i have just unlocked my galaxy ace for free without bricking
what i did was this pluged phone into ace opend cmd and typed this
adb shell
su
cat /dev/bml5>/sdcard/bml5.img
this saved the bml5.img to my sd card i then moved the bml5.img to pc
and opend it with HxD then i search for this hex code two times
[00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 FF FF FF FF FF FF FF FF FF FF FF FF FF FF]
then i looked down a thow lines and the was my 8 digit code i then toke out the battery and put a diffront carrer sim in and turnd the phone back on enterd the code and it worked
i found out about this from here thanks to tweakradje
rickwyatt said:
i have just unlocked my galaxy ace for free without bricking
what i did was this pluged phone into ace opend cmd and typed this
adb shell
su
cat /dev/bml5>/sdcard/bml5.img
this saved the bml5.img to my sd card i then moved the bml5.img to pc
and opend it with HxD then i search for this hex code two times
[00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 FF FF FF FF FF FF FF FF FF FF FF FF FF FF]
then i looked down a thow lines and the was my 8 digit code i then toke out the battery and put a diffront carrer sim in and turnd the phone back on enterd the code and it worked
i found out about this from here thanks to tweakradje
Click to expand...
Click to collapse
Id still take care doing this, ive heard nothing but horror storys from unlocking the ace. Well done for your sucsess mind.
Sent from my GT-S5830 using xda premium
with this you dont need to touch the efs folder so it sould not brick heres the hole thread http://forum.xda-developers.com/showthread.php?p=17148825#post17148825
To successfully get the unlock code, you have to leave the original locked provider's SIM in the phone.
At first I've removed the SIM and get 0123456 code using the BML method. Then reinserted the SIM, and was able to find the proper code.
I've cat'ed the partition three times, but no any damage. Already rebooted the phone several times, still OK.
So it's really the safe way!
How this process works? it needs the usb cable? I did not understand how and where we type this commands! thanks for helping!
wagnermeier said:
How this process works? it needs the usb cable? I did not understand how and where we type this commands! thanks for helping!
Click to expand...
Click to collapse
adb sdk i think.
That file is the imei??
Pallares3 said:
That file is the imei??
Click to expand...
Click to collapse
No!
This file is the printout of the partition, where the IMEI resides. While this file is not a binary dump, I'm afraid it's useless for accessing the imei
Sent from my SGS using Tapatalk
wagnermeier said:
How this process works? it needs the usb cable? I did not understand how and where we type this commands! thanks for helping!
Click to expand...
Click to collapse
You need:
-Installed KIES or Samsung usb driver
-Android SDK
-USB cable
-rooted Galaxy Ace
And use the commands mentioned before.
Sent from my SGS using Tapatalk
oh oh , thank you for you share
I have just returned home with a replacement device after bricking my 1st one within an hour of buying it trying another method of sim unlock!
Is this method at all risky as i don't think i will get away with another replacement from the same shop for the same reason!
Informed opinion would be much appreciated.
Well, all I can say is that this worked for me without any problem, unlocked and IMEI ok.
There are some FW (ROMs) that reinforce network lock, you may also take a look in your CSC section and make sure that inside the feature.xml file there is no line(s) for this network lock.
<force_network_lock>true</force_network_lock>
Regards
[email protected]
[email protected] said:
Well, all I can say is that this worked for me without any problem, unlocked and IMEI ok.
There are some FW (ROMs) that reinforce network lock, you may also take a look in your CSC section and make sure that inside the feature.xml file there is no line(s) for this network lock.
<force_network_lock>true</force_network_lock>
Regards
[email protected]
Click to expand...
Click to collapse
Thanks for the answer.
I've allready taken the plunge and everything is good.
[email protected]
I have tried to apply the unlock code without succes, I went to review the feature.xml file and found the <force_network_lock>true</force_network_lock>, my operator is telcel from Mexico.
How can I edit the file and please tell me if I only need to delete de line
Thanks
Yes, you only need to delete the complete line, I will recommend also a complete wipe just to reinforce that the CSC config is loaded correctly after deleting that (those) line(s), remember you will lose all your data so please backup.
Regards
[email protected]
Hey ppl,
I need help, Ive unlocked my s5830 using the unlock method, it unlocked the phone as when I call *#7465625# , it comes up saying that the network lock if off but unfortunately when I put in any simcard inside it comes up without any reception?
It was locked onto Three(UK) and i've tried Vodafone, o2 and a Orange sim inside of it but to no avail, its the same problem. (I do not have a Three sim with me.)
I've even tried re-flashing the OS, degrading from 2.3.3 to 2.2, and from there to 2.3.5 but it hasnt fixed the problem.
When I do put in a sim card insdie of it is showing e.g. Vodafone written on the screen.
My IMEI number is working properly, so are the other things in the phone.
What could the problem be?
My firmware is: S5830XWKPW
Eduardito
Google linuxman galaxy ace. He describes buying a telcel ace and unlocking it for movi
Enviado desde mi GT-S5830L usando Tapatalk
Hi, as you can see I'm a noob (loved the video btw) anyhow, I bought a 2nd hand Galaxy Ace which is locked to O2 (bought with smashed digitiser which I have replaced without any probs) I just can't seem to get the thing unlocked :\
O2 say the handset can't be unlocked till the handset had been used with one of their sims in it for 12 months (July 2012)
Have tried buying 2 different unlock codes, neither have worked Been into a shop in town today only to be told they are not unlocking Galaxe Ace's any more due to probs!!
Have read through this thread but I don't understand where to start (see, said i was a noob) Can anyone talk me through it or point me to a step by step guide?
Thanks
Shan
shanf said:
Hi, as you can see I'm a noob (loved the video btw) anyhow, I bought a 2nd hand Galaxy Ace which is locked to O2 (bought with smashed digitiser which I have replaced without any probs) I just can't seem to get the thing unlocked :\
O2 say the handset can't be unlocked till the handset had been used with one of their sims in it for 12 months (July 2012)
Have tried buying 2 different unlock codes, neither have worked Been into a shop in town today only to be told they are not unlocking Galaxe Ace's any more due to probs!!
Have read through this thread but I don't understand where to start (see, said i was a noob) Can anyone talk me through it or point me to a step by step guide?
Thanks
Shan
Click to expand...
Click to collapse
Edit: You need Android SDK Platform-tools for this
Sent from my GT-S5830 using XDA App
Is that something that a beginner can do? or should I leave it? I don't want to muck it up
Related
So I felt bad about *****ing at a bunch of n00bs so I wrote up a quite guide specific to PDAViet roms since that's what I use.
http://wiki.xda-developers.com/index.php?pagename=PDAViet Upgrade Tips and Tricks
If you have a tip/trick relating to any PDAViet rom, you can PM me to add something, or better yet, since this is a wiki, ANYBODY can edit it. just click the "edit" button at the bottom and just follow the syntax. I'll probably check now and then to fix up formatting issues, but we all need help with content.
mr_yellow said:
So I felt bad to *****ing at a bunch of n00bs so I wrote up a quite guide specific to PDAViet roms since that's what I use.
http://wiki.xda-developers.com/index.php?pagename=PDAViet Upgrade Tips and Tricks
If you have a tip/trick relating to any PDAViet rom, you can PM me to add something, or better yet, since this is a wiki, ANYBODY can edit it. just click the "edit" button at the bottom and just follow the syntax. I'll probably check now and then to fix up formatting issues, but we all need help with content.
Click to expand...
Click to collapse
Nice work! I'll be installing 4.0.0.0.0.0.00.0.0.0.000.6 (kidding ) tomorrow, maybe I'll write some help
mr_yellow said:
So I felt bad about *****ing at a bunch of n00bs so I wrote up a quite guide specific to PDAViet roms since that's what I use.
http://wiki.xda-developers.com/index.php?pagename=PDAViet Upgrade Tips and Tricks
If you have a tip/trick relating to any PDAViet rom, you can PM me to add something, or better yet, since this is a wiki, ANYBODY can edit it. just click the "edit" button at the bottom and just follow the syntax. I'll probably check now and then to fix up formatting issues, but we all need help with content.
Click to expand...
Click to collapse
Thank you for your nice work! It's very helpful for newbie
Commom Glitch
Hi,
I guess this is 'Bible' for Nubes Gr8 work Yellow... But I think we might have to add one more common problem - The vanishing act of email accounts... I didint edit it since i donno the reasons or the work around... Could some one update that????
Riyaz Hyder
Updated it with new info...
Again, updated with a short thing about losing settings while soft resetting.
Hello,
Please add this, how to change the pool size
1) download XVI32 (freeware hex editor)
2) open OS.nb
3) find ascii NKKD8
4) find it again (next occurance)
5) find hex value FF FF FF FF FF FF FF FF 9B 4F FF FF 64 B0
6) you will see "8C 00 00 C0 00 00". the pagepool size is C0 (which is 12MB)
7) change it to 80 to have 8MB, or 40 60 for 4MB 6MB respectively.
8) save and reflash
if you backup everything before reflashing the same rom and restore after the flashing (using spb or sprite backup) everything should be fine.
Click to expand...
Click to collapse
Thanks for the submission. I've added it. It's not really pdaviet related so I added it to the ProphetFAQ and make a link.
FYI to the everyone. The wiki is editable by anyone. If I'm not responding, you can add stuff you feel is important to the wiki yourself. Don't be afraid to click the edit button!
I use the lock password and there is no problem for me... I used it with pdaviet, pdamobiz and gollum roms...
I think the lock password isn't saved if you soft reset. Try locking the device, THEN soft resetting.. do you have the guts to try? only option afterwards is to hard reset... =)
Is thier a way to make the page pool smaller. I don't care if my device runs slower it is better than doing a soft reset a couple of times a day.
their is a tool called pagepoolchanger for this and you can change it before flashing you just need to use it on ruu file first you can get it on ppc geeks or i can send you it if you need just pm me your email
i tried all the pagepool changers out there.. none change it below 6mb on the official 6.1
You can change the page pool with ppc kitchen..
cali_boxer_916 said:
You can change the page pool with ppc kitchen..
Click to expand...
Click to collapse
for the 6.1 it changes the hex during the first ff ff ff, etc sequence.. not the second one.. if you want to change it.. from ppc kitchen keep it at 6mb and then go in manually using a hex editor and change it your self in the SECOND ff ff ff series hex code for the page pool. thats what i did.. n finally it worked!
uhh, this pagepool changer goes down to 4.00 if you wanted it.
I have created a simple front end to Paradis_Pals change page pool through activesync method. This was done as an experiment, but seeming as it works, I thought I may as well let others use it.
Thanks to Korand for patching the batch files.
Download and unzip the files to anywhere.
Connect your device with activesync
Run l3v5y Change PP.exe.
Select the PagePool you want.
Wait a few seconds.
Soft reset your device.
Download (Change PP for WM6, WM6.1 for WM6.1 devices):
Below
Skydrive
thanks im going to try it as soon as i can...
console output:
>"pdocwrite" "6.nb" 0x36855A
3 partitions, 2 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 20 2a 02 04 15 39 11 1e 15 0b 05 b8
CopyFileToTFFS(6.nb:0, 36855a, 00000001)
but nothing happend.. how i check if pagepool is changed? Settings->System Info -> memory??
great job my friend i will try
how i check if pagepool is changed? Settings->System Info -> memory??
Click to expand...
Click to collapse
Or
Setting, About???
Thanks...
Is Change PP E-ten X500+ compatible (WM6)? Tested?
What "rake" I have or will have?
Suitable for HTC Prophet only at the moment.
i'm new to all this...could you explaing what Page Pool is and benefits of its increasing?
Di-Ma-Z said:
i'm new to all this...could you explaing what Page Pool is and benefits of its increasing?
Click to expand...
Click to collapse
Copied from here: http://blogs.msdn.com/windowsmobile/archive/2005/11/17/494177.aspx
The Page Pool
Applications use RAM in two ways. There is code that runs, and there is data that is created while it is running. On a NOR device, the code can run directly from the ROM and not be loaded into RAM first. This process is called XIP (eXecute In Place). NAND devices can't XIP, so their code is loaded into RAM and executed from there. If you don't have a Page Pool, this code is loaded into normal RAM. The Page Pool is a mechanism to limit how much code is loaded into normal RAM. With a Page Pool, we can unload code that hasn't been used in a while and reload it later if we need to. We can't do that without a Page Pool.
LordDeath said:
Copied from here: http://blogs.msdn.com/windowsmobile/archive/2005/11/17/494177.aspx
The Page Pool
Applications use RAM in two ways. There is code that runs, and there is data that is created while it is running. On a NOR device, the code can run directly from the ROM and not be loaded into RAM first. This process is called XIP (eXecute In Place). NAND devices can't XIP, so their code is loaded into RAM and executed from there. If you don't have a Page Pool, this code is loaded into normal RAM. The Page Pool is a mechanism to limit how much code is loaded into normal RAM. With a Page Pool, we can unload code that hasn't been used in a while and reload it later if we need to. We can't do that without a Page Pool.
Click to expand...
Click to collapse
Please tell me which size of Page Pool is best for HTC Prophet?
thanks so much
I can tell you only my personal experience:
Compared to the previous 8MiB Pagepool on my device the 4MiB Pagepool is not slower, but I have more free memory.
The bigger the Page pool, the more programs you can run at the same time without the system being dodgy. You have less RAM available for your programs though.
6MB should be enough in both ways (free ram and amount of apps you can start simultaneously) If not, try 8MB.
You can go up, but only if you have more than 64 MB of ram in your device, then it won't hurt to have more Page pool imho.
helllo, I'm new in the world of the cooking, and i want change PP on WM6.1 on the OS.nb or MyRom.nbh
A solution exists for this release of Windows Mobile ??
Sincerely
Is it for a prophet ROM? as far as I can remember, the prophet uses *.nbf...
You should be able to use this with nb2nbf program, but I'll need to find the start address...
edit: start address is: 0x58956...
Sorry, i've don't see that this section isn't good, I've a HTC elf and not a prophet !
But I don't find for Elf !
Something is wrong...
I wanted my PagePool to 4MB...but at least i only have 44MB RAM instead og 52MB...
6MB PagePool is working fine...
Can you please fix the 4MB-Problem?!
I think that means it has flashed the wrong PagePool size. I shall see what is wrong, and try to fix it as soon as I can.
l3v5y said:
I think that means it has flashed the wrong PagePool size. I shall see what is wrong, and try to fix it as soon as I can.
Click to expand...
Click to collapse
Thanks a lot
One quick thought: Prophet Tools (link in my signature) has the WM6.1 page pool settings. See if that works for you and if not I'll check that out as well.
l3v5y said:
One quick thought: Prophet Tools (link in my signature) has the WM6.1 page pool settings. See if that works for you and if not I'll check that out as well.
Click to expand...
Click to collapse
Oh...this is a great tool
But i can do what i want....my RAM is not more then 50MB...and this is the result when flashing the PagePool to 6MB...
But i want to have to Flash the PagePool to 4MB, so that i have 52MB RAM
Please fix this...thanks...
As per the following thread
[HOWTO] GT-I9100 Free SIM Unlock via nv_data.bin by Odia
http://forum.xda-developers.com/showthread.php?t=1064978&page=43
"
If you cannot find a block which looks like hashes @ 0x181460, then search for SSNV and add 5216, but from the files which I have seen the block appears to be fixed @ 0x181460.
"
there should be something @offset 0x181460, but the nv_data.bin that I extracted from a Bell Galaxy S II has only empty data arround that spot.
Besides that, the nv_data.bin is 2MB instead of several hundred KB.
I don't quite understand what does the "search for SSNV and add 5216" mean.
Since I'm green and not allowed to post in development portion, hopefully this post might attract some attention of people in the same situation.
There are your locks, changing that to 00 00 00 00 00 should unlock your phone.
Make sure you have a backup of your original nv_data.bin somewhere in case something goes wrong.
The reason you're having issues with the tutorial you linked is because your hex editor's offset base is set to decimal, you might save yourself a lot of headaches if you switch to hex.
Use this app it works on the Bell S II
https://play.google.com/store/apps/details?id=com.helroz.galaxysunlock
Ok. So here's the deal:
My SGS3 I9300 exynos phone did the famous IMEI 0049 and SN null trick.
I cannot say what precipitated it but is simply stopped registering on the network, so no calling or data. All other functions operational.
After much searching and reading, I settled on flashing the stock 4.3 back. This succeeded only in doing absolutely nothing to alleviate this issue. I wiped the entire phone. Maybe I missed a critical section wipe, but since the stock ROM overwrites all? the CSC/BL/MODEM functions I thought it would set the default for EFS (which I believe is where these critical data live). I'm not a programmer so I cannot say diddly about the architecture and interrelationship of OS files, but I am technical and I know how SW and HW does what it does.
This phone is my own and I have all the rights to it.
I had loaded RRemix ROM a loong while ago and it was functioning fine. Probably a corruption of the EFS due to battery contact being loose. This is in my mind the most likely cause as the system may be accessing the EFS files, say making a call, or accessing data, and the power drops out and voila! Corruption. But again this is theoretical.
Needless to say I tried the usual hocus-pocus out there with no avail.
Getting to understand the system better it seems obvious that these critical identification numbers are hard-coded into the chips on the phone. Which explains the ability to 'fix' them with JTAG and other cable/box solutions and SW. However, I cannot see how the SW loses the ability to read the IMEI/SN that is hard-coded (fused?) into the main-board.
All my research pointed to the EFS files having something to do with this.
Way back when I loaded the custom ROM I did not come across the 'backup your EFS' as a necessary step, so I had nothing to go back on.
And loading the stock 4.3 ROM back on and not having that fix the issue, led me to believe something else was up.
Somewhere in the guts of this phone something is screwing up the layer between reading the registers where the numbers sit and the software layer that reports the numbers.
So, much searching led to the nv_data.bin file being a key component in all this fiasco.
Now, before I say any more, I believe that describing the next steps could be a big no-no here.
Now, understand, all I want to do is get MY personal device working again. I have the SN and IMEI numbers on the physical device.
Sure, I could have stolen it and am attempting to change these to avoid prosecution. Anyone can say anything online.
Therefore, before I can proceed, I need advice from moderators and VPP to either say 'Yes you may post this info' or 'No. Go away'.
Am I allowed to do the following:
1) Describe how I restored my IMEI (Not changed, overwritten, or subverted to my limited knowledge)
2) In the case of 1 not allowed, post the link to where I found the info to achieve this.
3) Submit the 'fix' to a moderator or developer to check whether this is indeed and restoration or a change.
If it's a restoration of existing functionality, I cannot see how this could be a problem. If its changing something, then it's a whole other sack of ferrets.
My reasons for posting are that xdadevelopers has given me years of joy with my SG devices. (Yes, I have the whole range exclusively) Many ROMS, customs, fixes, hints and saves deserves something back, and the difficulty in achieving this particular fix, warrants it.
But I don't want to break any rules, this being my first post.
So, please let me know what I can do to help others stuck in this position...
You can find it if you have the correct search parameters. Perhaps I can say that instead?
Thanks.
And thanks to all who have helped over the years.
T
[Edit] Just to clarify, the solution requires no special HW or 'boxes'. You do need root, however, and a hex editor. I had a reply explaining the use of Octoplus, which requires credits and registration. You will need none of those.
I can't speak English but I will try.
1- flash stock firmware.
2- root your device s3 .
3-in the web download " octuplus crack box"
4-in youtube see how install " octuplus crack"
5- before install stop your antivirus PC
6- open octuplus and connecte your phone with PC
7- chose your device i9300 .
8 click repair imie
9 click read info and do what OCTU said to do.
10- click repair or write the true imie in your device ( remove battery to see)and click repair.
11- restart phone .
12- see: call work fine
13- in phone go to mobile network\ access point names\ apn's
14- write your network.
TrinityTrip54 said:
Ok. So here's the deal:
Repair is ok Change or Modding is now:good::good::good:
Click to expand...
Click to collapse
How to restore corrupted or null 0049 IMEI on SGS3.
Right.
Thanks to the moderators for agreeing to let me share the solution. :good:
Thanks to the reddit poster who found this solution. I don't know how the hell you figured this out, but big-ups to you. For privacy I will not mention names or addresses.
You do need a rooted phone and I cannot assist anyone without root as I have not tried it.
Whether this only works to restore a corrupt IMEI or change it, I cannot say, but it managed to restore my existing one.
Preparation: Get your IMEI number from under your battery compartment. Say your IMEI no. is: 123456789101213, write/type it in the following fashion: 1 23 45 67 89 10 12 13
Now some funky transposition: Excluding the first number, transpose the subsequent pairs of numbers so that you have: 1 32 54 76 98 01 21 31. Can you see it? Swap 23 to get 32. 45 to get 54 and so on.
Now add 08 to the beginning and add A after the 1 so that the completed number is: 08 1A 32 54 76 98 01 21 31
Now you will need:
Rooted Galaxy S3 (This may work for all android devices that have an EFS folder. If anyone can confirm that would help others.)
Hex editor (PC based or Android app) - PC is faster and easier. I used hex workshop trial version but I'm sure any editor will do. I used the default install configuration.
USB Data cable (if using PC editor mentioned above)
You should probably back up the EFS folder entirely, just to be sure.
Using your favorite root explorer browse to root/EFS folder and copy the nv_data.bin file to an accessible area in sdcard. I use a /sdcard/Downloads folder.
Either open the file with your hex editor app or transfer the file to PC where you can open it with your hex editor program.
Open the file and jump to address 00550.
Now, get your modified IMEI number from the prep steps above and enter the values in the ASCII TEXT window to the right, NOT the HEX values window to the left. This may be different for other editors but hex workshop works like this.
Double check your address and entered data. When satisfied, save the file and transfer back to the phone if copied to PC.
Now, place the phone in Airplane mode, turning off the cell radios.
Go to the EFS folder and rename the original nv_data.bin file to something else. I used nv_databak.bin.
Copy the modified nv-data file into the EFS folder.
Turn off Airplane mode and do a full reboot.
Your IMEI number should be restored and cellular functions should work.
My previously garbled serial number was also restored.
I hope this works for you. I have no knowledge of any other method as I did not delve further into trying other numbers or such. I can't assist any more other than further clarifying the steps above if you don't understand something.
If anyone can decipher what is going on here, I would love to hear about it. I suspect something between the HW and SW layers is getting garbled or corrupted and this kick starts the process to get the correct data again.
Maybe.
May also contain nuts.
Hastalavista.
T
THANKS FOR POSTING THIS HERE!
I have this Samsung Galaxy S3 that I bricked 4 years ago and never wanted to sell it or even try to give it away. I searched for months for a frekin solution to this problem. Yesterday night i decided i wanted to try and install custom roms on it and so i wanted to give another shot at this stupid issue i had with the lost IMEI before doing so...and BAM! Today it's fixed!
I'm so thankfull I wanted to post here so that you know that you helped at least one person with this
Thanks a bunch!
@TrinityTrip54
Hi,
can you confirm that this is a permantent solution and remains when flashing new (custom) ROMs? Or is it just for the current installed ROM?
And I am having an issue with "jump to address 00550" in Hex Workshop. There is no address like this, just 540 and the next one is already 558. When inserting 00550 in the goto search field of Hex Workshop it jumps to 210. Any idea?
thanks anyway.
bert