Related
Hi, guys.
You can see that they are porting Android OS for others device using HaRET. I want that it will be for our devices too.
I read about HaRET and tried run HaRET with haretconsole on my device. But I found out that HaRET don't support our device yet. If you have HaRET source code, open file mach-types.h under folder include, you can see there many supported device but not Iolite or open the page
I sent an email to ask about support but nothing isn't now. If someone know how to do please tell me what i have to do?
Hope that Android OS will be ported for our device in the recent day.
Best regard!
woooow let's hope...
HaRET works on my Iolite. But I' a new user and not allowed to post links.
1u21 said:
HaRET works on my Iolite. But I' a new user and not allowed to post links.
Click to expand...
Click to collapse
How do it work?
Yeah, it run but we can't deploy device with it. For example when you run command watch GPIOS (through haretconsole), nothing will be appear
It works, but not really stable. Sometimes ist freezes and some functions don't work like bluetooth. You can send and receive SMS, make some phone calls and go online via WLAN. I don't know, if UMTS is running.
I'm still waiting for a Mod to unlock my account.
But it uses a huge amount of energy.
1u21 said:
It works, but not really stable. Sometimes ist freezes and some functions don't work like bluetooth. You can send and receive SMS, make some phone calls and go online via WLAN. I don't know, if UMTS is running.
I'm still waiting for a Mod to unlock my account.
But it uses a huge amount of energy.
Click to expand...
Click to collapse
Can you send me link via email [email protected], please?
Thanks in advance.
It could be this - kandroid dot org
No. I'm using not the korean version.
Android 2.0 is running on the Iolite, but too unstable. You can't use is it in anyway.
Did you have try it ?
Yes. It fills the whole 256 data.img with software. But the bigger problem is the necessary of a fast CPU. Everything runs slow and is more unstable. The Tattoo is not a similar phone to the Iolite.
I just found my problem. You should use HaRET version 0.5.1 (newest version is 0.5.2).
But I still can't make Android boot. Some changes in zImage are needed?
Android started with an unmodified zImage on my Iolite. But I have some new problems with Android and no time for solving.
Maybe the CPU is to slow for Android.
Can we have a link for the file?
dancer_69 said:
Can we have a link for the file?
Click to expand...
Click to collapse
Here is all versions of HaRET
http://www.handhelds.org/~koconnor/haret/
Click to expand...
Click to collapse
Sorry, I mean a link for android image, and the parameters of default.txt to be able to boot it with haret.
I already know where to find haret
I need it too, please, can you post the link?
Here is it:
http://www.androidonhtc.com/polaris/install
Well, we still need the contents of the "Default.txt" to boot the android image....
Use the normal default.txt and make some changes. Here is my default.txt
set RAMSIZE 0x07000000
set RAMADDR 0x10000000
set FBDURINGBOOT 0
set MTYPE 1723
set KERNEL zImage3
set initrd initrd.gz
#
# The following kernel parameters are useful
# ppp.username - The username used to connect to the network when dialing #777
# ppp.password - The password used to connect to the network when dialing #777
# msm_sdcc.msmsdcc_fmax - The maximum frequency (in Hz) used by the SD controller
# pm.sleep_mode - The mode used when the phone is off
# 0=Power Collapse Suspend, 1=Power Collapse, 2=Apps Sleep,
# 3=Slow Clock and Wait for Interrupt 4=Wait for Interrupt
# Default is 3, use 0 for best power savings
# board-htcvogue.panel_type - Panel type used to power the panel off and on
# 0=Don't power off the panel (Default)
# 1=Hitachi 2=Topoly 3=Samsung
# mddi_client_vogue.vsync - Use hardware vsync, default is 1 but should be 0 if
# panel_type is 0
#
set cmdline "board-htckaiser.panel_type=2 ppp.nostart=0 pm.sleep_mode=1 mddi.width=240 mddi.height=320 lcd.density=120 no_console_suspend clock-7x00.mddi=0xa51 clock-7x00.ahb_div=2 clock-7x00.slow=1 clock-7x00.voltage=1 "
boot
Click to expand...
Click to collapse
I'm also using the new version of Android, which you can find on the same page. It works better, but you can feel the difference between 400Mhz and 528Mhz.
kaiser ubuntu port based on zubuntu by Omegamoon for Sharp Zaurus was successfully launched on HTC Nike!
Instructions:
1. download kernel
http://84.23.71.227/kerneloftheday/zImageUbuntu
2. download ubuntu basefiles and rootfs
3. place ubuntu.img, haret, initrd.gz and zImageUbuntu to Storage Card/ubuntu/
4. place this default.txt there too
Code:
set RAMADDR 0x10000000
set MTYPE 1724
set KERNEL zImageUbuntu
set initrd initrd.gz
set cmdline "pm.sleep_mode=1 mddi.width=320 mddi.height=480 lcd.density=160 board-htcnike-keypad.keypadlayout=1 board-htcnike-keypad.sticky_timer_time_ms=350 no_console_suspend"
boot
5. change board-htcnike-keypad.keypadlayout=1 to 0 if you have 20key nike.
6. run haret and press "Run", ubuntu & kernel will be loaded to login prompt, login with username root and no password, you will get root shell.
7. write
Code:
export TSLIB_TSDEVICE=/dev/input/event0
ts_calibrate
and calibrate your screen.
8. write startx and see LXDE running on your nike! you've got real linux box in pocket!
Note, rootfs for ubuntu needs 1GB of free space on your sdcard!
For now, you cannot work with screen, we have some difference from kaiser panel's, i.e. ubuntu gui is completely unusable, this thread were started to find out why.
based on this thread from kaiser forum.
Credits: dzo, Omegamoon, domy007, mblaster and guys from Rhodubuntu thread.
I dont get any response when i try to calibrate screen on niki 200
thats strange, it must work.
I will debug on touchscreen problems, but ubuntu running and that is great, now we have only input-devices problems, and this is more better than nothing.
Sounds great, but wouldn't it be better to try something smaller like puppylinux or Feather linux ?
zubuntu is only we have compiled for ARM and working with our hardware that starts X and tested on other htc's devices.
rzk333 said:
zubuntu is only we have compiled for ARM and working with our hardware that starts X and tested on other htc's devices.
Click to expand...
Click to collapse
Ok thanks for the information, did some reading before and was always wondering why they use ubuntu but this answer set things straight.
Greetz,
Great to see a full linux distro around for htc devices. I will fix the '_' tomorrow... Any other missing characters?
How is the speed of ubuntu? Is it very sluggish or usable?
'=' character maybe, for export line.
zImageUbuntu is updated (your link is still valid).
'=' and '-'are on '*'-button, '_' is Alt-
I have included the msm_fb_refresh and the keypad changes into my auto-updated-kernel, so you should be able to use the fresh kernels from my thread with ubuntu if you want recent updates (zImageUbuntu is not automatically updated).
got some progress,
1) msm refresh thread seems to disable sleep mode in android, thread polls framebuffer many times in second and drains battery.
2) linux logo on bootup must be disabled - logo gets over ts_calibrate's first crosshair point.
2) still trying to make touchscreen and tslib friends - i2c bus debug messages logs saying that touchscreen is connected and recieves data correctly.
found some data:
/dev/input/event0 - htcnike-kbd
/dev/input/event1 - htcnike-ts
but still no data from touchscreen...
rzk333 said:
got some progress,
1) msm refresh thread seems to disable sleep mode in android, thread polls framebuffer many times in second and drains battery.
2) linux logo on bootup must be disabled - logo gets over ts_calibrate's first crosshair point.
2) still trying to make touchscreen and tslib friends - i2c bus debug messages logs saying that touchscreen is connected and recieves data correctly.
found some data:
/dev/input/event0 - htcnike-kbd
/dev/input/event1 - htcnike-ts
but still no data from touchscreen...
Click to expand...
Click to collapse
Disabled msm refresh thread from the android kernels again. The kernel you linked in your first post is now automatically updated with anything new in the repository. Bootlogo is disabled, too. Good luck with tslib, let me know if when you need something else to be hacked into the kernel.
mblaster
I've just test the usb ether function in the zImage from the post
showthread.php?p=6675397
and it works just fine.
(Just when I had managed to make adbd works... but ssh is more reliable)
Thanks gTan64.
wow, that is good, now I can dump system state without hours of keyboard typing
I've managed to get internet by usb (cdc only) thanks to gTan64: just apply the patch from is post ("Debian on the vogue"), you can extract it from the download links.
And the TOUCHSCREEN WORK!!!!!!!
But you need to compile tslib from the tslib git (github.com/kergoth/tslib.git), the one in the rootfs from this post doesn't work.
Will make a more complete post later, I think.
Bye.
Ubuntu always shows me a black screen when I try to startup it!
What can I do make it work?
omg, I knew that something is wrong with tslib in this rootfs!
thanks for r&d, if you will make some packages & mans, I'll add them to first post.
Maybe you can upload some pics ?
But you need to compile tslib from the tslib git
Click to expand...
Click to collapse
I tried to compile - but no luck, autoconf fails to make configure...
I also uploaded debian rootfs and posted links in gTan's Debian on Vogue thread.
nothing happened last month?
I downloaded the cab xdandroid from here http://forum.xda-developers.com/showthread.php?t=627997 and use this as STARTUP:
set ramsize 0x10000000
set ramaddr 0x10000000
set mtype 2292
set KERNEL zImage
set initrd initrd.gz
set cmdline "lcd.density=240 msmts_calib=0x9f.0x39a.0x35c.0x78 clock_7x00.grp=0xa99 hw3d.force=1 board-htcrhodium.is_cdma=1 msmvkeyb_toggle=off pmem.extra=1 rel_path=andboot force_cdma=1 gsensor_axis=2,1,3 pm.sleep_mode=2 acpuclock.oc_freq_khz=716800 physkeyboard=rhod400"
boot
Now it starts and gets stuck at the internet browser saying to update "Launcher Pro" but it has no wifi or internet. How can I solve this? What do I have to do?
Should we guess at the model of phone/rhodium you have? Is it GSM CMDA?
Davidtjuh said:
Now it starts and gets stuck at the internet browser saying to update "Launcher Pro" but it has no wifi or internet. How can I solve this? What do I have to do?
Click to expand...
Click to collapse
Based on your startup.txt, I'd guess RHOD400, CDMA.
But that's not the problem - I'd hazard a guess that you downloaded the BLAZN version from Sept.28... that version is very oudated, I would recommend using FRX04 AKA "Reference". Don't get the CAB either, just extract the RAR (or ZIP, can't remember... the compressed file ) to the root of your SD and go. No CAB mess.
Sorry for the unclear explanation.
I have this HTC TP2: http://regmedia.co.uk/2009/06/22/htc_touch_pro2_3.jpg
on the Android Startup Menu it is the Rhod100 UK, but I doubt it's that version.
I have the Energy Blue Glass Rom something 6.5, I will look it up asap..
I just can't get out of the webbrowser to setup my wifi, it stays on "No Service", it's the Blazn indeed. Ill try the reference.
Yea for some reason the version of launcher pro is out of date so you cant return to home they should add another home or include the stock one just in-case but the OC makes its really fast.
you could always update launcher pro too, thats what i did
noodles21o2 said:
you could always update launcher pro too, thats what i did
Click to expand...
Click to collapse
I don't have any wifi or mobile internet my phone won't connect
DroidFreek said:
I don't have any wifi or mobile internet my phone won't connect
Click to expand...
Click to collapse
Use reference build, as I mentioned above...
By the picture you posted of your phone, it is a rhod100.
If so (you can see it underneath your battery), you need to change the board line to =0 and force_cdma to 0. Also you need to change keyboard to rhod100_uk. If your wifi still doesn't work, try to find the wifi fix.
Greetz,
Steyn
Here is the altered startup:
set ramsize 0x10000000
set ramaddr 0x10000000
set mtype 2292
set KERNEL zImage
set initrd initrd.gz
set cmdline "lcd.density=240 msmts_calib=0x9f.0x39a.0x35c.0x78 clock_7x00.grp=0xa99 hw3d.force=1 board-htcrhodium.is_cdma=0 msmvkeyb_toggle=off pmem.extra=1 rel_path=andboot force_cdma=0 gsensor_axis=2,1,3 pm.sleep_mode=2 acpuclock.oc_freq_khz=716800 physkeyboard=rhod100_uk"
boot
Hope this helps you
Also, wifi fix:
This will fix your problem. Find your MAC ADDRESS on your phone and write it in the WIFI-NVRAM.TXT then place the WIFI-NVRAM.TXT in the root of your storage card. Now replace your FROYO.USER.CONF with the one in this zip. The FROYO.USER.CONF is in this folder ANDBOOT/CONF. Now boot android and you'll have wifi working.
www.4shared.com/file/UXS_y76U/WIFI-NVRAM.html
Greetz (again)
Steyn
Current version: !IMEIme 2.2.0.4
Bug Fix
Fixed bug in use previous patch that could result in variable used before declared error.
Changed processing order when custom patches were to be used
The program will now process custom patches prior to editing framework.jar and build.prop edits. With new kernel patches requiring a new build.prop users would lose build.prop edits if the kernel was included in custom patches, the program will now patch any user modifications, then process IMEI generation and build.prop edits.
Updated to work with ROMs that do not include GSMPhone.smali
Recently, many ROMs are not including GSM phone utilities in framework.jar. I have added testing for missing GSMPhone.smali and patching via TelephonyManager.smali if necessary.
UPDATED FILES UPLOADED
MANY of the support files have been updated to the newer versions (smali, baksmali, adb and components).
I encourage you to delete all files in your existing IMEI Generator folder and use the new !IMEIMe.exe to generate the files necessary.
The devices.dat file if you've used the previous version has several issues that prevents the device model from being correctly patched on many of the devices. This has been fixed here and in the device list thread.
There is a known issue with the GUI when your screen settings are set at 125% in Control Panel - Appearance and Personalization - Display... I will work on fixing that in the next release.
Bug reporting thread for !IMEIme
Device list thread
New features:
Will patch GSMPhone.smali if present in framework... patches TelephonyManager.smali otherwise.
I chose this method since more ROMs are coming out for wifi tablets that do not have GSM phone information included in framework.jar. I was playing with CM10.1 and discovered GSMPhone.smali is not present, thus I was getting unable to patch GSMPhone.smali error, and there was no patching for an IMEI. In all honesty... this should be irrelevent, since IMEI is only utilized in cellular communications on GSM phones... however... some applications MAY (xda free does) require an IMEI to work, even on wifi only devices.
ODEX files still in the works
odex file support... I think this solution will work on odex file systems as long as the patching is done on the ROM prior to flashing to device (anyone using odexed system please let us know) and I am working on in place patching on odexed systems... however, I am not completely comfortable since there is a lot of work done by the device itself during odexing of the modified files... I am very hesitant since any mistake could render a bricked device and I don't have a system to test with prior to release.
Previous Important Changes
The new version of the IMEI Generator will no longer overwrite your existing devices.dat file with the current. To use new devices.dat file, delete the old one prior to running the program, or download the new one and unzip it in the IMEI Generator directory.
Device Communications not necessary in certain situations
If you select to Update ROM, using Serial Number based IMEI and do not select Encrypt IMEI, the program will no longer need to communicate with the device when performing its tasks. The framework.jar patch will not hard patch the IMEI in this situation as before. This is useful for patching a ROM for distribution to multiple people, since they will all maintain unique IMEI's. This is accomplished with the following change in the framework.jar
Code:
/com/android/internal/telephony/gsm/GSMPhone.smali
.method public getDeviceId()Ljava/lang/String;
[b]changed[/b] iget-object v0, p0, Lcom/android/internal/telephony/gsm/GSMPhone;->mImei:Ljava/lang/String;
[b]to[/b] sget-object v1, Landroid/os/Build;->SERIAL:Ljava/lang/String;
prior to patching in code to prepend "0"
.method public getDeviceSvn()Ljava/lang/String;
[b]changed[/b] iget-object v0, p0, Lcom/android/internal/telephony/gsm/GSMPhone;->mImeiSv:Ljava/lang/String;
[b]to[/b] sget-object v1, Landroid/os/Build;->SERIAL:Ljava/lang/String;
prior to patching in code to prepend "0"
To try to explain the above a little...
The above is always changed, no matter what IMEI generation method you select...
If you select Serial Number and New Type IMEI and not Encrypt: no other patching is done for the IMEI... this can be implemented on many devices, since each will have a unique serial number.
If you select Serial Number and do not select New Type: additional code is added to format the IMEI to the old standard ("00-" and "-"s)... this can be implemented on many devices for same reason.
If you select MAC Address or Encrypt (or both): additional code is added that results in the IMEI being hard coded, this makes it very much device specific.
If you select MAC Address or Encrypt (or both) and do not select New Type: additional code is added that results in the IMEI being hard coded as well as code to format the IMEI, this makes it very much device specific.
Use Custom Patch NOTE: This is only used when patching a ROM
This is going to take some major explanation, since I ran into so many possible scenarios...
One thing of note... the only additional lines added to updater-script will be for files in the base directory
The order of processing is:
1. Original ROM updater-script and files
2. Custom Patch zip file
3. Custom Patch folder
The program will utilize folders (from Patch zip file or Patch folder itself) named modboot, modsys, or system (not case sensitive in windows) as well as files in the base folder
Any files in modboot will be moved to the root of the **ROM**-IMEI.zip file and lines added to updater-script as needed
Any files in modsys will be moved to the system directory of the **ROM**-IMEI.zip file
If Custom Patch is checked...
/META-INF/com/google/android/updater-script is extracted from the ROM
the program will ask you to select the Custom Patch Folder
If there is a zip file present in the folder the program will ask if you want to use it
You have 3 options, "Yes", "No" or "Cancel"
Yes = Use the zip file
No = Don't use it, select another
Cancel = Don't use a zip file
If you use a zip file, it will extract the zip file and process the updater-script in it for any additional lines needed
After the above, any non-zip files and modboot, modsys and system directories in the Patch Folder will be processed
I chose this order so you can have a "go to" patch zip file, and test other additions by using the file, folder options prior to including them in the zip.
Example here:
I have my custom patches in folder /CM7/UserMods with these contents:
/META-INF
/modboot
/modsys
patch.zip
The program processes patch.zip first, then overwrites any files with the files in modboot and modsys
It also processes /META-INF/com/google/android/updater-script for any lines extracting files to /boot and adds them to the original ROM updater-script if not already there.
It then adds lines for any files originally in /modboot to updater-script to extract them to /boot
"New IMEI Type" of IMEI which no longer has the "-"s in it, but maintain backward compatibility for those who already have IMEI's generated or prefer the old style. When the new type is selected in the GUI:
NOTE: Per the IMEI standards... Using a single 0 prepended to the IMEI indicates a TEST IMEI for a country with 3 digit international code... while it should have no implications to us since we are not on a cell... it may provide potential country validity issues... I will monitor this and resort to 00 prefix in the new type of IMEI if necessary.
ADDITIONAL NOTE: Per the IMEI standards... For devices without an IMEI, they are to provide a unique serial number to be used... This program modifies framework.jar to allow this.
I am now patching framework.jar in the /com/android/internal/telephony/gsm/GSMPhone.smali file instead of /android/telephony/TelephonyManager.smali (this change is what allows the information to display in the about tablet information)
I am renaming and patching 2 functions... getDeviceID() and getDeviceSvn()
By patching the two functions in this file... the IMEI now shows in Settings... About Tablet... Status... no longer have to use external program or dial *#06# to verify the device is patched.
getDeviceID() shows it in IMEI
getDeviceSvn() shows it in IMEI SVN
You can rename or copy !IMEIme.ini to IMEIme.ini and the program will work.... useful for *nix users and probably mac users... since they have issues with special char actors (!)... While I like to use it in windows to keep the executable and ini file at the top of the file list in windows explorer... anyway...
The program looks for IMEIme.ini first and uses it if present... if it is not... it then looks for !IMEIme.ini (which will be there... because the program installs the generic !IMEIme.ini if it isn't ) This also provides a good way to keep your ini.. and see the new settings in the compiled in ini.
GUI selection and related ini setting
GUI: New IMEI Type
INI Setting:
New_Type =
; If 0 then the old type of "00-XXXXXX-YYYYYY-ZZZ" will be used
; If 1 then the new type of "00XXXXXXYYYYYYZZZ" will be used
BUG FIX
No known or reported bugs to work out.
!IMEIme.ini file default settings and explanation:
Code:
;The setting options are 1 (use the option) or 0 (don't use the option)
;WiFi IP Address can be set to your Nook's IP address here to a default to use
;IMEI can be set to a default here... you can also set the seed you use for generation
;Setting Device_Manufacturer to anything will result in an edit to build.prop setting the entered manufacturer
;IF Device_Manufacturer is NOT blank then:
;Setting Manufacturer_Device to anything will result in an edit to build.prop setting the entered device
;
;NOTE: ONLY Device_Manufacturer is necessary for this edit... there have been no software that appears to
; require a device edit
;
;Setting LCD_Density will result in build.prop edit for this setting regardless of Device_Manufacturer setting
;
;Set all options in [Settings] section at the bottom
[Settings_Explained]
Use_In_Place = 1
; If 0 Disable In Place patching... useful for those who always update AOSP ROM files and never patches on device framework.jar
; If 1 Enables In Place patching if ADB is working
Use_Previous_Patch = 0
; If 0 Ignore IMEI.fix
; If 1 AND IMEI.fix exists... use it for patching
Use_Serial_Number = 1
; If 0 then do not base IMEI off of Device Serial Number
; If 1 then base IMEI off of Device Serial Number
; NOTE: This takes priority over Use_MAC_Address
Use_MAC_Address = 0
; If 0 then do not base IMEI off of Device MAC Address
; If 1 then base IMEI off of of DeOvice MAC Address (last 5 hex words) (2 bytes = 1 hex word)
; 0A is converted to 010, FF is converted to 255 etc.
; NOTE: Use_Serial_Number takes priority
Use_Manual_Input = 1
; If 0 then Manual Input disabled
; If 1 then Manual Input enabled
Encrypt_IMEI = 1
; If 0 then uses actual data for IMEI... i.e. Serial Number (last 15 digits) or MAC Address (last 5 hex words) is actual IMEI
; If 1 then program encrypts data for IMEI generation... hiding actual Device data
New_Type = 1
; If 0 then the old type of "00-XXXXXX-YYYYYY-ZZZ" will be used
; If 1 then the new type of "00XXXXXXYYYYYYZZZ" will be used
Use_ADB = 1
; If 0 then ADB is disabled... this will prevent In-Place updating from working all together
; If 1 then ADB is enabled... In-Place will work... IF adb is working on your device
; NOTE: This takes priority over Use_ADB(usb) and Use_ADB(WiFi)
Use_ADB(usb) = 1
; If 0 then ADB via USB connection is disabled... I use this since some ROM's have Debug Mode issues
; If 1 then ADB via USB is enabled and attempted first
; NOTE: Use_ADB takes priority over Use_ADB(usb) and Use_ADB(WiFi)
Use_ADB(WiFi) = 1
; If 0 then ADB via WiFi connection is disabled
; If 1 then ADB via WiFi is enabled... I use this since some ROM's have Debug Mode issues
; NOTE: Use_ADB takes priority over Use_ADB(usb) and Use_ADB(WiFi)
Clean_Up = 1
; If 0 then the program will leave all support files when cleaning up and exiting
; If 1 then the program will delete all support files when cleaning up and exiting if none of them
; existed at program start
Include_Patch = 0
; If 0 then custom patches is disabled
; If 1 then the program will prompt for custom patches to include
Device_Manufacturer =
; If blank then the program will not edit build.prop
; If anything other than blank the program will edit build.prop to include manufacturer
Manufacturer_Device =
; If blank then the program will not include device in build.prop edit
; IF anything other than blank the program will include device in build.prop edit
; NOTE: No build.prop edit will occur if Device_Manufacturer is blank
Device_Model =
; If blank then the program will not include model in build.prop edit
; IF anything other than blank the program will include model in build.prop edit
; NOTE: No build.prop edit will occur if Device_Manufacturer is blank
Build_Fingerprint =
; If blank then the program will not include Build Fingerprint in build.prop edit
; IF anything other than blank the program will include Build Fingerprint in build.prop edit
; NOTE: This edit will occur even if Device_Manufacturer is blank
LCD_Density =
; If blank then the program will not include LCD Density in build.prop edit
; IF anything other than blank the program will include LCD Density in build.prop edit
; NOTE: This edit will occur even if Device_Manufacturer is blank
WiFi_IP_Address =
; You can enter the default Device IP address here... especially useful if you are only using this on one device...
; or if you keep seperate folders for each device you use (!IMEIme.exe and !IMEIme.ini must be in each folder)...
; i.e. folder for "sister" containing the program and ini file at minimum.
; If blank the program will prompt you for the IP address of the device to establish ADB WiFi connection
IMEI =
; Enter a base 10 (integer) and it will be used as the IMEI (duplicated until 15 digits is reached)
; Enter your "seed" and the program will generate an IMEI based off of it
; NOTE: If you try to generate the old GENERIC IMEI the program will not do it
[Settings]
Use_In_Place = 0
Use_Previous_Patch = 0
Use_Serial_Number = 1
Use_MAC_Address = 0
Use_Manual_Input = 1
Encrypt_IMEI = 0
New_Type = 1
Use_IMEI(15) = 0
Use_ADB = 1
Use_ADB(usb) = 1
Use_ADB(WiFi) = 1
Clean_Up = 1
Include_Patch = 1
Device_Manufacturer =
Manufacturer_Device =
Device_Model =
Build_Fingerprint =
LCD_Density =
WiFi_IP_Address =
IMEI =
Credits:
mthe0ry: Credit for the original IMEI patches released for us Nookers(TM). His original thread is here...
martian21: Took mthe0ry's work and maintained it for releases of CM7, upeating it for each nightly that needed a new one. Martian21's thread.
HacDan on irc.freenodes.net #nookcolor for helping me figure out patching GSMphone.smali instead of TelephonyManager.smali
Thank you's:
paleh0rse: I believe was the first to download and test this program... I think the first bug report too... helped many users with suggestions regarding their apps.
mr_fosi: Continues testing and reporting despite no need to. Tested a few private beta builds to help iron out a significant issue. Also providing information regarding Phone App *#06# IMEI test.
martian21: Set the wheels turning. Provides invaluable feedback and suggestions. He is an invaluable tester and Q&A guy. Thanks for dangling that bait
mellopete: Provided the very first bug report... prompted me to include necessary files in the program itself.
TheMainCat, 12paq and frankusb: Provided bug reports leading me to look at why some Windows versions didn't run the program initially.
Nayla1977: Bug report regarding a mistyped EndIf in my source.
jdexheimer: Bug report that lead me to find a problem with folders with spaces in them.
LinuxParadigm: Bug report regarding missmatching If - EndIf's.
BitingChaos: first public post to get me back on target.
dillweed, garrisj and many others: for PM's indicating the importance of this solution.
lemdaddy for reporting the bug that we tracked down to the java version and reporting back that it was the java version causing issues.
adusumilli for reporting the bug where IMEI was generated as "00-cat: c-an't o-pen"
topcaser for being persistent enough with the bug causing In-Place to fail in certain situations.
HacDan on IRC for leading me in the right direction to impliment the patching of GSMphone.smali.
We are all adults, if we break our toys... we only have ourselves to blame and we may have to buy new ones... (this will NOT break your Nook... I PROMISE you that! but it may break some of your apps... more on that later in post)
BUG REPORTING:
This program was initially ineteded to generate a unique IMEI based on your device S/N and update Dev's install zip files... it has become so much more, and as such there are many functions involved in this process.
Due to the complexity the program has taken on... far beyond what I initially intended... to report bugs please try to use the following as a template:
Function attempting: i.e. Updating ROM... In Place Upgrade... Update framwork saved on computer... etc.
Error Messages: any error message you receive... or the last message you saw prior to the issue.
End result: i.e. GSMphone.smali updated, ROM not... GSMphone.smali updated framework.jar not... etc....
Environment: ROM in same folder as IMEIme.exe... ROM on same drive as IMEIme.exe... ROM on different drive... etc. (same for framework if updating framework instead)
!IMEIme.ini settings: you can put your entire ini file if you'd like.
If you could take notes of EXACTLY what which selection in the GUI you have selected and any buttons you click on which prompt it would be EXTREMELY helpful...
As I said, this program has taken on functions I initially had not imagined including... the more features added, the more complex testing and tracking bugs becomes... I don't want to include a bunch of messages just for the sake of letting you know where in the code you are... would not be beneficial to you... more buttons to click for no reason, etc.
The more detailed you can be, the quicker I can see what is happening... otherwise I have to try to duplicate what I think you are doing when you get the error.
mr_fosi and martian21 have been very tedious in reporting bugs... I greatly appreciate their testing despite not needing to, and the manner in which they document what is going on....
Everyone should click "Thanks" on their bug report posts... they have been instrumental in getting the program where it is so far.
Background:
Some developers require a unique number that is supposed to be provided by hardware manufacturers that is unique to every device. This unique number (IMEI) is extremely important in devices utilizing cellular communications.
Since B&N has not registered IMEI numbers for the Nooks, the AOS's we are using do not acquire it as they do in other Android devices.
The developers that require a unique IMEI have been less than receptive of our devices and past methods to provide functionality to utilize their apps.
I decided to provide what I believe to be a viable solution to this problem.
What this program is:
It is a method to provide a unique IMEI (with reasonable certainty) for our Nooks.
It IS intended to be a supplement until IMEI is addressed in dev's ROM's.
It IS viable for Froyo... CM7... CM9... CM10...Honeycomb... MIUI.... AOKP... and others.
I can't think of any reason it will not work with ANY ROM you choose to utilize... if you run across one... just let me know and I'll see if I can't fix that.
What this program is not and does not do:
This is not a perfect solution to our Nook specific issues. Let me make it PERFECTLY CLEAR there is NO PERFECT SOLUTION We are generating an IMEI from something else... I use TEST IMEI patterns based off of our device serial number, to ensure apk devs wouldn't come down on us.
It is not targeting any specific AOS.
It is not guaranteed to be accepted by any other developers.
It is not intended to be the end all, beat all solution.
It is not intended to dissuade other developers from providing what they feel is a better method.
It will not cause any programs to show in the market. That has to be dealt with via APK developers and/or build.prop Manufacturer strings.
Potential issues:
There is NO legitimate solution to the IMEI issue we Nookers (TM) face... unless a group desires to register a block of them for our use... thus I am generating TEST IMEI's... ideal... no, but the only method available to us.
While I feel, with significant certainty, there will be no negative consequences from apk devs in general, I cannot speak for them, or their logic. This can easily be disabled by them again. That is on them, not me or us. By the same token, they can decide to stop providing their service for cause, I still have no control over that.
Above, I emphasize “with reasonable certainty” due to the fact that, in theory, you can wind up with an IMEI that 9 other Nooks that use this software has. That can only happen if the other 9 owners use this program and have a serial number within the same 10 as yours. This is even less likely with the New IMEI Type since it is using the right most 16 digits of a device serial number (and we know they all start with 2)
If everyone who has the same beginning 15 digits utilizes this program to generate an IMEI, you will all wind up with the same IMEI. Given the number of Nooks out there compared to the number of user's hacking them.... I find it extremely difficult to believe, with a reasonable certainty, that any 2 (much less 10) devices would ever wind up with the same IMEI generated by this program. This is prevented when using the New IMEI Type
What this program does/is capable of:
It allows you to extract framework.jar from a developers update zip file.
It will allow you to pull framework.jar from your Nook or use an existing framework.jar already stored on your computer.
It will generate an IMEI based on your Nook's serial number (or MAC Address) if adb is working on your system. If you have issues running adb via USB (ADB(USB)), it provides the opportunity to utilize adb via WiFi (ADB(WiFi)) for any computer-device communications.
It will provide you a method to manually input your serial number if you cannot connect to the device via adb. You can also input a “seed” (easy to remember word or phrase) and generate an IMEI based on the ASCII codes of the text you enter.
It will edit /com/android/internal/telephony/gsm/GSMPhone.smali to rename any existing getDeviceId() and getDeviceSvn() function to getDeviceId2() getDeviceSvn2() and append the patch to end of that file. NOTE: When the program "smali's" the resulting GSMphone.smali... it relocates the appended function to be before the renamed function.
It will save the patch as IMEI.fix, thus allowing you to utilize it for subsequent runs of the program. A caveat to this is... if you run it from the same folder on a friend's Nook... it will overwrite your original one if it is in the same folder or they will have the same IMEI as you do if you use Previous Run.
It will offer to push the patched framework.jar to your Nook... IF you opted to pull framework.jar from your Nook AND adb successfully worked to do that. This facilates in place upgrading.
It will backup the existing developers zip file appending “-IMEI” to it, distinguishing it is one this program has been used on. It will update this file, not the original developers file.
If there are issues with file names that become duplicate in a case insensitive OS such that windows is, it will warn you of this case and not remove the updated framework.jar to facilitate manual updating of the zip file.
Caveats:
This program is known to work on Java version 1.6.0_23 and known NOT to work on version 1.6.0_17 or earlier. If your system seems to work fine... but the nook does not give you an IMEI number... check your java version by typing this in a DOS window (start-run and type in cmd):
java -version
this will tell you the version of java you are running.
Java must be on your system. It must be in your system's path statement, or this program must be in the java/bin folder. It is possible that you must have java 32 bit version, this is being researched.
It will very likely break your swype, or any other app that utilizes IMEI for validation and you have used previous methods to circumvent their validation process.
It will likely break the same software if/when developers include a fix to the Nook IMEI situation in their AOS. Unless you opt to use this method again on their AOS to ensure you maintain the IMEI you used my program to generate.
Since I have opted to utilize test formed IMEI's to prevent duplicating someone's “real device” IMEI, software developers can easily shut us down again. That is their option. I am trying to provide a solution that is acceptable to both sides of the fence.
Closing statement:
As I desire to make this program as beneficial as possible... PLEASE provide any feedback and/or bug reports... just don't continue to push your ideals once it has been discussed... beating dead horses gets tiresome and just wastes precious time.
112 downloads of 2.2.0.3 with bug when pervious fix was selected
1686 downloads of 2.2.0.2 with no bugs reported
141 downloads of 2.2.0.1 with CM10 in place bug that would cause BBSOB and never boot
197 downloads of 2.2.0.0 (that actually appeared to be 2.1.0.4 in the zip) with a few minor bugs... mostly in custom patching
648 downloads of 2.1.0.3 with known GT for GameLoft issues
1123 downloads of 2.1 with no known bugs
182 downloads of 2.0a with a Generic IMEI bug
1919 downloads of 1.9 with no bug reports
3131 downloads of 1.8 with all bug reports being for non-nook devices
80 downloads of 1.7 with no bug reports
600 downloads of 1.6 with a couple of reports of In-Place update bug
880 downloads of 1.5a with 0 bug reports
148 downloads of 1.5 with a bug that could result in IMEI being generated without being properly formed.
36 downloads of 1.4 with a bug that could result in IMEI of "cat: can't open".
258 downloads of 1.3 with 0 bug reports... time to move on with next feature.
1618 downloads of 1.1 and the only bug noted has been tracked to the user's Java version.
12,758 downloads prior to the current version.
Bug reporting thread for !IMEIme
Device list thread
Looks like I have something new to mess with tomorrow night... thanks for working this, we owe ya!
Been looking forward to this! Thanks for your hard work DizzyDen.
Tested it out however it isn't finding 7zip. I've tried both the 64-bit and the 32-bit version (on 64-bit Windows 7). I'm probably doing something wrong if so please feel free to enlighten me
Martian21
martian21 said:
Been looking forward to this! Thanks for your hard work DizzyDen.
Tested it out however it isn't finding 7zip. I've tried both the 64-bit and the 32-bit version (on 64-bit Windows 7). I'm probably doing something wrong if so please feel free to enlighten me
Martian21
Click to expand...
Click to collapse
It wasn't you... there's something weird with the API to the fileopendialog that changes the working directory... a TEMPORARY work around is to copy the zip file to the folder you are running the program from.
Updating to beta 2 to auto extract support files on run.
Beta 2 is up... OP updated... note the bold text... for now the zip file must be in the same folder as IMEIme.exe
That will be fixed shortly.
Updated to beta 3. OP updated.
Fixed file browse for update file.
Improved cleanup behind itself before exiting...
removes helper files
removes framework.jar
removes classes.dex
removes out folder
removes system folder (the one used to add framework.jar to the zip file)
Still debating ability to allow manual input of the IMEI or a serial number... but those that want to do it will probably figure out how to do it manually... its REALLY not that hard.
Will add random IMEI generation as an option. The only purpose I see for this is for those who don't want to use the generic IMEI and cannot get adb working... even with the included adb in this program.
Feedback and bug reports are welcome and will help improve the program.
Thank you for this
I had to copy my AdbWinApi.dll for it to work. It did not put the new framework.jar in the zip though. It made the files, but didn't update the zip. I moved it to the root of my drive and ran it as administrator, but it still didn't update the zip. I am using Windows 7 x64. I used the IMEI.fix file and updated the zip myself. Thanks again for this nice tool.
mellopete said:
I had to copy my AdbWinApi.dll for it to work. It did not put the new framework.jar in the zip though. It made the files, but didn't update the zip. I moved it to the root of my drive and ran it as administrator, but it still didn't update the zip. I am using Windows 7 x64. I used the IMEI.fix file and updated the zip myself. Thanks again for this nice tool.
Click to expand...
Click to collapse
Did you use something prior to b3 ?
There was an issue I discovered that was preventing appending IMEI.fix to TelephoneProvider.smali that was fixed in b3.
I did my development on windows64 so that shouldn't be an issue.
As for the dll... I hadn't experience issues with that... but I can certainly add it to the program.
Both adb dll's will be included in all releases after b3.
Good job!
Can you explain more about how rom is being affected?and what to check?
Sent from my phiremod for Nook using Tapatalk
DizzyDen said:
Did you use something prior to b3 ?
There was an issue I discovered that was preventing appending IMEI.fix to TelephoneProvider.smali that was fixed in b3.
I did my development on windows64 so that shouldn't be an issue.
As for the dll... I hadn't experience issues with that... but I can certainly add it to the program.
Both adb dll's will be included in all releases after b3.
Click to expand...
Click to collapse
b3 is the first one I tried. I didn't look at the classes.dex before it was deleted. I will check.
RASTAVIPER said:
Good job!
Can you explain more about how rom is being affected?and what to check?
Sent from my phiremod for Nook using Tapatalk
Click to expand...
Click to collapse
Read here http://forum.xda-developers.com/showthread.php?t=1004102
TelephonyManager.smali did not change.
mellopete said:
TelephonyManager.smali did not change.
Click to expand...
Click to collapse
Please make sure b3 is the one you are using. When you originally posted... the thread was showing 0 downloads of that file.... or just wait a few minutes... beta 4 is on its way shortly.
To ensure TelephonyManager.smali is not changed you need to look in two places.... the easiest way is to search for getDeviceID
If it worked correctly you should find 2 instances... the first is the original function and my program renames it to getDeviceID2()... the second should be the one !IMEMe adds to the end of TelephonyManager.smali
Additionally... could you check and see if your run is actually overwriting update zip file.... see if there is a update ".zip.tmp" file left over... if it is there... the zipping is running into an issue overwriting the original file... I thought I had that issue worked out... but may need to add a check for that within my program.
I d/l b4, dropped it in a directory with just the .zip for n87 and ran it (win7 pro 64-bit). It errored out and here's the play-by-play of each of the windows which popped up one immediately after the other:
- I was warned about you being an unverified software publisher, which I OKed.
- "Windows cannot find 'java'. Make sure you typed the name correctly, and then try again." I OKed this one as well.
- window titled "DizzyDen's IMEI Generator" containing: "Return Code is:0 and Error Code is: 1"
- window titled "DizzyDen's IMEI Generator" containing: "Java is required on your system. You can download the current version from http://java.com"
I have JRE6 on my machine, though it is not in the system PATH.
Oh, and there were files for 7za, adb, .dll's and .jar files left behind.
mr_fosi said:
I d/l b4, dropped it in a directory with just the .zip for n87 and ran it (win7 pro 64-bit). It errored out and here's the play-by-play of each of the windows which popped up one immediately after the other:
- I was warned about you being an unverified software publisher, which I OKed.
- "Windows cannot find 'java'. Make sure you typed the name correctly, and then try again." I OKed this one as well.
- window titled "DizzyDen's IMEI Generator" containing: "Return Code is:0 and Error Code is: 1"
- window titled "DizzyDen's IMEI Generator" containing: "Java is required on your system. You can download the current version from http://java.com"
I have JRE6 on my machine, though it is not in the system PATH.
Oh, and there were files for 7za, adb, .dll's and .jar files left behind.
Click to expand...
Click to collapse
java will need to be in your path... I have no way of including all possible locations of where it could be installed... and it is way too big to include with my program.
The left over files is due to the program exiting when it did... I will fix that in next beta... should have waited until java was tested to extract them... or have it perform cleanup before exiting on any errors... sorry bout that.... you can leave them... when you have successful run (or run beta 5 or later) it will clean them up.
For now you may have to run as administrator.... I will try to add code to avoid this in the short future.
BTW. Nowhere does getDeviceID does it say that it must be a well formed IMEI.
nemith said:
BTW. Nowhere does getDeviceID does it say that it must be a well formed IMEI.
Click to expand...
Click to collapse
As much as I admire your work... I am honored that you are even checking this out.
I do understand that as of now it is not required... but I figure if I utilize standards (as much as there are anyway) we may avoid future issues if dev's start checking for well formed IMEI's.
I figure if I'm going to make this... I might as well make it right.
As far as I can determine... if a sw dev implemented IMEI checks, the only thing that could cause them to shut down someone using this would be to check that it is a "TEST" IMEI... but I don't see that happening, because hardware manufacturers do use these in testing.
DizzyDen said:
java will need to be in your path... I have no way of including all possible locations of where it could be installed... and it is way too big to include with my program.
Click to expand...
Click to collapse
Roger that. Should the instructions then note either the required change to PATH or that the file must be run in the user's jre#\bin directory?
DizzyDen said:
The left over files is due to the program exiting when it did... I will fix that in next beta...
Click to expand...
Click to collapse
I figured as much, but thought you should know.
DizzyDen said:
For now you may have to run as administrator...
Click to expand...
Click to collapse
I ran it this way and got the same behavior.
I'll keep a lookout for further versions, test them and report.
Beta 5 is up... OP updated to include Java requirements... thank you mr_fosi for pointing this out.
RASTAVIPER said:
Good job!
Can you explain more about how rom is being affected?and what to check?
Sent from my phiremod for Nook using Tapatalk
Click to expand...
Click to collapse
Did you find the information in the thread linked in response to your questions?
TY mellopete for that.
- Plugged NC into USB port.
- Copied new B5 exe and n87 zip to java\jre6\bin directory.
- Ran exe as admin.
- Prompted for .zip check ("is this correct") and it was, so I OKed it. Not OKing it gave me the option to browse for the file, which I cancelled, resulting in a termination of the prog with a few more dialogs. Any extracted files were cleaned up an prog close, except for adb.exe (which I deal with below).
- Re-ran, exe, chose the detected n87 .zip.
- Displayed correct serial.
- Displayed correct generated 17-digit IMEI.
- Dialog contents "Modifying" gave error "Unable to open file", which I OKed.
- Several more dialogs flew by in rapid succession without error, ending with "Updating ROM" overlaid by "Updated ROM file has been saved as: cm_encore_full-87-IMEI.zip".
- Not all ancillary files were cleaned up. Two files remained: 1) IMEI.fix, a plain txt file containing the correct code to insert the generated IMEI and 2)adb.exe which could not be removed because it was still running the devices server. Running "adb kill-server" in the java\jre6\bin directory allowed me to remove adb.exe.
- A check of the modified smali showed only one instance of "getDeviceId" indicating that the smali had not been modified to add the code to spoof the IMEI.
I would also not have been able to eject my NC, had I tried, until I killed the adb server. Looks like one more line of code to add before cleanup.
Zen's Backtrack 5 For HD2 (and other) Android Smartphones
V0.3
----------------------------------------------------------
New app for loading this (and other) Linux Systems! - https://play.google.com/store/apps/details?id=com.linux.autoloader
Image and app support can be found here --> http://www.zenfulapps.com/
Packed - 640mb
Unpacked - 2.6gig (fits on 3.3 img now.)
--GRAB THE UPDATED SCRIPTS ATTACHED TO THIS POST, THEY ARE NOT PACKAGED INTO THE ZIP--
--Scripts are set to load from EXT4 partition, when i modify them for the .img's ill add them to the script pack--
--if you have .img mounting scripts from previous versions, they will work, as long as file names and directories match--
V0.3 Download
http://www.zenfulapps.com/Android/backtrack5-0.3.7z
(MD5 is still the same
MD5sum (of .7z file) - 9a4796f0ed96e03579c2b4a684d026f5
--------------------
Script pack contains
--------------------
btgo - mounts BT5, and askes how you would like to start, CLI or VNC
bts - stops BT5, and unmounts everything for it.
btl - used to login to bt5 after it has been mounted, to avoid all those "resource busy" messages
mkcore - directory installation and swap file creation
-------------
What you need
-------------
Rooted Android Smartphone
Linux on PC
Busybox installed on your device
SDcard adapter or reader, if neccesary
----------
Lets begin
----------
There are 3 different ways you can do this:
1. Fresh install on EXT4 Sdcard partition ( I HIGHLY recommend this method if possible, much better, a bit faster (no double loops to write to)
2. Create Fresh .img
3. Replace old BT5 system .img
=========================================
1. Fresh install on EXT4 Sdcard Partition
=========================================
This portion of the guide is to install BT5 on a FRESH EXT4 partition on your SDcard. Throughout this porcess, you will:
Backup your current sdcard (EVERY PARTITION, this is why we use PC-linux and not windows)
Fully erase and repartition your SDcard
Replace Android system and user data
Install BT5 on third partition
prepare system for chroot and VNC connection
----------------------------------------
Boot into your Linux operating system. **I DO NOT recommend using virtualbox or vmware, as drivers for usb and SDcard connections arent direct, things can go wrong.**
Shutdown your phone, and remove your SDcard. Do not use adb, or any other tools to do this.
insert your SDcard into your computer (adapter or reader yada yada) and mount every partition.
Make careful note of what is on which partition. safest way to back everything up is through the command line with the command
Code:
sudo cp -Rfvp /media/your-sdcard-partition/* /where/your/backup/folder/is
Do this for each partition, whether you have 1, 2, 3, or more.
In my case, my backup directory looks like this:
Code:
[[email protected] sdcard-backup]$ ls -l
total 12
drwxrwxr-x. 2 hookup-cellular hookup-cellular 4096 Sep 13 18:48 ext2
drwxrwxr-x. 2 hookup-cellular hookup-cellular 4096 Sep 13 18:48 ext4
drwxrwxr-x. 2 hookup-cellular hookup-cellular 4096 Sep 13 18:48 fat32
(ignore the empty directory sizes, my TRUE backup folder is MUCH more vulgar and i wont display it publicly, people may tear thier eyes out )
After everything is backed up, open your partition manager (in Gnome it is gparted, cant remember the name in others)
Navigate to your SDcard, and DELETE every partition. every one.
afterwards, recreate them using this strategy:
partition 1 - FAT32 size = total sdcard size minus ext2 and ext4 partition sizes
partition 2 - EXT2 size = 256mb, 512mb, 1gb, depending on how you like your apps2sd
partition 3 - EXT4 size = size you want for linux, minimum should be 4gb (mines at 10gb, i like my linux and got 3 different ones on it at the same time.)
When you are done, copy back your fat32 and ext2 stuff using the SAME COMMAND AS ABOVE (sudo cp -Rfvp from/here to/here)
Now, unzip/tar the .tar.gz package. I recommend extracting it to your pc before trying to put it on your sdcard.
Using the copy command above, put the extracted files onto your sdcard's EXT4 partition.
Double check the partition (navigate to it in nautilus or whatever filemanager your using) and ensure that it has the system copied over properly. You should see /boot /etc /root /sys so on and so forth, NOT just one folder with all of those inside of it.
Insert your SDcard, power on your phone, go to terminal emulator, and enter this:
Code:
su
cd /sdcard/scripts
sh mkcore
Swap file is damn near neccessary if your planning on using any GUI tools (armitage, zenmap)
Your directory structure is now in place, swap file created, and you start BT5 by typing (from /sdcard/scripts OR /data/linux):
Code:
sh btgo
=================================
2. Fresh Image Creation
=================================
for this, we use the dd command and mkfs.ext4 command.
Code:
dd if=/dev/zero of=/path/to/where/you/want/the/img bs=1M count=3300
Change this command as needed, running it as is wont do anything good. Change the of= to where you want your img to be located.
next is mkfs.ext4
Code:
mkfs.ext4 /path/to/where/you/want/your/img
select yes when it cautions about "not a block device"
When this is finished, mount it using these commands:
Code:
su
-your password-
mkdir -p /mnt/bt5img
mount -t ext4 /path/to/your/img /mnt/bt5img
now, extract the BT5 package to a place on your Computer. When finished, run this command:
Code:
sudo cp -Rfvp /path/to/bt5/core/* /mnt/bt5img/
changing parameters accordingly.
After this, copy the .img to /sdcard/bt5 and run the start scripts from your terminal emulator.
================================
3. Replace Existing Image
================================
Mount your bt5 image, erase what is inside of it, and copy in the new system:
Code:
su
-your password-
mkdir -p /mnt/bt5img
mount -t (your ext type) -o loop /path/to/your/bt5/img /mnt/bt5img
rm -Rfv /mnt/bt5img/*
cp -Rfvp path/to/bt5/core/* /mnt/bt5img/
unmount your .img, place it on your sdcard, and your all set.
==============================
Changes in v0.3
==============================
- Trimmed alot of fat, fits inside of 3.3 image now, though space is SEVERLY limited (removed CUPS and sound stuff, who needs to print from within thier phone anyways?)
- various small changes for performace improvements.
- a few new tools installed, but not tested
- restored my personal version that i nuked. It works now.
NEW STUFF TO COME, STAY TUNED!!!
First off, My apologies for starting a second thread on this, I've made ALOT of changes and i feel the first thread is dead and useless. (Reprimand me if needed
-pics coming once I find my camera could be a small while-
---------------------------------------
Backtrack5 for HD2 - v0.2
Customized by z3n
My goal: the perfect stealth
tool in your pocket
just one tap away
---------------------------------------
========================
Codename
Squeaky Wheel
========================
Updated, check second post for changelog
========================
DOWNLOAD
========================
Please use the scripts attached at the bottom of this post instead of the packaged ones, and i havent had a change to update the full image zip with it (uploads take a while )
V 0.2
Part 1 - http://www.megaupload.com/?d=D0MQVAS4
Part 2 - http://www.megaupload.com/?d=M2MRYLAH
MD5 - 06225e18cdbfee6f88daf7e9ee3a1163
SHA1 - eeba19e53565a1643703cf8938be2f8cfc12db9a
V 0.1
Part 1 - http://www.megaupload.com/?d=83B22Y00
Part 2 - http://www.megaupload.com/?d=SB98AA19
mirror - (NOT interchangeable)
Part 1 - http://www.megaupload.com/?d=HU320Z81
Part 2 - http://www.megaupload.com/?d=QN9C560Z
Checksums of bt5.img
MD5 = 863e6db99e5207a81ad0df7d13998235
SHA1 = c84d8f27df8b9b51059e5a6b09e65853f11de970
7zip required to extract.
Just over 1gb packed, unpacked is 4.9gb.
========================
INFO
========================
This is my first release of a customized, working, mostly stable BT5.
Many things have been added, taken out, and configured to be used within the Android system. For a full list, please see the bottom of this post.
Mounting is different than most other linux .img installations, allowing for a full (and expandable) image.
V 0.2 Now has a swap file created when you run the mkdirectory script. This swap file is necessary, as with all my tests, When you run VNC with most of the major tools, there's a high chance of the phone running out of memory (im running no extra apps, completely stock Hyperdroid)
(if you have a swapfile already, you can say no to creating another, just make sure that the file is located at /data/bt and named btswap.)
**This image is in ext4, make sure your kernel supports it!**
**Everything tested on Hyperdroid-CM7 by pongster**
==============
INSTALLATION
==============
You need:
-Full Nandroid Backup in case something goes batty
-16gb HD2
-ext4 support on your ROM/kernel (lost my ext2 image due to my own stupidity, will create another matching one later)
-Linux on PC (to create the ext4 partition)
-Busybox (from market)
-VNC Viewer (from market) (optional)
FAT32/EXT4 Split card
---------------------
1.
Back up your HD2 and SDCard to safe places (off of the phone and sdcard)
2.
Boot your linux installation and open partition manager. erase all the partitions on yor SDcard. Then create them in this order.
1. FAT32 - size of this is total sdcard size minus 6.5g (for bt image) minus 100mb for aps2sd
2. ext2 - 100mb
3. ext4 - 6.5 gb
3.
Copy the bt5.img to the root of your third partition.
copy the bts folder to the root of your FAT32 partition.
4.
if this is your first time using this script/image, run the mkdirectory script first with
Code:
su
sh /pathtoscripts/mkdirectory
Load up your android terminal and type
Code:
su
cd /path/to/scripts
sh go
5.
Now it asks you if you want to log in to the console or start vnc automatically. (check log for port, usually 5901 or 5902)
DEFAULT VNC PASSWORD IS: toortoor
DEDICATED SDCARD
----------------
Same as everything above, minus the FAT32 partition.
"sh ded"
starts for dedicated SDcard instead of
"sh go"
Proper Shutdown Procedure
=====================
Stop script has been modified to shutdown backtrack and all of the (usual) programs that stop things from unmounting properly.
Exit any VNC connection you currently have.
1. Run sh stop (from your scripts location)
2. Reboot phone as a precaution.
One thing i did personally to make this easier was load the scripts onto /data/bt, so switching SDcards or locations doesnt matter.
(I also changed the terminal start directory to my scripts folder easy quick access)
=======================
Main Features I've gotten to work
=========================
-Clean mount/umount, as long as VNC and MySQL are killed BEFORE exiting the chroot - stop script kills these now
-Apps no longer disappear for good with sdcard removed, only disappear until SDcard is reinserted (apps2SD/loop device problem, any ideas?)
-MySQL for metasploit
-Metasploit working
-Armitage working, missing some "Attack" options (looking into it)
-Zenmap installed
-OpenVPN installed
-Traffic analysis possible with tcpdump (local only)
-Enables possibility for FakeAP attacks
-macchanger works (kinda, phone needs a reboot for original MAC to return)
-Armitage Launcher placed on Desktop (takes a while to load, be patient)
-Terminal Launchers in various places (updating may randomly remove your terminal, synaptic placed on desktop as standby to redownload terminals
-guake installed (drop down Terminal, makes commands easier to see while working) (not configured to a key yet)
This probably works with other Android phones too. If you change the scripts, and as long as it has a external SDcard you can partition.
if your using a different phone, this is untested unless specified otherwise.
-boot and shutdown scripts run clean as long as VNC and MySQL are shut off(in almost all cases)
@ XDA
http://forum.xda-developers.com/show....php?t=1152994
PASSWORDS
------------
MySQL - user: root pass: toor
VNC - User: root pass:toortoor
sys pass - user:root pass:toor
(I know, standard ones, but this should answer a few questions)
===============================
Thanks
===============================
anantshri - for the original scripts and BT5 img for android
BT dev team - (of course )
and all of you
===============================
Information, bugs, and oddities
===============================
One important thing, While performing heavy operations, its normal for your screen to not turn on for a while if it turns off. Dont panic, just give it some time to finish whatever you were running and your phone will be back to normal again. DO NOT PULL THE BATTERY UNLESS ABSOLUTELY NECESSARY.
To avoid this, get wakelock (known to cause problems) or set your screen timeout to some large number.
Swap file will help with alot of this.
These are the features I've tested out so far.
No major changes to anything, (except new packages) just configuring everything i see.
If you find anything you want added in or that is acting odd, please let me know. Same goes for if you fix something!!
Overall
-------
-Repo's activated, most things work (upstart processes fail, for now)
-startvnc and stopvnc no longer give that pesky USER error
-startvnc starts mysql database for metasploit
-stopvnc stops mysql (mostly, invoke ps -A and look for mysqld. Kill it with fire(-9) if need be)
-network traffic is capture-able with tcpdump, with wifi hotspot activated
-working on adding in a swap partition on sdcard (if possible)
-openoffice installed
-openVPN installed (the quieter you become...)
-Removed Zoho Web services
MySQL
-----
default user - root
default pass - toor
-Starts automatically with startvnc
-stops automatically with stopvnc
-start manually by invoking "mysqld"
-Only runs as root (for now)
-Console hangs when it is manually loaded or shutdown, service continues running though. killall --signal 9 mysqld if needed.
Metasploit
----------
-Loads up alright (45-90 seconds)
-MySQL already set as default DB
-Must manually connect to MySQL DB each instance of metasploit by invoking (from msf) db_connect root:[email protected]
-working on a possible way to limit cpu consumption to prevent system hangs(cpulimit does some nasty things)
-So far, this is the only connection string ive been able to get to work: root:[email protected]
Armitage
--------
-Takes forever to load (30 seconds for connect screen, 4 minutes or so for main client)
-Causes system hangs frequently (to minimize this, leave the vnc server on your screen, and set the display timeout to 10 minutes-switch it back when done to conserve battery life)
-So far, this is the only connection string ive been able to get to work: root:[email protected]
-Can Crash phone if running too big of an operation (Max Phone memory problem, fixed in v.2 with swapfile added)
Zenmap
------
-Slows phone down (incredibly bad with more complex scans, of course)
-Some Complex scanning options can crash phone (Nothing damaging has happened)
-will attempt to throttle cpu usage in the future
-Can Crash phone if running too big of an operation (Max Phone memory problem, fixed in v.2 with swapfile added)
Aircrack-ng suite
-----------------
-Aircrack-ng works
-Airodump-ng doesnt work (needs monitor)
-Airdecap-ng untested
-Airdecloak-ng untested
-Airbase-ng doesnt work (needs monitor)
-Airmon-ng doesnt work (needs monitor)
-Aireplay-ng doesnt work (needs monitor)
-Airdriver-ng doesnt work (yet)
-Airolib-ng works (doesnt do anything yet)
-Airserv-ng doesnt work (needs monitor)
-Airtun-ng doesnt work(needs monitor)
Plus lots of stuff for the future, stay tuned!!
http://forum.xda-developers.com/show....php?t=1152994
In the future
=========
-nessus
-Booting via HD2 Toolbox by d4n14l (sp?)
-Custom kernel (WAYYYY down the road, but working on it)
and more
--Copyrighted by z3n, 2011
(just kidding, but it looks good )
Looks good will give it a go.
Thanks for sahring
I we could get our wifi card into monitor mode --> awesome!!!!
Thanks to z3nful & everyone made this possible!
Enjoy everyone
The next release is going to be faster, stabler, and more useful
I'm also working on a round-about way for packet injection and monitor mode
Stay tuned
Sent from my Hyperdroid Pocket Laptop
cool.. good job man..
Are you trying to patch the wifi drivers ? =D
Holy crap.....this is a dream in the making Bring on monitor mode and packet injection
I've done some researches.. and found out that many devs have tried making the driver to work on the Monitor mode.. but they failed to do that.
It looks to me that Backtrack on HD2 is kinda useless.
Not useless, just last night I ganked my roommates computer with my phone
As far as monitor mode and injection go, sadly, they may be right that its not possible, but I got some ideas that may make it work, I just need to hammer out some kinks in BT first
And who needs monitor when you can fakeAP?
"Make them hand you the keys and you don't have to break their Window(s)™"
Sent from my Hyperdroid Pocket Laptop
A m a z i n g
Next release is going to be even better this 5gig image is almost full, so I'm going to expand it to 6gig, along with instructions on how to expand your own image if that's to large or want even more space.
Btw, Wine should be good to go in the next one
stay tuned!!
Sent from my HD2 "Pocket Laptop"
I would love to see some Sceenshots (or better: a video) here!
Lol will do, gotta go find my 10 year old Polaroid I've been using this phone or all my pics and videos, so this could be tricky
Sent from my HD2 "Pocket Laptop"
good to see development beyond just starting up the image... I would be taking some pointers from here for my device too....
hope you don't mind that....
Not at all, I've been trying to track down your name again so it can add you to the credits part, as the basis of the scripts was yours lol, I just changed the loops and mounting structures around a bit, and added some stability checks.
The scripts for this image are slightly out of date but I got new ones going up once I have time they should fix a few of the small eerrors people get while mounting
My next version is a little ways out (works gotten crazy busy lately) but it'll be out eventually
Sent from my HD2 Pocket Laptop
Not Booting!
Hi Thank you for sharings this up!!! this is like a dream for alot of people.
i have followed all your steps but i have a problem when i run the scripts, the folders dont get created because when i run go i get a bounch of folder not found.
my SD card had some differences is a 16GB
with
Fat32
Ext-sd/ EXT2 -->1GB
EXT3 --> 100MB
EXT4 --> 6.5GB
could this setup causing the script to look on the wrong partitions? i have alot of time with out playing with Shell scripting but i would like to know if that is the place i should start looking for a fix
-edit- just double checked (forgot scripts were on my phone... its been a long week lol) and you should just need to change the mount -t ext4 /dev/block/vold/179:3 to /dev/block/vold/179:4
Also, did you run the new mkdirectory script? If you have the one packaged with the image its out of date. The attachment on the fist post has the updated ones
Ignore all mmcblk's
For another "buffer" partition, you need t point the sdcard parts (mmcblk0p* and vold/179:*) to what yours are in /dev/block. In your case I think you just need to change any vold/179:3 to 179:4. If you go to /dev/block/vold it will have folders from each partition (they are numbered 0 and up, but 1 would be your fat32, 2 is ext2 so on and so forth)
When I'm near my computer ill figure out the full ones for you
Sent from my HD2 Pocket Laptop
can I get it for Htc desire..??
It should work, as long as you have a big enough sdcard, your phomes kernel suppers ext4, and you might have to change a few small variables
Sent from my HD2 Pocket Laptop