a look to this FAID.C file!!! =================================================< br />#define __targetwindows__ #include <stdio.h><br />#include <string.h> #ifdef __targetwindows__<br /> #include <Windows.h><br />#endif #define UINT8 unsigned char<br />#define UINT32 unsigned long<br />#define UINT16 unsigned short #define TRUE 1<br />#define FALSE 0<br />#define BOOL int<br />#define FE_INVALID_BUFFER_SIZE 0x65 #define misc_gettickcount GetTickCount #define LOBYTE(x) (UINT8)((UINT16)x & 0xFF)<br />#define HIBYTE(x) (UINT8)((UINT16)(x >> 8) & 0xFF) typedef UINT16 (*pFindDK2)(char *Id,char *lpszPKey);<br />typedef void (*pDK2SendAndReceive)(UINT16 dwID, char *Id,UINT8 *AU8encryptblock, UINT32 U32encryptlen, UINT8 *AU8inbuff, UINT32 U32inbufflen, UINT8 *AU8outbuff, UINT32 U32outbufflen, UINT8 U8tmp);<br />typedef BOOL (*pDK2Success)(void); HMODULE lib = NULL; pDK2SendAndReceive DK2SendAndReceive;<br />pFindDK2 FindDK2;<br />pDK2Success DK2Success; #define __DK2__<br />// #define __ALWAYSRANDOM__ static int flash_errno;<br />static UINT16 U16startingseed = 0; static void FLS1_Randomize(UINT16 U16seed)<br />{<br /> U16startingseed = U16seed;<br />} static UINT8 FLS1_Random(void)<br />{<br /> UINT16 U16seed = U16startingseed;<br /> UINT16 i;<br /> UINT8 U8al,U8dl; for (i=0;i<9;i++)<br /> {<br /> U8dl = U8al = LOBYTE(U16seed);<br /> U8al >>= 1;<br /> U8al ^= U8dl; if (U8al & 1)<br /> {<br /> U16seed |= 0x8000;<br /> }<br /> else<br /> {<br /> U16seed &= 0x7FFF;<br /> } U16seed >>= 1;<br /> U8al >>=1; if (U8dl & 1)<br /> {<br /> U8al |= 0x80;<br /> }<br /> else<br /> {<br /> U8al &= 0x7F;<br /> }<br /> } U16startingseed = U16seed;<br /> return U8al;<br />}<br /> <br />static void FLS1_GetRandomNumber(UINT8 *pAU8encryptblock, UINT8 U8seed1, UINT8 U8seed2)<br />{<br />#ifdef __ALWAYSRANDOM__<br /> UINT32 U32tickcount = misc_gettickcount();<br />#else<br /> UINT32 U32tickcount = 0x55AA;<br />#endif<br /> UINT16 U16tickcount;<br /> UINT8 U8num; FLS1_Randomize(U32tickcount); U16tickcount = U32tickcount & 0xFFFF; pAU8encryptblock[0] = 13;<br /> pAU8encryptblock[1] = U8seed1;<br /> pAU8encryptblock[2] = HIBYTE(U16tickcount);<br /> pAU8encryptblock[3] = LOBYTE(U16tickcount); U8num = FLS1_Random();<br /> U8num ^= U8seed2;<br /> pAU8encryptblock[4] = U8num;<br />} <br />static BOOL FLS1_CalculateAuthorityID(UINT8 *pAU8inbuff, UINT32 U32inbufflen, UINT8 *pAU8outbuff, UINT32 U32outbufflen)<br />{<br /> UINT8 AU8encryptblock[6];<br /> UINT8 AU8tmpbuff[28];<br /> UINT8 AU8outbuff[13];<br /> UINT8 U8num;<br /> UINT16 i;<br />#ifdef __DK2__<br /> UINT16 DataReg;<br /> UINT8 Id[] = "NK";<br />#endif if (U32inbufflen<1 || U32inbufflen>28 || U32outbufflen>12 ||<br /> !pAU8inbuff || !pAU8outbuff || U32outbufflen==0)<br /> {<br /> flash_errno = FE_INVALID_BUFFER_SIZE;<br /> return FALSE;<br /> } memset(AU8encryptblock,0,sizeof(AU8encryptblock)); <br /> memset(AU8tmpbuff,0,sizeof(AU8tmpbuff));<br /> memcpy(AU8tmpbuff,pAU8inbuff,(UINT16)(U32inbufflen & 0xFFFF));<br /> <br /> FLS1_GetRandomNumber(AU8encryptblock, 1, 0); AU8encryptblock[5] = FLS1_Random();<br /> AU8encryptblock[5] ^= 1; for (i=0;i<28;i++)<br /> {<br /> U8num = FLS1_Random();<br /> AU8tmpbuff[i] ^= U8num;<br /> } printf("encryption block:");<br /> for (i=0;i<sizeof(AU8encryptblock);i++)<br /> {<br /> printf("%02X ",AU8encryptblock[i]);<br /> }<br /> printf("\n"); <br /> printf("bytestream to be decrypted:");<br /> for (i=0;i<sizeof(AU8tmpbuff);i++)<br /> {<br /> printf("%02X ",AU8tmpbuff[i]);<br /> }<br /> printf("\n"); #ifdef __DK2__<br /> DataReg = FindDK2(Id, NULL);<br /> if (DataReg==0)<br /> {<br /> DataReg = FindDK2(Id, "1234");<br /> if (DataReg==0)<br /> {<br /> printf("DK2 not found\n");<br /> return FALSE;<br /> }<br /> }<br /> DK2SendAndReceive(DataReg, Id, AU8encryptblock, sizeof(AU8encryptblock), AU8tmpbuff, sizeof(AU8tmpbuff), AU8outbuff, sizeof(AU8outbuff), 1);<br /> if (!DK2Success())<br /> {<br /> printf("bad response from DK2\n");<br /> return FALSE;<br /> }<br />#else<br /> for (i=0;i<sizeof(AU8outbuff);i++)<br /> {<br /> AU8outbuff[i] = AU8tmpbuff[i] ^ AU8encryptblock[i % sizeof(AU8encryptblock)];<br /> }<br />#endif printf("decrypted bytestream step 1:");<br /> for (i=0;i<(UINT16)(U32outbufflen & 0xFFFF);i++)<br /> {<br /> printf("%02X ",AU8outbuff[i]);<br /> }<br /> printf("\n"); <br /> for (i=0;i<13;i++)<br /> {<br /> U8num = FLS1_Random();<br /> AU8outbuff[i] ^= U8num;<br /> } memcpy(pAU8outbuff,AU8outbuff,(UINT16)(U32outbuffl en & 0xFFFF)); printf("decrypted bytestream step 2:");<br /> for (i=0;i<(UINT16)(U32outbufflen & 0xFFFF);i++)<br /> {<br /> printf("%02X ",pAU8outbuff[i]);<br /> }<br /> printf("\n"); return TRUE;<br />} BOOL FLS1_GetAuthorityID(UINT8 U8seed1, UINT8 U8seed2, UINT8 *pAU8inbuff, UINT32 U32inbufflen, UINT8 *pAU8outbuff, UINT32 U32outbufflen)<br />{<br /> UINT8 AU8buffer[64]; memset(AU8buffer,0,sizeof(AU8buffer)); AU8buffer[0] = 1;<br /> AU8buffer[1] = U8seed1;<br /> AU8buffer[2] = U8seed2;<br /> memcpy(&AU8buffer[3],pAU8inbuff,(UINT16)(U32inbufflen & 0xFFFF));<br /> return FLS1_CalculateAuthorityID(AU8buffer,(U32inbufflen & 0xFFFF) + 3,pAU8outbuff,U32outbufflen);<br />} BOOL FLS1_DecodeMSID(UINT8 *pAU8MSIDin,UINT8 *pAU8MSIDout)<br />{<br /> BOOL Bsuccess;<br /> UINT8 AU8outbuff[12]; memset(pAU8MSIDout,0,12);<br /> Bsuccess = FLS1_GetAuthorityID(0,pAU8MSIDin[0],&pAU8MSIDin[1],12,AU8outbuff,sizeof(AU8outbuff));<br /> if (Bsuccess)<br /> {<br /> memcpy(pAU8MSIDout,AU8outbuff,sizeof(AU8outbuff)); <br /> } return Bsuccess;<br />} <br />/************************************************** ******<br />* *<br />* FUNCTION NAME: *<br />* *<br />* ARGUMENTS: *<br />* *<br />* ARGUMENT NAME: *<br />* *<br />* TYPE: *<br />* *<br />* I/O: *<br />* *<br />* DESCRIPTION *<br />* *<br />* *<br />* RETURNS: *<br />* *<br />************************************************* ********/ static BOOL GetFunc(char *dllname,char *funcname, FARPROC *funcptr)<br />{<br /> *funcptr = NULL; if (!lib)<br /> {<br /> lib = LoadLibrary(dllname);<br /> if (!lib)<br /> {<br /> printf("%s not found\n",dllname);<br /> return FALSE;<br /> }<br /> } *funcptr = GetProcAddress(lib, funcname); return *funcptr!=NULL;<br />} <br />/************************************************** ******<br />* *<br />* FUNCTION NAME: *<br />* *<br />* ARGUMENTS: *<br />* *<br />* ARGUMENT NAME: *<br />* *<br />* TYPE: *<br />* *<br />* I/O: *<br />* *<br />* DESCRIPTION *<br />* *<br />* *<br />* RETURNS: *<br />* *<br />************************************************* ********/ static BOOL InitializeLibrary(char *dllname)<br />{<br /> if (!GetFunc(dllname,"DK2SendAndReceive",(FARPROC *)&DK2SendAndReceive))<br /> {<br /> printf("DK2SendAndReceive not found in %s\n",dllname);<br /> return FALSE;<br /> } if (!GetFunc(dllname,"FindDK2",(FARPROC *)&FindDK2))<br /> {<br /> printf("FindDK2 not found in %s\n",dllname);<br /> return FALSE;<br /> } if (!GetFunc(dllname,"DK2Success",(FARPROC *)&DK2Success))<br /> {<br /> printf("DK2Success not found in %s\n",dllname);<br /> return FALSE;<br /> } return TRUE;<br />} <br />void main(void)<br />{<br /> UINT8 MSID[] = {0x82, 0xe8, 0xe4, 0x47, 0xf5, 0xbf, 0x59, 0xba, 0xa0, 0x6c, 0xd0, 0x8e ,0x04};<br /> UINT8 MSIDout[12];<br /> char buf[128]; GetSystemDirectory(buf, sizeof(buf));<br /> strcat(buf,"\\DK2WIN32.DLL");<br /> if (!InitializeLibrary(buf))<br /> {<br /> printf("cannot load DK2 lib\n");<br /> if (lib)<br /> {<br /> FreeLibrary(lib);<br /> }<br /> return;<br /> } printf("functions indentified\n"); printf("----------------------\n");<br /> memset(MSIDout,0,sizeof(MSIDout));<br /> FLS1_DecodeMSID(MSID,MSIDout); // expected flashid should be: B3679FA3, Cobba ID: 002213DB 1D<br /> FreeLibrary(lib);<br />} ============================================== <br />SORRY FOR THE FLOOD!!!<br />but i think maybe this is usefull to get FAID calc! |
01-13-2002, 16:36 | #7 (permalink) |
Freak Poster Join Date: Dec 2001
Posts: 221
Member: 8219 Status: Offline Thanks Meter: 0 | the source code will give you the FAID - of which you will also need the command set to give the phone the FAID once calculated. also need a dk2 dongle for this to work, but I am not sure whether a cracked dk2win16.dll can do the job (if you examine the code you will see that it loads this .dll) |
01-13-2002, 19:17 | #9 (permalink) |
Freak Poster Join Date: Oct 2000 Location: Amsterdam
Posts: 467
Member: 2327 Status: Offline Thanks Meter: 1 | [quote]Originally posted by outerc0re:<br /><strong>@dragonlock<br />if you understand c++ then understanding c should be just as easy</strong><hr></blockquote> yeah i know but <br />still a bit diffrent though |
01-14-2002, 16:49 | #13 (permalink) |
Freak Poster Join Date: Dec 2001
Posts: 221
Member: 8219 Status: Offline Thanks Meter: 0 | Compiles fine with C++ Builder 4 Pro. There are two lines which are quite important:<br />#define __DK2__<br />// #define __ALWAYSRANDOM__<br />If you have a DK2 dongle, leave the source as it is. If not, put a // infront of the first line and remove the // from the second line. Maybe changing this __ALWAYSRANDOM__ value to test all the 65536 (I think this is how many there are) possible combinations and see which one gives the correct results - just an idea. Note - a few getch(); after the printf commands may be needed (remember to include conio.h) <br />let me know how people get on<br />thx outerc0re ps if anybody needs the faid.c explained pls let me know <FONT COLOR="#ffff00" SIZE="1">[ 14 January 2002 17:15: Message edited by: outerc0re ]</font> |
01-14-2002, 18:50 | #14 (permalink) |
Major Poster Join Date: Jan 2002 Location: Egypt
Posts: 47
Member: 8387 Status: Offline Thanks Meter: 0 | I compiled This file in VS6 and the source is working, but we still need the DK2 dongole. I think we can get the calculated Value from this file then input it to the phone with nokia Logger By b-phreaks.<br />I tested that before but without the use of dk2sendAndRecive function,the result was (Error Updating Phone)<br />Anyway I can send the compiled EXE to any1 But it still need the dongole.. |
01-14-2002, 20:26 | #15 (permalink) |
Insane Poster Join Date: Dec 2001 Location: Portugal
Posts: 60
Member: 7814 Status: Offline Thanks Meter: 0 | I think the dk2 only encrypts and deencrypts but.... anyway @outercore : send me the explained version please <img src="smile.gif" border="0"> if someone else is trying to get something from this code let me know and we all could exchange info. the more heads the better <img src="biggrin.gif" border="0"> <img src="biggrin.gif" border="0"> |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
take a look on this error"MFI file wasn't found on the local drive etc". | im_wanted | BlackBerry (RIM) | 8 | 12-04-2008 12:14 |
to all unibox expert take a look at this | MARKIE41 | Universalbox | 5 | 02-07-2007 07:55 |
To All Forum Members ,please Take A Look At This Link | ahmed | Off Topic Zone | 2 | 08-01-2006 11:11 |
Now take a look at this!! (i got to get me one of those) | leosedf | Off Topic Zone | 10 | 02-05-2006 13:57 |
|