Thought more people would be interested. So I post it here. Now you can comfortably dial using any accented/language specific characters in smartdialer. You only have to modify your smardialing.dll for international characters:
http://buzzdev.net/component/option,com_simpleboard/Itemid,59/func,view/id,10204/catid,45/
8)
It only suprises me HTC smartdialer is written so badly that the look-up tables are hardcoded in the dll library. Isn't it narrow-minded? Why HTC cannot program the code to load the tables from the registry? I don't code, but don't they lack structural thinking at HTC? Best practices? Or maybe, they don't get it there are other countries in the world...
Good luck,
Seff
Is there a german version for the vario already? Don't know too much about HEX tables and stuff.....
Related
Hi - notice many having problems with country ID's and provider codes in XDA II images. The common complaints inexperienced people trying to use hex editors etc. I decided I would write a nice win32 GUI replacement for the er2003edit and the nbf2 tools to roll them into one easy to use application. I have also addressed the second prov/country in the ms.nbf so I think would be usefull to many less experienced users on the forum trying to flash new roms into there XDA II's
It so far will open and display the rom file as hex or ascii - and automatically works out the 'key' to decrypt the actual file (if its an nbf) etc - and all is funtional.
Have got it substantially finished - but am needing some feedback from other developers on a couple of technical issues.
Issue 1 is that I have noticed that the padding bytes in the older nk.nbf files are 00's - as opposed to FF's in newer nk's. Is this consistant across most images based on vintage etc (need this for auto calculate key).
Issue 2 is I have not yet worked out the checksum algo - which I am happy to experiment with - but I can assume seeing as both the apps I am trying to roll into one 'know' how to re-checksum the files etc - that someone here could explain to me how (if they see fit)
Not and issue - so Question 3 - are there any other functions that anyone here believes would be a good addition to this tool - speak up now (I am short of ideas here).
I will post app as soon as I egt the checksum working (which should be fairly soon if I can get the basic algo without too much work) as all the other bitsa and pieces are already functional.
cheers
^lave
Good Idea brother....
Waitng for it....
I have prgressed on application - have written the CRC algo now and working (better way to learn) - but am still lokking for some advice from the more knowledgable people on this board.
So far I can now re-checksum both nk and radio rom - but for some reason algo is failing on the ms_ roms - do I need to delve into structure a little further (ms being different to the rest as far as checksum goes) - or have I simply got a bug which only appears on ms roms (not too likely as working on multiple other roms).
Am able to decrypt the ms roms like the other but just not correctly CRC it - any clues anyone ????
cheers
^lave
See PM I sent you.
Sounds like a great project.
As I remember correctly, itsme also tried to calc CRC...not sure if he ever succeeded.
Personally, I can not help you.
@HappyGoat - yes thanks for the PM - that advice gave me some pointers and let me find a description of the algo which allowed me to write my existing work so far - I am perusing the source of xda2nbf to try to find answer for the ms_.nbf's as they definately seem to follow a slightly different format (ie I think either more header - or datablocks start at different point) with reguards the CRC therefore is different.
I did try to reply with thanks in PM but xda.developer was so slow at the time I gave up waiting for reply page after a few minutes. Thanks a lot for your input
cheers
^lave
OK - at last some progress - I finally worked out my bug crc'ing the ms_.nbf - was a silly assumtion that I had mada re the file sizes (ie radio 4MB + header) - (nk 32mb + header) - (ms 16mb + header - WRONG) - how about I check the filesizes - was missing 210 odd KB off the end in the crc - derrr.
Never mind - next question is an easy one and simply to prevent having to DL lots and lots of images - are all the MS_.nbf's a consistant size ??? - I have download 3 so far and they have been - but without download many many 40MB+ bundles - someone must know the answer to this one ????
cheers
^lave
PS what I am really looking for is a reliable method to identify one type of nbf from the next - trying to identify if filesize is the obvious answer.
Hi everyone - this is a totally useless version of app - from perspective has no write functionality yet and is very alpha. Idea is if anyone wans to have a play am interested in suscess or failure at opening different rom files. Is only design to handle XDAII images atm. Also interested in getting feedback on if the calculated checksum matches the one in the file. If anyone does get a chance to try out let me know.
cheers
^lave
More progress - a less useless version of the editor. Still treat with caution as is still beta and not a lot of feedback on compatibility wth a variety of NB10 roms yet.
Changelog:
several bugfixes
speed improvement in CRC
Write functionality
Plain to XOR and XOR to plain conversion
2nd details in ms_.nbf now working and editable
Allows changing the XOR key
If you save a file from the app with no extension or a non .nbf extension will save out plaintext rather than re-encrypting with the XOR key etc.
Again - if you download to play - consider giving some feedback on bug and features additions.
Cheers
^lave
good work!!!
Just an email to say good work as you don't seem to be getting much feedback for your program. The problem is that those who most need the program (noobs) are the least able to help, and those who can help don't need the program so are less inclined to help. There are some real whizzes lurking around here, some of them should be able to give you a bit more support.
Good Luck,
JJ
oh and the other thing is, if you want more coverage post this program as a news article on the main pageas it tends to stay up for a few weeks!
Thanks!!!!
Hi ^lave,
It's a very nice tool. Is this a alpha version, right? Will you are going to add more features, ie make change to the ROM content to prevent Authentication Check. etc.
I think you may need to change some label wording:
Provider ID ----> Country ID
Country ID ----> Language ID
Am I right?
Hello
Do you plan to adapt tools to 2020i (PH10C) Alpine ??
It will be greater to have tools to manage ROM on this PDA
Thank's for reply
Yes - is very early code still and I intend more features as I work things out. I only got my first PDA at Christmas just past (a bottom end iPaq - enough to catch the bug though)- and the O2 a few weeks ago so its still all new to me (yep I am a newbie).
Most of my more recent coding for past few years has been satellite related - so my terminology certainly has that bent at the moment and needs some serious work.
I certainly intend the app to be more universal as far as PDA models go - but of course that will rely somewhat on availability of hardware to test with (or alternatively people with other hardware to test for me).
Thanks for feedback and suggestions (I certainly need them at this stage of things).
cheers
^lave
Thank's
I can be tester for you on Qtek 2020i (PH10C) Alpine.
The extended ROM do work different than 9090, S100, 2020.
I have new registry entry and TRUEFFS_DOC that was for Extended ROM is now for Storage and EXTENDED ROM Profile is VDISK that use vdisk.dll.
I'm planning to develop a simple app for Smartphones generally and my friend's O2 XDA II mini (Is that the 'Magician'?) specifically.
The objective is to allow users to track the number of calls made or messages sent to a particular number or series of numbers which will be decribed by a wildcard string.
Basically my friend's subscription package from his service provider (Hutch) allows for 400 free calls to non-Hutch numbers and 800 free calls to Hutch numbers per month. So practically, all Hutch numbers begin with "9886", so a profile associated with the wildcard string "+919886??????" (+91 is the code for India) can be created by the user and all calls to numbers matching this profile will be tracked. Pretty basic kinda program.
Now, I'm relatively a noobie to Smartphone development - I've done some basic stuff using Visual Studio 2003 (Academic) and the emulator - never with an actual device.
Can anyone tell me where I can get emulator images for the XDA II mini? Further, I would greatly appreciate any advice or suggestions from the community. Better still, if any of you guys already has a program to do this, please tell me :wink: - it would save a lot of trouble!
I'm planning to develop using C# on .NET Compact 1.1
Oh, and any dev experimentation I've done so far was either on the Pocket PC or on the Smartphone. Anything I should know about coding for a device which is a combination of both these types?
Thanks.
hi
this looks like an idea that many could benefit from.. if you are making this application i would suggest you make it so that we (the non indian and non hutch users) can use it aswell...
good luck and keep us posted
Hi,
Can someone assist me with how i might go about decompiling or viewing a dll, making changes to it and recompiling it? What tools can i use to do this?
I have tried copying some of the dlls from my device over to my local pc, however most of the time i get an "access violation" message.
Further, i realize i can use idlasm to disassemble .net files, but it seems most of the more interesting dlls and files may be standard c dlls. How can i take a look at the code in these and modify if wanted?
thanks much.
farseer: what level of experience do you have?
V
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
was that the wrong answer?
farseer said:
I'd like to think i am decent developer, but that may be in my own mind
However, i do not do a lot of "hacking", i.e., have not had the need to do much reverse engineering. I have been coding ground up apps for over 10 years however, uisng C++, Java, C#, VB, etc. You name the language, and i've probably done something in it .
vijay555 said:
farseer: what level of experience do you have?
V
Click to expand...
Click to collapse
Click to expand...
Click to collapse
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Ah, thanks much, this was helpful. I do have a few follow up questions:
1. Is "Arm assembler" different than standard assembler? If so, any suggested readings?
2. There are some dlls that cannot be copied to my local pc (i get an access violation i believe). How does one extract an image of such dlls?
3. Where is the WM5 source code? and why would i need to read this to be able to hack/patch dlls?
thanks again.
mamaich said:
The correct answer should be "I know ARM assembler language, the structure of Win32 PE files, I know what is XIP DLL and why I cannot modify them directly, and I have read the WM5 source code".
In this case the process is simple - you decompile a DLL with IDA (www.datarescue.com), find the place you need, modify the code to suit your needs - and that is all. In most cases there is not enough place in DLL for your code, so you need to use virus-like techniques, my prefered method is to patch the code so that it loads my DLL and run it instead of original code. Or use some other hooking methods so that my code is executed instead of original.
Click to expand...
Click to collapse
Hi farseer!
I am nowhere near the level of mamaich or vijay555 but I have some experience in this and I believe I can give you some basic answers:
1. ARM is a different architecture then x86 processors and the assembler is different to accommodate it. There are some basic similarities like mov add and such, but even the registers are different (R0 - R15 if I am not mistaken). Sorry, I don't know any books on it, but if you google you will quickly find the list of commands with basic explanation.
2. Since the OS is in ROM you can't just copy and paste it's DLLs and EXEs. Look for ROM dumping tools on this forum, or already extracted images on the ftp. Keep in mind MS did some tricks to save memory and make it harder to get at the files, so like mamaich said, you need to learn about XIP and the ROM structure in general to understand whats going on.
3. Hmm... MS does have a program for sharing most of WM source code, but it's not for common people like us. (check out their site to see what I mean) I suspect there are other sources of getting the parts necessary to understand DLL hooking, but I have no idea what they might be.
Well that's my two cents until an expert can answer you. Hope this helps.
farseer: you gave a perfectly good answer IMHO, just needed to get an idea of what level to pitch a response without talking up or down to you!
It's well documented that I'm a self confessed newb to c++, and would say that your programming skills should certainly hold you in good stead. However, having a good knowledge of the Win32 API is certainly beneficial.
For decompiling, basically IDA. There is an IDA demo available on their website that should get you going, it's pretty much 100% functional other then it won't save, and closes itself (or crashes itself) after a reasonable, random period of time. IDA is "the daddy" for pretty much all mainstream reversing, although you could write your own decompiler/debugger.
Recompiling - that's a toughy. IDA won't permit recompiling on ARM AFAIK.
You'll have to hexedit into the target and patch directly. Otherwise you get into the exciting world of code injection, hooking etc, as Mamaich says.
For that area, read everything he's ever written, before you start reversing
Oh, and a helpful hint to all. Don't just read what Mamaich's written on this board, his posts on other boards are even more useful!
It's worth getting a good familiarity with reversing on x86 first, get used to how IDA works etc (and Soft Ice is very useful to give a good insight into x86, although AFAIK it's not available for WinCE). ARM assembler is different, but just grab a list of the opcodes and read through a few CPU developers' guides (online).
There are a number of tutorials on reversing ARM stuff online. In the usual places for that kind of stuff.
For getting access to the ROM files, easiest way is to grab a rom update file and decrypt it. Mamaich is once again your man, his romtools do the job. He also has a "live" rom grabber, that'll grab all the files/modules out of your running phone for your perusal.
Platform Builder is available free to give you (some) WinCE source code. Not all, but enough to give you years worth of reading.
V
Thanks all...very kind of you to respond in such detail. I look forward to dabbling a bit with IDA and some of mamaich tools. I suppose the first order of business is to do a lil more research and then just dive in! It's been a while since i wrote any assembly code (not since college!), but i am a bit excited at having an excuse to do so again.
thanks again.
Just remember that unless you really luck out and the developer left the symbol table intact, you're going to end up with garbage for the names of variables and subroutines.
I hate reading decompiled code.
Hello!
(sorry for my english)
Is there any way to find the presence of full-sized keyboard on PPCs and smartphones (700w or MotoQ for example) ? I'm writing my own custom-gui app and I need to translate VK_0 - VK_9 events correctly into chars or numbers depending on keyboard/keypad type..
Sure. Just look for the HKCU\SOFTWARE\Microsoft\Shell\HasKeyboard registry key. If it's 1, then the device has an Hardware Keyboard.
Linky linky: http://www.microsoft.com/downloads/...AA-ADA2-42D4-8B70-95DC7D8F678C&displaylang=en
It's .NET managed code, but shoud give you the idea on how to interact with keyboard and remap keys. Among other things.
Note: this key is Vendor dependant. I got it on my TyTn, but I can't say for sure on a Treo.
I had developed a software. The software are using the external dll library, how can I compile the exe embedded *.dlls??
PS: I am using a VS 2005, Language: VB.net
Also I would like to know how to protect my application code avoid the decompiler to decompile ???
sorry for my poor english.
Welcome to the forum.
Your English is fine, but unfortunately there is no simple answer to your questions.
I will start with the last one first:
There is no one simple way to protect your code. There are whole books and articles written on it and if you google you will even find commercial products that "scramble" compiled apps to make it difficult to disassemble and reverse engineer.
Unfortunately I can not give you more specific info like book titles since I am not too interested on the subject.
I can tell you this: whether you app gets hacked or not is a matter of how much it costs vs. how useful / desirable it is. That means that if your program is really grate and everyone wants it but it costs a lot someone will put in the effort and eventually crack it no matter what you do.
As for your first question: unless you have source code or the obj files for the DLL to link to there is no way to combine it with your exe. If something was released as a DLL library and only as a DLL library it will remain just that.
Like mentioned above; the only possibility to 'protect' your .NET application is to obfuscate the code. there are some good (but commercial) tools out there. Google for it and if you're lucky you can find a comparison as well. (hopefully somebody tested some tools already to compare them)
You cannot recompile a DLL unless you've the source code as well.
it's easier to do if one dont use .net