Hello,
I would like to extract the T9 DLLs from a WM2005 image (WM2k5_1.60a_XDA2_HIMALAYA).
I found some related links:
http://forum.xda-developers.com/viewtopic.php?t=19569
http://www.xs4all.nl/~itsme/projects/xda/dumprom.html
http://www.xs4all.nl/~itsme/projects/xda/spv-romlayout.html
None of these links has helped me though. I did get the nk.nba file. Dumprom doesn't seem to support extracting files from this type of rom, and I don't understand what additional steps I need to go through to do this. Can anyone give some additional clues how I can extract T9*.dll?
I've tried the search function to find this, but didn't find anything really useful. It surprises me, as I thought it would be a common question. Please let me know if there is some description of this that I didn't find when searching.
see http://nah6.com/~itsme/cvs-xdadevtools/dumprom/rdmsflsh.pl
it is not yet completely finished, i still have to figure out how to decompress data.
you have to fiddle a bit with the parameter of the script i think
and you have to extract the mflsh50 image to a separate file first.
the script does not automatically find the starting offset of the msflsh50 filesystem.
and see http://www.xs4all.nl/~itsme/projects/perl/ for nbfutils.
willem
thanks for your help. sadly to say, this is a new area for me. I'd appriciate some more help if possible.
itsme said:
it is not yet completely finished, i still have to figure out how to decompress data.
Click to expand...
Click to collapse
Does that mean it's not yet possible to extract the dlls I asked for?
itsme said:
you have to fiddle a bit with the parameter of the script i think
and you have to extract the mflsh50 image to a separate file first.
the script does not automatically find the starting offset of the msflsh50 filesystem.
Click to expand...
Click to collapse
I think you lost me here . Should I first extract this msflsh50 file? (how?) Then proceed working with this file? A step-by-step guide would be much appriciated
i wrote a wiki page describing how to analyze the rom:
http://wiki.xda-developers.com/index.php?pagename=TyphoonWM2005_RomStructure
will make something similar for himalaya.
In this page , you wrote :
then you can extract the contents of the xip files using DumpRom
mkdir files1 files2
dumprom -5 -d files1 xip1.nb
dumprom -5 -d files2 xip2.nb
Click to expand...
Click to collapse
the "-5" option is in a new version of dumprom ?
TofClock said:
the "-5" option is in a new version of dumprom ?
Click to expand...
Click to collapse
Thanks! However it didn't work as I thought.
Here's what I did:
1. Downloaded "WM2k5_1.60a_XDA2_HIMALAYA.rar", and extracted "nk.nbf"
2. xda2nbftool -x NK.nbf NK.nba 0x20040304
3. dumprom -d files -5 -v nk.nba
Code:
img 00000000 : hdr=900c898c base=900c0000 commandlineoffset=9007ffc0
img 00180000 : hdr=80307a2c base=80040000 commandlineoffset=7fffffc0
block 1 added buf=00440020 02000040
NOTE: removing 941651ee from e32 struct for nk.exe
NOTE: section at 00082000 iso 00009000 for nk.exe
NOTE: section at 0000c000 iso 00009000 for nk.exe
ERROR: could not find pointer for ofs 80307a2c
invalid romhdr ofs 80307a2c
9007ffc0 - 90080000 L00000040 unknown
90080000 - 900c0000 L00040000 NUL
900c0000 - 900c0000 L00000000 rom_00 start
900c0000 - 900c0004 L00000004 JUMP to kernel start
900c0004 - 900c0040 L0000003c NUL
...
So this doesn't appear to work very well. Is nk.nba the same as nk.bin? What am I doing wrong?
THATS TOTALLY AWESOME itsme THANKS FOR CREATING THIS Script .. it is really COOL .. TNX ..
logan said:
TofClock said:
the "-5" option is in a new version of dumprom ?
Click to expand...
Click to collapse
So this doesn't appear to work very well. Is nk.nba the same as nk.bin? What am I doing wrong?
Click to expand...
Click to collapse
for the meantime you can successfully extract the kernel Files of Wm2005 using dumprom -5 .. and you can analyze and extract some files of MSFLASH section of Wm2005 using the rdmsflsh.pl and -t HIMA parameter
-toe
problem is that dumprom does not handle multiple XIP sections in one rom very well.
that is why you should first extract them using
Code:
dump wm2005.img -o 0x400 -e 0x200400 xip1.nb
dump wm2005.img -o 0x210000 -e 0x3e3278 xip2.nb
other than that, dumprom says 'ERROR' maybe a bit too often, when it is not really an error.
toenailed said:
logan said:
TofClock said:
the "-5" option is in a new version of dumprom ?
Click to expand...
Click to collapse
So this doesn't appear to work very well. Is nk.nba the same as nk.bin? What am I doing wrong?
Click to expand...
Click to collapse
for the meantime you can successfully extract the kernel Files of Wm2005 using dumprom -5 .. and you can analyze and extract some files of MSFLASH section of Wm2005 using the rdmsflsh.pl and -t HIMA parameter
-toe
Click to expand...
Click to collapse
My dumprom.exe does'nt support the "-5" option ....
A new version ?
tnx so much for the info .. itsme ..
anyway .. how about in himalaya .. this is wat i done .. using the nk.nba
Code:
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb
mkdir files1 files2
dumprom -5 -d files1 kernel.nb
rdmsflsh.pl -t HIMA -d files2 MSFLSH50_2.nb >MSFLSH50_2.log
... did i do it right?? ..
tnx
-toe
toenailed said:
anyway .. how about in himalaya .. this is wat i done .. using the nk.nba
Code:
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb
mkdir files1 files2
dumprom -5 -d files1 kernel.nb
rdmsflsh.pl -t HIMA -d files2 MSFLSH50_2.nb >MSFLSH50_2.log
...
-toe
Click to expand...
Click to collapse
Ok , i use this but ...
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb --> OK , it makes a 256 Kb file
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb --> OK , it makes a 1280 KB file
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb --> OK , it makes a 3328 Kb file
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb --> OK , it makes a 27648 Kb file
mkdir files1 files2 --> OK for this
dumprom -5 -d files1 kernel.nb --> NOT OK , my version of dumprom.exe does not suppor the -5 option ... when i try to use it ,, i've got a screen 'help' that show me all available options :/
Where can i find the dumprom that use the '-5' option ?
Thanks
TofClock said:
Where can i find the dumprom that use the '-5' option ?
Click to expand...
Click to collapse
info: http://www.xs4all.nl/~itsme/projects/xda/dumprom.html
exe: http://www.xs4all.nl/~itsme/projects/xda/dumprom/dumprom.exe
logan said:
TofClock said:
Where can i find the dumprom that use the '-5' option ?
Click to expand...
Click to collapse
info: http://www.xs4all.nl/~itsme/projects/xda/dumprom.html
exe: http://www.xs4all.nl/~itsme/projects/xda/dumprom/dumprom.exe
Click to expand...
Click to collapse
Great thranks man
It works fine .... i'll try to cook the 1.60a rom of WM2005
TofClock said:
It works fine .... i'll try to cook the 1.60a rom of WM2005
Click to expand...
Click to collapse
Are you saying you managed to extract all files from "WM2k5_1.60a_XDA2_HIMALAYA.rar"? It didn't work for me
xda2nbftool -x NK.nbf NK.nba 0x20040304
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb
mkdir files_ipl files_MSFLSH50_1 files_kernel files_MSFLSH50_2
Click to expand...
Click to collapse
This works fine, at least no error indications.
dumprom -5 -d files_ipl ipl.nb
Click to expand...
Click to collapse
This extracts nk.exe (not sure if it's valid or not).
dumprom -5 -d files_kernel kernel.nb
Click to expand...
Click to collapse
This extract a bunch of files, they seem valid (I can see some exports from the dlls etc)
dumprom -5 -d files_MSFLSH50_1 MSFLSH50_1.nb
Click to expand...
Click to collapse
This gives an error message: unable to determine loading offset for MSFLSH50_1.nb
dumprom -5 -d files_MSFLSH50_2 MSFLSH50_2.nb
Click to expand...
Click to collapse
This just hangs forever eating all my CPU
Any ideas? Can anyone share the T9 dlls?
files_MSFLSH50_2 MSFLSH50_2.nb
is not a XIP type rom section.
you can extract it partially using rdmsflsh.pl, but rdmsflsh.pl is not entirely finished. it cannot extract compressed files.
toenailed said:
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb
Click to expand...
Click to collapse
Why i can't use dump? dump=dumprom?
I have try
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
and
dumprom nk.nba -o 0x40040 -e 0x80040 ipl.nb
but it is error
itsme , can yu help me on how to instal the XdaDev::NbfUtils module ...
it's necessary to use the rdmsflsh.pl ...
i've been look your site but i don't understand :/
khengvantha said:
toenailed said:
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
dump nk.nba -o 0x80040 -e 0x1c0040 MSFLSH50_1.nb
dump nk.nba -o 0x1c0040 -e 0x500040 kernel.nb
dump nk.nba -o 0x500040 -e 0x2000040 MSFLSH50_2.nb
Click to expand...
Click to collapse
Why i can't use dump? dump=dumprom?
I have try
dump nk.nba -o 0x40040 -e 0x80040 ipl.nb
and
dumprom nk.nba -o 0x40040 -e 0x80040 ipl.nb
but it is error
Click to expand...
Click to collapse
dump is not same as dumprom ....
you can download dump.exe HERE
and dumprom.exe with the "-5" option usable HERE
Ok , i've succefully installed the XdaDev::NbfUtils package
But i'm unable to extract files from MSFLSH50_2.nb
The script says to me
00000200: magic =00000000 != 2f5314ce
at M:\Qtek\MAGNETO\WM2k5_1.50i.96_XDA2_HIMALAYA\rdmsflsh.pl line 123
Click to expand...
Click to collapse
but no file in files2 :/
@TofClock
im so sorry if i mislead you ..
it should be "-t hima" not "-t HIMA" not capital letter as
Code:
perl rdmsflsh.pl -t hima -d files2 MSFLSH50_2.nb >MSFLSH50_2.log
make sure also to run the vcvars32.bat .. ..
-toe
Related
hi
the latest from 02 i have downloaded and tried but i keep getting the country error. i have also downloaded your rom and same thing happens. i am currently running
rom 1.72.00 wwe
radio 1.17.00
protocol version 1337.28
ext rom 1.72.181
i have only just realised the ext rom version is the same as the rom version i am trying to upgrade to are they the same. also the upgrade suite doesent work i have downloaded the individual software in the new rom but only some of it installed.
regards kev
Do you mean that when you attempt to upgrade you are getting a Country ID error?
If so, try looking at my post here - it may help you.
yes but i have followed your posts and i havent had any sucess i dont know if its me or the files i have aattached the command prompt blurb but i still dont under stand.
xda2nbftool -sd PH10 -so <02> -sl <language> NK.nba
xda2nbftool -sd PH10 -so <02> -sl <language> ms_.nba
xda2nbftool -sd PH10 -so <02> -sl <language> Radio_.nbaMicrosoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Owner>xda2nbftool -x NK.nbf NK.nba 0x20040304
WARNING: checksum is not ok, possibly you provided the wrong password
C:\Documents and Settings\Owner>xda2nbftool -x ms_.nbf ms_.nba 0x20040305
WARNING: checksum is not ok, possibly you provided the wrong password
C:\Documents and Settings\Owner>xda2nbftool -x Radio_.nbf Radio_.nba 0x20040306
da2nbftool -x NK.nba nk.nbf 0x89124137
too many args
Usage: xda2nbftool [-u] { -c | -e | -d } inputfile outputfile password
-c : calculate crcsum of file
-u : updates the calculated checksum
-e : encrypt inputfile
-d : decrypt inputfile
-x : xor inputfile with password ( should be a number )
-sd : change devicetype
-so : change operatorname
-sl : change language
-sv : change version
-v : verbose
HimaUpgradeUt v0400, v0500 use password HTC
HimaUpgradeUt v0600 uses password 921211
HimaUpgradeUt v0910 uses xor with 0x89124137, 0x25863614 or 0x12345678
HimaUpgradeUt v1000 uses xor with 0x20040304, 0x20040305 or 0x20040306
C:\Documents and Settings\Owner>xda2nbftool -x ms_.nba ms_.nbf 0x25863614
WARNING: this does not look like a nbf header, possible you provided the wrong
assword
C:\Documents and Settings\Owner>xda2nbftool -x radio_.nba radio_.nbf 0x12345678
radio_.nba: No such file or directory
C:\Documents and Settings\Owner>xda2nbftool -e nk.nba nk.nbf 921211
WARNING: this does not look like a nbf header
WARNING: checksum is not ok
C:\Documents and Settings\Owner>copy /y ms_.nba ms_.nbf
1 file(s) copied.
C:\Documents and Settings\Owner>copy /y radio_.nba radio_.nbfxda2nbftool -x NK.
ba nk.nbf 0x20040304
The system cannot find the file specified.
C:\Documents and Settings\Owner>xda2nbftool -x ms_.nba ms_.nbf 0x20040305
WARNING: checksum is not ok, possibly you provided the wrong password
C:\Documents and Settings\Owner>xda2nbftool -x radio_.nba radio_.nbf 0x20040306
its beyond me i am seriously thinking about forgetting doing it and leave it as it is.
regards kevin
OK. The output in the DOS prompt above looks kinda all over the place. You have copied files over other ones, etc and its hard to tell the order in which you have done things.
You need to start again with an untouched set of nbf files. Then follow the instructions in my post in the correct order.
originally I thought that it is dangerous to flash the phone with .bin file. So I planned to export the os.nb from the .bin file and make a .nbf file only using the os.nb. but after I created the .bf file with perl typhoonnbfdecode.pl, and use patch_RUU to flash the phone, patch_RUU displayed the message as the following picture saying that "invalid vender ID"
could somebody tell me what did I do wrong? (the original .bin is usable for flashing the phone)
the following is my failure process
1. exporting os. nb from .bin rom:
perl typhoonnbfdecode.pl -x 585yscn30w.bin
I got several .nb files
2. convert os.nb to nk.nbf:
perl typhoonnbfdecode.pl -s -r os=OS.nb -p device=SP3i -p language=ENGLISH -p magic=HTC -p operator=CDL___02 -p flags=17 -p version=2.0.33.21 -p blversion=2.0.3.23 -c nk.nbf
I also tried again getting the "-s" off:
perl typhoonnbfdecode.pl -r os=OS.nb -p device=SP3i -p language=ENGLISH -p magic=HTC -p operator=CDL___02 -p flags=17 -p version=2.0.33.21 -p blversion=2.0.3.23 -c nk1.nbf
3.use the .nbf rom and patch_ruuto flash the phone, but patch_ruu showed me the error page, how to solve this, please?
Hi,
I am experiencing some problems using dumprom. I downloaded it and extracted the content of an exe updater to get the "nk.nbf" os rom (w2k3).
After that, I tried ... :
Code:
dumprom nk.nbf -v -d toto
... to extract the content of this os rom but nothing happens ... dumprom seems to launch because the dos promt doesn't reappear and i need to quit using ctrl+c.
How can I extract files from 1.4x "nk.nbf" os rom (w2k3) ?
Thanks in advance,
Tristan
dumprom is working only with nk.nba files ...
you have to decompress nk.nbf in nk.nba with xda2nbftool or xda3 nbftool
First, thanks for your reply.
I tried to use xda3nbftool with the nk.nbf file I want to use but I got an error saying the password seems to be incorrect :
Code:
D:\HTC\ROMs\2003\BA_TMNL_14200_115_11300_Ship>xda3nbftool -x -t NK.nbf
xda3nbftool -x NK.nbf NK.nba 0xef29def0
WARNING: this does not look like a nbf header, possible you provided the wrong p
assword
xda3nbftool -x ms_.nbf ms_.nba 0x8e86c6cc
WARNING: this does not look like a nbf header, possible you provided the wrong p
assword
If I use the outputed nk.nba file, I got the same error ... dumprom hanging ...
I also tried to use the "Blue Angel Extended ROM Tool.exe" tool and got a nk.fat file but when I tried the dumprom tool on it, I got an error message :
Code:
D:\HTC\ROMs\2003\RUU_2.2_OrangeFR_v5.31.2.138_ship>dumprom nk.fat -v -d dump
unable to determine loading offset for nk.fat
I saw on Wiki that this tool only works with type I rom and the rom I am playing with is type II. They are talking about some tricks but I don't find them in the Wiki. If someone, know how to trick type II rom ...
No idea ?
Sorry. I need some help. I can't fight more
First, using Wizards ROM. It's simple:
Code:
dumprom -5 -d BootFiles nk.nba
rommaster -w 5 -d boot.hv -a boot.hv -o new.nba nk.nba
Everything looks almost good.
The same, but using BA WM5 ROM [both mamaich wizard port v2a and tuatara] - nothing looks good. Both dumprom and rommaster produces tons of errors.
Can anybody help? Please.
Ok. I've found the way, how to extract boot.hv. Here: http://forum.xda-developers.com/viewtopic.php?p=105694.
But still can't replace. Please help.
I'm learning rom building.
I used Rommaster.exe to extract XIP.BIN from nk.nba.But nothing (had not xip.bin-no thing).I made Bat file with code:
Code:
RomMaster.exe -w 5 -b 0x001C0080 nk.nba -x -o xip.bin >nul
mkdir XIP
dumprom xip.bin -5 -d XIP >nul
But only XIP Folder was made.In XIP folder- no thing.
=>>>Please help me how to extract XIP.BIN From nk.nba???
Thanks a lot.
Please help me how to extract XIP.BIN From nk.nba???
I made XIP.BIN successfully.