Is there any patch or anything to kill bb5 watch dog timer?

[GsmTracer]

any programmers know how to patch or disable watch dog timer for bb5 phones.. or is it possible to change watch dog timer to its maximum possible time like 99999 minutes etc... ? any ideas welcome

PS: this is for only certificate damaged phones ( dont post here that rpl will fix the problem all know its )

[Mr.Ultimate]

Quote:

Originally Posted by GsmTracer

any programmers know how to patch or disable watch dog timer for bb5 phones.. or is it possible to change watch dog timer to its maximum possible time like 99999 minutes etc... ? any ideas welcome

PS: this is for only certificate damaged phones ( dont post here that rpl will fix the problem all know its )

If you are asking about this, you should know that if anyone would have managed to find the location of SUPERDONGLE_KEY in PM file or from any flash area of the damaged phone that has to be decoded / extracted, I think solution would be already given to public free/or paid. Following by this that most tools can recover BB5 SIMLOCK_KEY and SIMLOCK_KEY_DATA values on SW DAMAGED SL1 and SL2 phones, and as most tools does backup nothing but IMEI(and the following: NPC_DATA , CCC_DATA , HWC_DATA , R&D) but leaving SUPERDONGLE_KEY and other important keys behind the backup, or we should say - there is no programmer that can extract SUPERDONGLE_KEY from phone PM file or FLASH file, because if it would be - we should have full RPL REPAIR service working sepparately from NOKIA TUCSON server - independent, or credit/log based system that tools would provide... Pathed or Rebuild SUPERDONGLE_KEY data would be very valuable...

If I'm wrong - maybe someone are working on it, or if they have it they are preparing for something big and would not let the information trough fingers because this is worth dozens of cash.

In either way it would be very useful....

BR

[..::Angel::..]

Hi,

What is security watchdog ?

Security watchdog is HW module in the CPU that monitors software activity and restarts power to all CPU logic, phone with invalid NPC 12345? the wd timer will be enabled. And the security watchdog timer will switch the phone off after 15-30 minutes,

This is aslo a part of PM and flash as above said, superdongel_key location is PM 1 and 309 I think, this is special PM fields that contains sx4 key and signing data,RF,Energy Managment data etc, when st_security_failed in phone self-test means need to load superdongel_key, writing this fileds from another working phone works sometime but with WD problem. At this moment no one can make this PM fields.

Regards, Ali

[GsmTracer]

talking about to patch the timer not to disable.. that means to extend the timer to its maximum time not to 15 min etc.. there may be possible to extend its to maximum timing that may be 604 800 seconds ( 7 days ) or 2 629 743 seconds ( 1 month ) etc...
wd timer cant be disabled w/o superdongle key but there is possibility to patch its timer..

[Bph&co]

Quote:

Originally Posted by Mariozas

Ithere is no programmer that can extract SUPERDONGLE_KEY from phone PM file or FLASH file,

BR

Why do you think that's valid ? Because your monkey box can read PM and
save to a text file (job for a 4 year old with 1 mg of brain) ?

And what's the point of that - you will back up data of brand new, out of the
box phones ? It's best to use a box that don't screw your phone while flashing.

If you have mobile phone shop you will now that 99% of the phones that come
with damaged PM - you have no back up for it. So pretty useless feature, unless
if you want it done just for the sport.

BR, Alex
B-phreaks

[oOXTCOo]

Quote:

Originally Posted by GsmTracer

talking about to patch the timer not to disable.. that means to extend the timer to its maximum time not to 15 min etc.. there may be possible to extend its to maximum timing that may be 604 800 seconds ( 7 days ) or 2 629 743 seconds ( 1 month ) etc...
wd timer cant be disabled w/o superdongle key but there is possibility to patch its timer..

i dont resarched this, but i think there is NO timer.
the phone have watchdog with will check the phone while its running.
the phone cant check complete all while startup, so it checks
all while it is running, and when the security find some invalid info the
watchdog restart the phone...

maybe patching out this watchdog check or the restart function would work, but you can not extend this cause there are nothing to extend...

[moulnisky]

Quote:

Originally Posted by Bph&co

Why do you think that's valid ? Because your monkey box can read PM and
save to a text file (job for a 4 year old with 1 mg of brain) ?

And what's the point of that - you will back up data of brand new, out of the
box phones ? It's best to use a box that don't screw your phone while flashing.

If you have mobile phone shop you will now that 99% of the phones that come
with damaged PM - you have no back up for it. So pretty useless feature, unless
if you want it done just for the sport.

BR, Alex
B-phreaks

Hi Alex,
To be honest it could be usefull.
If we could extract the complete RPL from a phone, just with one back-up we could always recover the phone whatever happens.
As well it would help a lot in the upgrade/downgrade of the phones with PM308 write protected from/to V30/V31/v300

BR and always congratulations for jour tool

Alex

[Mr.Ultimate]

Quote:

Originally Posted by Bph&co

Why do you think that's valid ? Because your monkey box can read PM and
save to a text file (job for a 4 year old with 1 mg of brain) ?

And what's the point of that - you will back up data of brand new, out of the
box phones ? It's best to use a box that don't screw your phone while flashing.

If you have mobile phone shop you will now that 99% of the phones that come
with damaged PM - you have no back up for it. So pretty useless feature, unless
if you want it done just for the sport.

BR, Alex
B-phreaks

First of all you dont have to be so HIGH to prove your point - I get it , and everyone around here does. To let you know, I have recovered 6220c RM-328 after complete erase with SUPERDONGLE_KEY data invalid. Of course I had full PM of that phone and RPL made with JAF/HWKuFs/UB before that phone got erased, so because this 6220c is SL2 phone and majority of PA_SL2 phones have PM308 Protected which can be only patched with SIMLOCK RPL via FLASH MODE(which in my case did not work because CYCLONE creates wrong SIMLOCK Repair RPL File, and yes it does rebuild simlock status to its original table-locked, but it does not match PM1 field data and superdongle_key remains invalid), I have made cross-flash with E71-1 MCU file erased NPC Certificate,successfully rewrited full PM file including PM308 which is unprotected on this phone model MCU, and reflashed to correct firmware, reloaded PM file to repair SECURITY_TEST Failure, and phone has passed all tests, and its working now like it suppose to be.

My other point - only very few boxes screw phones up while flashing - yes, most times it happens because of user fault, and believe me I know how to use service tools, so keep your comment for someone else, find me crying somewhere - oh this box fu(ked-up my phone and etc.etc..

Im saying that 4 year old child couldnt create patch file for PA_SL2 PM308 protected phone MCU to patch certain area and restore it after rewriting PM308 field after successful MCU patch, and you know that, and Im not talking about brand new out of the box phones, Im talking about wrong way flashed phones/dead after downgrade, partially alive after sw interference phones repair just one like I had. All I was talking about that there is no one yet with patch flash trick out yet, only crossflash can help with protected PM308 rewriting... Thats all I wanted to say, no offence.

And by the way - BIG THANKS to MX-KEY that is a very good and successful tool for nokia phones! My best regards to MX-KEY team!

BR

[Mr.Ultimate]

Quote:

Originally Posted by GsmTracer

talking about to patch the timer not to disable.. that means to extend the timer to its maximum time not to 15 min etc.. there may be possible to extend its to maximum timing that may be 604 800 seconds ( 7 days ) or 2 629 743 seconds ( 1 month ) etc...
wd timer cant be disabled w/o superdongle key but there is possibility to patch its timer..

to be honest , I dont think there is a way to patch the timer because its hardware controlled process ... unless to reprogram CPU(which is not possible)... firmware shouldnt have anything to do with this timer settings, it all depends on how phone's cpu is being used, it could reboot every 3 minutes or less frequent if cpu is not used timer extends its waiting time, if we can call it so, or it will not reboot untill it will not detect corrupted data running through it. In example the unit I had here it wouldnt reboot without simcard so often on OFFLINE mode - it could remain without power-off for 30-50minutes and more, but if phone has been used waiting time usually is betwen 3-6 minutes or more frequent.WD timer has something to do with CPU speed because apps like MAPS and camera consumes alot more CPU than standby w/o any applications running in the background and reboots within 60secs of use. thats what I have discovered in last 6days. maybe its something it has been allready discovered, but it was new to me.

BR

[jeanbrume]

Mariozas u are right about 60s ...i had a problem with 1 set like that when play mp3 it restart in 10min but without it can work for 4 h.

[richiricherd]

Where is dejan?? i know he can make it possible...

[.:Mahmoud El-masy:.]

i think super dongle located at pm filed 308 any section i didn't test but i try to repair it with other modified pm but not susses only one tinge strange that e65 WD invalid i writ pm From another working phone after some modify i see at mx key super dongle pass but when i reconnect phone again was changed to invalid i didn't know why ?

[senkron24]

i have one more phone with wd
i have flashed and unlocked with cyclone after this all 4-5 mi. restarted phones i have bekups bud not help me model is 5800
i have eased flashed write rpl pm full pm etc. etc. same problem not helped for repair my problme

how to can i see have this phone wd problme or not

b.r
senkron24

[Mr.Ultimate]

Quote:

Originally Posted by senkron24

i have one more phone with wd
i have flashed and unlocked with cyclone after this all 4-5 mi. restarted phones i have bekups bud not help me model is 5800
i have eased flashed write rpl pm full pm etc. etc. same problem not helped for repair my problme

how to can i see have this phone wd problme or not

b.r
senkron24

Try the following steps:

1. You should use nokia E75 flash to flash your 5800 MCU (this will allow you to overwrite protected PM308 field with original value that you have in undamaged PM backup file)
2. After successful flash to enable your phone to enter TEST/LOCAL mode you must erase NPC Certificate, phone may not show on screen that is in local/test mode but it should scan ok!
3. Write full PM backup that you have made before everything gone wrong.
4. After PM write Flash your 5800 with this file: RM-356_dp_5800d-1_ENO_x_2008wk42v0.033.fpsx
5. Flash with latest sw version and after that do SX4 auth, if unsucsessful SX4 bypas to rewrite important PM fields with same PM file
6. Write First your RPL backup file made with that phone
7. Post results here

It worked for me ok

To find out if any security tests / simlock tests / superdongle test have failed I would recommend using MX-Key 3.2 Rev.5.4 - its one of the best tools I've used yet for inspecting faults, otherwise you can use Nokia Phoenix Service tool

BR

[bsy6882]

Quote:

Originally Posted by Mariozas

Try the following steps:

1. You should use ..........

It worked for me ok

To find out if any security tests / simlock tests / superdongle test have failed I would recommend using MX-Key 3.2 Rev.5.4 - its one of the best tools I've used yet for inspecting faults, otherwise you can use Nokia Phoenix Service tool

BR

I will test and send the log here:

I have a 5800 restart after 2 minutes..........