Hi, I've just dumped a Hermes ROM and now I'm trying to recontruct it, but I need the OS.nb file. I read the Trinity Rom Reconstr.procedure (I think it should work for Tytn too...) and it says to extract the ROM to \shell (a folder)...etc...Well, I've downloaded a ROM, but I don't understand what I have to extract from a .exe file...
Can someone help me, please?
Thxs,
Giangi.
you better keep on reading son....
Yeah, I read, but maybe I didn't understand well, right? This is my first try in dumping ROM...Anyway, I tried the "extract procedure" here
http://wiki.xda-developers.com/index.php?pagename=Hermes_HowtoExtractImgfs
but I'm still a little confused, and I'm sorry for this, but maybe I'm limited...
Anyway, when I download and install ActiveState Perl, what do I have to run in order to write the line commands? (I mean repository and install commands).
I'm sorry for my bad english too.
Thanks.
Where do I have find the OS.nb file?
Can someone post a detailed procedure, please? I dumped the ROM, but I've some difficulties in extracting the imgfs and ricontructing it...
Thank you for your support, I found the anwer!
but on another site...
dude its all about sharing
please post the answer
its not a secret. all you have to do is use tadzio's tools here and follow the steps
RUU-signed.nbh ---(*NBHExtract)---> OS.nb ---(NBSplit)---> OS.nb.payload -->
--(ImgfsFromNb)---> imgfs.bin ---(ImgfsToDump)---> 'dump' directory
Here you'll edit the 'dump' directory. I recommend using bepe's excellent *Package Tool for this.
The reverse process is:
'dump' directory ---(ImgfsFromDump)---> imgfs-new.bin ---(ImgfsToNb)--->
OS-new.nb.payload ---(NBMerge)---> OS-new.nb ---(*NBHGen)--->
RUU-signed-new.nbh
(The tools marked with '*' are not part of the ImgfsTools, but are also available for free from xda-developers.com. There is also one additional tool, NBInfo, in this package.)
Click to expand...
Click to collapse
Related
NOTE: I've already posted this into the Development & Hacking forum, but got no reply yet. As it is an Hermes specific topic it is probably better to place it here, sorry for reposting if you've already read this.
The available original shipped ROMs for the HTC Hermes have .nbh files with the RUU, instead of the usual .nbf files found in other HTC rom updates.
By now, there are two shipped ROMs available, containing:
HERMIMG_Dopod_1.23.707.1_SHIP.nbh
hermimg_QtekNOR_1.18.255.3_Ship.nbh
So, it seems that the usual nk.nbf file is no longer used by the Hermes RUU
I cannot extract the various rom components (ExtROM, OS, IPL/SPL, SplashScreen, GSM radio, etc...) out of these files using the usual TyphoonNbfTool, however mamaich's prepare_imgfs finds the imgfs and dumps it apparently ok, but it cannot be read using viewimgfs or itsme's rdmsflsh.pl, so I guess the dumped file is invalid.
Anybody knows about this new format?
is it possible to convert it to nk.nbf so we can cook our own roms?
Would it be possible for example to extract the radio rom from Dopod and replace it on QtekNOR rom?
I think we will have to wait for the rom guru's to advise on this. I hope this would be possible so we can get the best rom possible.
I've tried to decode.nbh files with alpinenbfdecode.pl, himalayanbfdecode.pl and typhoonnbfdecode.pl. None of them works, so this must be a completely new format.
Opening nbh files in hex heditor shows interesting strings, but I don't know how to procede to identify each part and decompress or decrypt it...
Is it possible to decrypt Extended_ROM of HTC TyTN? I'v found a great extRom, but I can't upgrade my ExtRom because I have only borrowed tytn from my friend and Iam looking for one special aplicattion which is included in this. Any solutions ? Thanks
Jerry, you can unlock & unhide the ExtRom just with a registry tweak, look here:
http://wiki.xda-developers.com/index.php?pagename=Hermes_Unhide_Extrom
Downloading a ROM now to experiment
If I crack it, you guys better donate something to my get-theblasphemer-a-hermes-too-fund (yet to set up that fund though )
Mate if you crack it I'll be donating to your fund!
Hmmm, a very weird file format indeed :S
All files start with "R000FF\r", next 16 bytes of what appears to be random data.
After that it consists of several blocks.
Each block starts with a header:
4-bytes block-length
4-bytes footer-length
1-byte always 1
After that follows the actual data (block-length bytes) + a footer, which appears to be random data but which I suspect to be some kind of checksum
I'm uploading a full USB log of a complete ROM-flash here:
ftp://xda:[email protected]/Hermes/Technical/
Watch for the file Dopod2-FullRomUpgrade.txt.gz, when it is full uploaded it will be around 102Mb.
This is from this ROM file:
HER_DopodAsia_1237074_1060010_WWE_SHIP.exe
______
EDIT: Upload finished.
I created a wiki page with all the info we have about NBH format:
http://wiki.xda-developers.com/index.php?pagename=Hermes_NBH
i added my scripts to extract nbh files to the wiki page
willem
itsme said:
i added my scripts to extract nbh files to the wiki page
Click to expand...
Click to collapse
Cool :shock:
you always come with splendid work, so pleasant to see... thanks a lot!
Hmmm... just took a peek at the USB-dump of a ROM upgrade.
It appears that the whole file is just sent to the device.
The flashing utility doesn't even look at the CID or even the device type, it was happy to start flashing my Universal (however it didn't get very far, as the bootloader doesn't understand all commands ).
This makes it incredibly difficult to make a RomUpgradeUtility that doesn't look at the CID, or to figure out how the signatures in the .nbh files are generated
willem,
I've been trying to extract the roms using your commands, everything runs fine until I have to run the gsmsplit batch file, as in this line you call "bcl" and I don't know what bcl is:
Code:
for %%i in (_bcl*) do bcl d %%i _x%%i.nb
I am runing it on WinXP SP2 + cywin 1.5.21-1, this is the error I get:
Code:
[email protected] /cygdrive/c/nbh/files
$ gsmsplit.bat GSM.nb gsm.nbx
'bcl' is not recognized as an internal or external command,
operable program or batch file.
'bcl' is not recognized as an internal or external command,
operable program or batch file.
[...]
'bcl' is not recognized as an internal or external command,
operable program or batch file.
'bcl' is not recognized as an internal or external command,
operable program or batch file.
_x_bcl*.nb
The system cannot find the file specified.
0 file(s) copied.
Could Not Find c:\nbh\files\cing\_x_bcl*
[email protected] /cygdrive/c/nbh/files
$ dir
GSM.nb MainSplash.nb SPL.nb nksigned.dbh signatures.txt
IPL.nb OS.nb SubSplash.nb nksigned.nbh unknown_601.nb
Is the line correct? if yes, what is bcl and where can I get it?
Thanks!
Ok, almost everything went fine... i don't know yet about the bcl command i asked before, and i cannot extract the contents of imgfs from OS.nb using rdmsflsh:
Code:
$ rdmsflsh.pl -d files OS.nb > rd.txt
could not find imgfs header
I've also tried prepare_imgfs.exe with OS.nb, it found IMGFS there and dumped it to imgfs_raw_data.bin, but then I cannot use viewimgfs.exe with this file, it complains about "unknown header type", and the file seems corrupt as it is only 6Mb...
BTW... SubSplash.nb seems to be the ExtROM, not the SubSplash.
I get a "Check cert error!" from the bootloader when I try to flash a modified NBH file (thanks TheBlasphemer for your help).
From spv-developers:
"getting a developer CID (SuperCID) will allow you to flash your system with a ROM that is not digitally signed (i.e. a ROM that you have modified). If you do not modify it, you'll not be able to install a modified ROM on the device."
Click to expand...
Click to collapse
Is it possible that we can flash NBH files without signing in the Hermes if we get a SuperCID?
I tried using SPV-Services to change the Hermes CID, but when I execute the CID tool (Alpha) I get the error: INVALID Storage Manager Handle (SAFE)
The NBH format is also used by HTC STARTrek, more info here.
bcl is from bcl.sourceforge.net, and in the latest release called 'bfc'.
willem
pof said:
Ok, almost everything went fine... i don't know yet about the bcl command i asked before ...
Click to expand...
Click to collapse
Hey pof, you need to rename the bfc.exe to bcl.exe ...! then you dont get the error but alot other zero lenght values ...
so did anyone manage to get the extraction of the OS.nb done correctly?
Hi! Do you think is possible to manage that NBH file and change htc logo splashscreen in some ways?
I'd like to create a ROM file upgrade with different spalshcreen for my TYTN.
Credits for finding/pointing to this solutution go to AirwolfUK.
This is also hidden somewhere in a thread, but I think it deserves it's own thread. We (G4 owners) don't need to flash all our roms in Italian language. In stead of copying all the Update Utility files just copy "ROMUpdateUtility_Wizard_NoID.exe" and it will stay in English.
So if you get this error on you're G4:
ERROR[300]: INVALID UPDATE TOOL
This Update Utility cannot be used for your PDA phone. Please get newer Update Utility
Just replace the "ROMUpdateUtility_Wizard_NoID.exe"! (I'll attach it too)
If you want to turn an already Italian installer into English replace all the files from "English Update Utility Files G4.zip".
Great! Thanks a lot for these! Hepled me a lot
Guess it should be a sticky, as not many people know where to find these things.
I've tried ROMUpdateUtility_Wizard_NoID.exe but keep getting
"Error 208: File Open.
The update utility can not open the requested file. Please check your update utility".
Anyone got any ideas what I am doing wrong?
maybe you're not with the utility and the nk.nbf in the same folder(all in the root of the folder).
Thank you so much...this just saved my otherwise bricked phone!
thx worked perfect in flashing the radio rom on my g4 to 2.19 uk!
I can't figure out how to upgrade my rom. I keep getting the dreaded Error 300.
Can somebody provide instructions on how to run this?
How?
How do I do this?
What should I replace?
Where should I put the "ROMUpdateUtility_Wizard_NoID.exe" file?
I just normally run the updateroom from a folder on my laptop, so where should I place "ROMUpdateUtility_Wizard_NoID.exe"?
I am attemping to flash Superrom
orelse4054 said:
How do I do this?
What should I replace?
Where should I put the "ROMUpdateUtility_Wizard_NoID.exe" file?
I just normally run the updateroom from a folder on my laptop, so where should I place "ROMUpdateUtility_Wizard_NoID.exe"?
I am attemping to flash Superrom
Click to expand...
Click to collapse
If the rom is one exe file, unpack it first with winrar. You'll see the file afterwards.
Yes I knows it becomes a exe file after I have zipped it.
Ok here it goes:
I run a normal ROM update exe file, I get the
"ERROR[300]: INVALID UPDATE TOOL
This Update Utility cannot be used for your PDA phone. Please get newer Update Utility"
Then what shall I do with the "ROMUpdateUtility_Wizard_NoID.exe " if I just run this one the message: ""Error 208: File Open."
Can someone set up a step by step guide please?
Seems you haven't upacked the rom executable. You should have multiple files afterwards (e.g. ROMUpdateUtility_Wizard_NoID.exe and nk.nbf). Just replace the ROMUpdateUtility_Wizard_NoID.exe! The file error tells it can't find your nk.nbf.
Damnnnnn Vippie Rocks!!!!!!!
How to do it ..
is it just click and run ROMUpdateUtility_Wizard_NoID .. and the application will do all .. or we just need to but all stuff in unpack flash ( any flash ) and install it to firmware ??
thanks allot in advanced
help still not working
I got the ROMUpdateUtility_Wizard_NoID.exe and I run it in the same folder as the rest of the files from the program and I STILL get error 300
Thanks Wes
Thank you men !!!
Thank you very much men, you saved my life !!!
Ok this file just bricked my MDA !
deathblooms237 said:
Ok this file just bricked my MDA !
Click to expand...
Click to collapse
Impossible.... it's you who did something wrong.
vippie said:
Impossible.... it's you who did something wrong.
Click to expand...
Click to collapse
No... I think your half-ass instructions confused everyone! you posted the update utility yet did not instruct that it should have been extracted in the same folder as the new ROM of the user's choice.
If you were to create a folder then extract the utility to that folder, then click on the extracted file, then for sure you will get the error msg.
Download first the ROM you want in a folder, All New ROMs will extract to two files. One of those files is the rom update utility file that you will need to replace with the Update Utility exe file in this post. To do this just extract the update utility tool ( posted here ) in the same folder of the downloaded and extracted ROM folder. You will then be up and running. Follow the instructions.
To follow up with my previous post, I would suggest you start with the 'Wizard_Love rom or the Button Rom as basis. This will reset your download prompts on your device to accept any Wizard compatible ROM of your choice. After the first update most likely you will not need this utility to update your favorite rom onto your device.
asfoor said:
No... I think your half-ass instructions confused everyone! you posted the update utility yet did not instruct that it should have been extracted in the same folder as the new ROM of the user's choice.
Click to expand...
Click to collapse
And even than it wouldn't brick the device. So your "no" should be "yes, you're right vippie"!
Did you notice the "developers" in the websites name? What are people doing on this forum if they don't know how to REPLACE a file. It isn't necessary to spoon-feed people.
i am following all steps thru SAFE WM5 upgrade guide. I make it thru the Flashing HardSPL and Upgrading to Radio version 1.41.00.10 with no problems. But on Rebuilding the ROM file I cannot get passed this step....
____________________________________________
When you have downloaded the ROM file you must extract the contents of it using winrar into a folder, to make the process simple i suggest extracting to "original". Now delete ALL the files EXCEPT THE .NBH FILE. We are only interested in this file as it contains the nbh data which is flashed to the device.
The next step is to extract the contents of the file and split it into the seperate components.
Download duttys nbh tool and run it,
_____________________________________________
When I run that tool and try to Decompile NBH File the only thing it show me is radio.nb
It does not show me files like Windows.nb or Herm_ExtendedRom.nb and so on. Just radio.nb
So i am stuck I would really like your help on this.
Here is the link to the step i get stuck on.
http://www.mrvanx.org/cms/index.php...ask=view&id=27&Itemid=26&limit=1&limitstart=4
I can download all the files and programs but as you read above i am having problems. Thanks for any help
Next time wait for me to read this thread rather than PM-ing me the same EXACT thing!
Like I said in the PM it sounds like you are decompiling a radio upgrade rather than a ROM upgrade. Verify you are extracting the nbh from the correct file.
Hi
Now I'm trying once again tho change from M$ Windows to Linux. My experiences with Linux are only 3 weeks old, so I've many open questions.
I'm currently searching tools to extract, cook and repack .nbh files.
An tool to extract an complete ROM in his parts that works under Linux too is NBHDump from Olipro, but I haven't currently found an solution to repack this .nh parts in one .nbh again.
How can I extract the OS.nb ? Is it possible to extract in packages like Bepe's tool ?
I know many (stupid ?) questions, but a short help would be nice.
Thanks
scorpio16v
scorpio16v said:
I'm currently searching tools to extract, cook and repack .nbh files.
Click to expand...
Click to collapse
Extract: nbh2dbh.pl & dbhdecode.pl from itsme (see wiki), and to exctract the shipped roms exe use cabextract.
Repack: no tool available, i've one unfinished attempt, probably someday i can finish it.
scorpio16v said:
How can I extract the OS.nb ? Is it possible to extract in packages like Bepe's tool ?
Click to expand...
Click to collapse
No
And the usual tadzio / mamaich tools don't work under wine because of the ce compression dll dependancy.
But... you can also flash your hermes under linux too, i'm planning to release stable version soon, now in teesting phase:
http://forum.xda-developers.com/showthread.php?t=296436
Thanks for your answer pof.
Of course I've your HTCFlasher on my harddisk.
And it's possible to use it with Bootloader 1.01 MFG to flash an .nb, right ?
One additional question I have is, if I split the complete ROM in .nbh with NBHDump.exe in it's parts (under Linux), is it save to use this .nb files to flash ?
Or are the files corrupt, because NBHDump is written for Windows ?
Ok
Have tried a few things:
1. NBHDump.exe works
2. To extract to imgfs_raw_data.bin I can use aChef.jar
3. To make a Dump I can use Tadzio's ImgfsToDump.exe with the msvcr71.dll inside the directory.
4. Tadzio's tools, tested from OS.nb to Dump works too.
OS.nb ---(NBSplit)---> OS.nb.payload -->
--(ImgfsFromNb)---> imgfs.bin ---(ImgfsToDump)---> 'dump' directory
Click to expand...
Click to collapse
5. Tadzio's tool from Dump to OS-new.nb works too.
dump' directory ---(ImgfsFromDump)---> imgfs-new.bin ---(ImgfsToNb)--->
OS-new.nb.payload ---(NBMerge)---> OS-new.nb
Click to expand...
Click to collapse
Theoreticaly I can now add or delete something, right ?
I've tested this procedure with the T-Mobile WM5 germany OS.
I've attached the dll.
Unfortunately I have no clue, how I can use the two batch files from Tadzio (NBDump.bat /NBBuild.bat) to automate this procedure .
And the usual tadzio / mamaich tools don't work under wine because of the ce compression dll dependancy.
Click to expand...
Click to collapse
I've done this in a terminal not under Wine
pof said:
And the usual tadzio / mamaich tools don't work under wine because of the ce compression dll dependancy.
Click to expand...
Click to collapse
AFAIR it was a different bug, and tadzio has added a better error message
recently.
I don't know about assembling nbh (not really interested in that but
all dissecting tools worked with wine for me.
sorry that as my first comment on this forum, i post this question here.
i have looked for suitable response in many forums , but i could not find anything useful. I have a Chinese tablet in which RK3066 chip-set is used within. i came across some problems while customizing its frame-ware, so i think i should seek for your dear expert help.
the procedure was in this way that I used "Wendal Tool program" to unpack my frameware , so that 5 files extracted from that file:
1- Boot.img
2-Kernel.img
3-misc.img
4- recovery.img
5- system.img
for making sure that the procedure is going in the right path, again i packed above mentioned files with "Wendal Tool program" and as a result "Update.img" appeared, then I flashed this file by "RK tool" in tablet and everything went ok.
my question is here that how should I customize "System.img" in a way that after customization , the output file format to be ".img" not ".zip" ?
(I customized "system.img" by "Dxa kitchen" but my output file was ".zip" extention")
kindly provide me with your solution in a most understandable way . thank you in advance.