|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
| LinkBack | Thread Tools | Display Modes |
03-08-2010, 16:57 | #1 (permalink) |
No Life Poster Join Date: Oct 2005 Location: Rome , Italy
Posts: 1,530
Member: 190882 Status: Offline Sonork: BB PIN: 7C83D9CE Thanks Meter: 1,282 | Huawei algo for all unlock code (imei 123456789012347): MD5 ("1234567890123475e8dd316726b0335") = 8f 43 ae 1a 33 19 c6 49 cc 57 40 8b 6a 39 2d 6b 8f xor 33 xor cc xor 6a =1a 43 xor 19 xor 57 xor 39 =34 ae xor c6 xor 40 xor 2d =05 1a xor 49 xor 8b xor 6b =b3 1a3405b3 and 1ffffff or 2000000 = 23405B3 hex2dec (23405B3) = 36963763 -> unlock code same steps for flash code , only one different MD5 ("12345678901234797B7BC6BE525AB44")= .............. br from italy |
The Following 43 Users Say Thank You to fr3nsis For This Useful Post: |
03-08-2010, 17:04 | #3 (permalink) | |
Freak Poster Join Date: Jun 2009 Location: !!!! AWAY FROM BOARD, STUDY !!
Posts: 363
Member: 1055354 Status: Offline Thanks Meter: 252 | Xexe, good job. Here is my description i planned to post tomorrow: Quote:
Here is screenshot of Olly: | |
The Following User Says Thank You to sergeymkl For This Useful Post: |
03-08-2010, 17:48 | #5 (permalink) | |
Freak Poster Join Date: Mar 2005 Location: inside USB cable Age: 41
Posts: 425
Member: 128122 Status: Offline Thanks Meter: 256 | can you explain more here Quote:
| |
03-08-2010, 18:01 | #6 (permalink) |
Freak Poster Join Date: Jun 2009 Location: !!!! AWAY FROM BOARD, STUDY !!
Posts: 363
Member: 1055354 Status: Offline Thanks Meter: 252 | See here: Exclusive or - Wikipedia, the free encyclopedia XOR sets bits in the resulting byte that are set in ONE of the input bytes, but not both. For example: Code: XOR(8F h, 33 h) 8F h = 10001111 b 33 h = 00110011 b =[XOR]=========== BC h = 10111100 b because the operation can be reversed by XOR'ing with the key. See here: Code: 8F h = 10001111 b 33 h = 00110011 b =[XOR]=========== BC h = 10111100 b <- Result of XOR(8F h, 33 h) BC h = 10111100 b 33 h = 00110011 b =[XOR]=========== 8F h = 10001111 b <- Original value If two values XOR'ed result in zero, they are the same. Also on some CPUs XOR R, R (R = same register) is used to clear a register, since its faster than loading a zero into it. |
The Following 3 Users Say Thank You to sergeymkl For This Useful Post: |
03-08-2010, 18:01 | #7 (permalink) |
No Life Poster Join Date: Oct 2005 Location: Rome , Italy
Posts: 1,530
Member: 190882 Status: Offline Sonork: BB PIN: 7C83D9CE Thanks Meter: 1,282 | bro xor is an operation of boolean algebra ... byte 0 xor byte 4 xor byte 8 xor byte 12 = 1A byte 1 xor byte 5 xor byte 9 xor byte 13 = 34 byte 2 xor byte 6 xor byte 10 xor byte 14 = 05 byte 3 xor byte 7 xor byte 11 xor byte 15 = b3 if this is us array() as byte = 8f 43 ae 1a 33 19 c6 49 cc 57 40 8b 6a 39 2d 6b for n=0 to 3 code=code & ( array(0+n) xor array(4+n) xor array(8+n) xor array(12+n) ).tostring("X2") next |
The Following 2 Users Say Thank You to fr3nsis For This Useful Post: |
03-08-2010, 21:26 | #12 (permalink) |
Insane Poster Join Date: Nov 2007
Posts: 75
Member: 636340 Status: Offline Thanks Meter: 110 | Code: import hashlib def getCode(imei, salt): digest = hashlib.md5((imei+salt).lower()).digest() code = 0 for i in range(0,4): code += (ord(digest[i])^ord(digest[4+i])^ord(digest[8+i])^ord(digest[12+i])) << (3-i)*8 code &= 0x1ffffff code |= 0x2000000 return code imei = "123456789012347" print getCode(imei, "5e8dd316726b0335") print getCode(imei, "97B7BC6BE525AB44") |
The Following 5 Users Say Thank You to s400py For This Useful Post: |
03-08-2010, 22:32 | #14 (permalink) |
Freak Poster Join Date: Jun 2009 Location: !!!! AWAY FROM BOARD, STUDY !!
Posts: 363
Member: 1055354 Status: Offline Thanks Meter: 252 | @TMODEALER: only modem / dataacard @s400py: Bug inside code... Note that "97b7bc6be525ab44" must be lower case if you store it as string, otherwise result is different MD5. Code: MD5 ("12345678901234797b7bc6be525ab44") = dc437087aa353b82fe6b063ba52acc5f MD5 ("12345678901234797B7BC6BE525AB44") = 2252a9c151cca5d1749350dd01e30726 |
The Following User Says Thank You to sergeymkl For This Useful Post: |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Good news for all cruiser owner | jonymahmud | Cruiser Suite | 0 | 03-29-2010 11:05 |
huawei algo where can i get | darmiles | GSM Programming & Reverse Engineering | 0 | 02-11-2010 03:31 |
Free solutions for GSM. Support for all free. Nokia Authority Id calculation algo ! | te | Main Sales Section | 6 | 12-15-2001 14:57 |
|