How to Make Unlocking Software: Theory and Practice for Beginners - GSM-Forum

smithjhon · 03-13-2025, 00:04

I haven't worked with cell phones for many years, but the world of hacking devices and programs has always fascinated me. Now that I have some free time, I'm going to try it from scratch. I'm not an expert on the subject, I just like it, and I haven't tried it before. I hope to be able to do it from start to finish. When a new cell phone comes out, there's no software available, such as unlocking, flash resetting, or rooting. So, for me, this is like starting from scratch because there's no information about this phone.

The first thing is to understand how it works.
You go to a site with your cell phone to have someone unlock it for you. That person connects it to a USB or JTAG UART cable. This is connected to your laptop or PC.

Press a button and wait a few minutes, and (voila) it's ready. But what really happens on the laptop? How is that possible? I'll try, or we'll try to demonstrate.
First, the test subject, which is very basic and has no useful information about it on the internet. Then, something a little less old with an Android.

What we need:
1. Mobile phone
2. A laptop
3. Soldering iron, solder, cables, tweezers, and a scalpel
4. SIM card

On the laptop or PC, we need to install some free programs.
In my case, I'm going to use these programs:
1. Visual Basic Net 2008
2. Idapro
3. HxD Hex Editor

What do I want to do? Maybe remove the security code? Flash, unlock, repair a corrupted IMEI?

Let's get started:
I have an Alcatel OT297 in my hand.

There's no firmware or ROM available online to download and analyze it, or look for clues about its processor type, or learn more about it. So, in many ways, this is a good thing...or not?
Well, let's take it apart and find out what processor it has and what architecture it has...

smithjhon · 03-13-2025, 01:57

Let's go:
I did some basic tests, trying to connect it via USB to the laptop, but I couldn't connect it. So what I did next was disassembleand look for the processor inside. When I took it disassemble, I saw that it had a metal shield. I unsoldered it, and then I found some kind of very strong rubber that took me a long time to remove.
The phone has a MediaTek MT6251v processor. Now, the most normal thing would be to search Google for a PDF to learn everything possible about this chip.

Spoiler: there's no information about this.

What do I do now?
Since I already know what processor it has, I can try connecting it with SPTool or some box or dongle to read the ROM.
Spoiler: I couldn't connect it via the RJ-45 cable or the USB cable.

]

Think... think... what do I do now?
I have three options plus JTAG, UART, and the audio jack.

The first thing is to visually find the RX and TX connectors on the PCB. Well, after ruling out all the possible pins and searching for each pin, I think I found the possible candidates. But I don't know why I couldn't get a successful connection.

So I started looking for another option: a JTAG connection, although with very little hope of finding it.
Because I'd never seen any box (easyJTAG, riffbox, Octoplus, etc.) that would connect a MediaTek. To repair the boot or whatever. But anyway, it didn't look like anything I'd seen before. As for the connection, but what do you imagine happened?(in Greek, εὕρηκα héurēka), I found it, it wasn't easy at all.

Ok, now we know what this is about, let's try to read the ROM or firmware because it can't be found on Google to download it.

03-13-2025, 00:04	#1 (permalink)
smithjhon Freak Poster Join Date: Oct 2009 Posts: 286 Member: 1144205 Status: Offline Thanks Meter: 78	How to Make Unlocking Software: Theory and Practice for Beginners I haven't worked with cell phones for many years, but the world of hacking devices and programs has always fascinated me. Now that I have some free time, I'm going to try it from scratch. I'm not an expert on the subject, I just like it, and I haven't tried it before. I hope to be able to do it from start to finish. When a new cell phone comes out, there's no software available, such as unlocking, flash resetting, or rooting. So, for me, this is like starting from scratch because there's no information about this phone. The first thing is to understand how it works. You go to a site with your cell phone to have someone unlock it for you. That person connects it to a USB or JTAG UART cable. This is connected to your laptop or PC. Press a button and wait a few minutes, and (voila) it's ready. But what really happens on the laptop? How is that possible? I'll try, or we'll try to demonstrate. First, the test subject, which is very basic and has no useful information about it on the internet. Then, something a little less old with an Android. What we need: 1. Mobile phone 2. A laptop 3. Soldering iron, solder, cables, tweezers, and a scalpel 4. SIM card On the laptop or PC, we need to install some free programs. In my case, I'm going to use these programs: 1. Visual Basic Net 2008 2. Idapro 3. HxD Hex Editor What do I want to do? Maybe remove the security code? Flash, unlock, repair a corrupted IMEI? Let's get started: I have an Alcatel OT297 in my hand. There's no firmware or ROM available online to download and analyze it, or look for clues about its processor type, or learn more about it. So, in many ways, this is a good thing...or not? Well, let's take it apart and find out what processor it has and what architecture it has...

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

03-13-2025, 01:57	#2 (permalink)
smithjhon Freak Poster Join Date: Oct 2009 Posts: 286 Member: 1144205 Status: Offline Thanks Meter: 78	Let's go: I did some basic tests, trying to connect it via USB to the laptop, but I couldn't connect it. So what I did next was disassembleand look for the processor inside. When I took it disassemble, I saw that it had a metal shield. I unsoldered it, and then I found some kind of very strong rubber that took me a long time to remove. The phone has a MediaTek MT6251v processor. Now, the most normal thing would be to search Google for a PDF to learn everything possible about this chip. Spoiler: there's no information about this. What do I do now? Since I already know what processor it has, I can try connecting it with SPTool or some box or dongle to read the ROM. Spoiler: I couldn't connect it via the RJ-45 cable or the USB cable. ] Think... think... what do I do now? I have three options plus JTAG, UART, and the audio jack. The first thing is to visually find the RX and TX connectors on the PCB. Well, after ruling out all the possible pins and searching for each pin, I think I found the possible candidates. But I don't know why I couldn't get a successful connection. So I started looking for another option: a JTAG connection, although with very little hope of finding it. Because I'd never seen any box (easyJTAG, riffbox, Octoplus, etc.) that would connect a MediaTek. To repair the boot or whatever. But anyway, it didn't look like anything I'd seen before. As for the connection, but what do you imagine happened?(in Greek, εὕρηκα héurēka), I found it, it wasn't easy at all. Ok, now we know what this is about, let's try to read the ROM or firmware because it can't be found on Google to download it.