Finaly i have solved to Security unlock the NIKI.
Based on this tuturial Kaiser SuperCID and Security Unlocker
I have modded the Radio Rom
and used the Commands i have found in the "kaiser-supercid.exe"
But there is a issue with the Service Programming Code
It get ereased during the Security unlock.
Could it because you have not commit to the changes?
This is just reminds me of the database where if no commit to the changes, it will not really saved to the database.
i know others will not able to get the value fix on it... but could be a specific command to commit the chances?
Related
Hi,
I read this post a while ago and dismissed it thinking that its obvious that the simlock program checks the code and write something into the device to unlock it....
http://forum.xda-developers.com/viewtopic.php?t=3932&highlight=simlock
But... after simlock validates the first time, does the device check the simlock area, or just accept the return code from simlock?
That post demonsrates that you can rename some file to simlock.exe and make it run. Could it be possible for this program to 'pretend' to exit like simlock, and so validate the first time round.
Has anyone dismantled simlock to see exactly what it does, or in fact if we could reverse engineer its code validation algorithm (which should be a one way hash if they are sensible!)
Toxic
Hi,
check is done in GSM ROM...
Simlock.exe is only UI component to enter value.
John
hi,
Ok so the check is done in rom, if failed call simlock.exe
makes sense!
toxic
Hi,
I read in SuperOneClick thread that we can extract unlock code after root but it doesn't explain how.
Phone locked to Telus.
Please and thanks!
I don't think so, that it is possible, because this code (operator lock) is independent on system itself. It is most probably stored in GSM module of phone device and its unreachable by standard way.
I'm not sure with this, but code, which you mentioned is probably some kind of code for unlock device for firmware update/upload for some devices.
Let me just start off by saying I have tried everything (free) under the sun to unlock my S3 (I9300). I have learnt more in the last 2 days about my phone than I have in the past 2 years of owning it. From rooting and trying unlock apps to downgrading and trying the service mode glitch, I've tried it. It is more of a quest at this point. I would have paid to unlock it by now if it wasn't for my stubbornness.
From what I understand, since I am on version 4.3 and have EFS v2 (with no EFS v1 backup), there is no way to network unlock my phone without getting an unlock code from my network or a website, both of which require payment.
I can understand how the network is able to get an unlock code but what I don't understand is how various websites can 'calculate' unlock codes for my device, especially without the device at hand.
In theory, why can't I calculate the unlock codes myself? If I can, how?
No, codes aren't calculated -they come from a database that you can't access. Give up and buy a code.
BPate said:
I can understand how the network is able to get an unlock code but what I don't understand is how various websites can 'calculate' unlock codes for my device, especially without the device at hand.
In theory, why can't I calculate the unlock codes myself? If I can, how?
Click to expand...
Click to collapse
I actually have the codes that Vodafone provides free of charge with it's Network unlocking tool, unfortunately these codes don't work and they have yet to give me a reason why. The only thing I can hope for is a way to flash back to efs v1 but so far as I know it's impossible.
Why does each of us have to pay to unlock their phone model from a network when only one of us could unlock and then help others ?
Thats why I think we need to understand how phone unlocking works. I've searched and could not find any tutorial. I suggest this to be general advice and not any specific device.
So questions:
When I insert the unlock code into an android device, what files or partitions are modified ? Then could we not clone that and share the image with other users ?
It doesn't work like that. Each IMEI gets its own code by the carriers. It's not even an Android thing as all software come to the carrier unlocked and the carrier then adds in its own stuff excluding then lock codes.
We all know that each phone has its own IMEI. But to be more clear in byte-code language, we need to understand, how does the phone itself know "am I a locked phone or an unlocked one ?" Or in other words, do those who own websites to unlock code break the algorithm themselves or do they buy it from producers ?
Actually some have discovered that it's mmcblk0p6 in their case that changes when applying the unlock code, and using tools such as "string -n 8" to read that partition. But we need to uncover more than that, we don't know the partition name that need to be changed in other cases.
I have a small problem I have a lot of android devices and their corresponding unlock codes in an excel sheet. So IMEI, Unlock Code
What I want to do is figure if its possible to script the unlock process. I have good dev skills but I've never done any android development. What is the most feasible way to do this? I currently plug in a sim card and manually unlock. The other thing I do if I don't have a simcard for samsung phones you can do #7465625*638*# then enter code. Would I have to write logic to say read the imei figure out the model number then send the appropriate code? Are there any code examples any where of how people unlock phones using bruteforcing? I don't know what interface I'm targeting to be able to unlock. Any help is appreciated.
Minimal amount of manual labor: insert sim if needed (some phones require only wifi connection to check if oem unlock is available, some do need sim though), enable development options, enable ADB. Even that could be automated with arduino and a wire on screen, if you need to unlock hundreds of devices.
After adb is enabled, you would have to write a script to reboot to fastboot, then parse output of 'fastboot getvar all '/ 'fastboot getvar imei' (tough luck if your device isn't reporting imei to fastboot - then you have to code more java/c), issue 'fastboot reboot' and using 'adb shell input' start the unlocking process.