So, I've been learning about all this rom cooking you guys have been doing, and I'm really excited. I've got an Apache, and I want to start building custom ROMs, but it looks to me like none of the avaliable software can decrypt the apache .nbf files. Is that right? What can we do to fix that? It looks like xda3nbftool.exe could do it if we had the password, which I haven't been able to find... Do we have that password? If not, how were the other ones found? I have a good grasp of all the other ROM cooking tools, so all I need is to be able to decrypt the files... I want A2DP and Push e-mail too!
Thanks,
-Taylor
no one?
-Taylor
I am so glad that people are working on this. It was a serious let down when the rom update for the 6700 had no A2DP.
please if any of the gods here can help it would be greatly apreciated by a lot of people.
thanks
I hope someone is able to port A2DP to the PPC-6700 (Apache) soon. I am hearing about new & older phones daily that are supporting A2DP, just not the 6700!
I'd also love to see someone cook up a rom with A2DP built in as well. There is a lot of talent here, and you've all been very helpful in the past. Maybe we can keep this streak up?
$50 from me to anyone who can get me A2DP on my apache. lol
-jeff
for what its worth, im willing to help test any files, roms, hacks, cracks, or whatever to get this workin. i wanted a2dp and avrcp, and have been sorely disappointed since i got my 6700...its sad when the 6600 has it and the 6700 doesnt. i shoulda bought an older, outdated phone, it'd have been better.
Facegarden - I hope someone can help with your request
Facegarden, I have been tracking your committment to getting A2DP working on the PPC6700 phone. I hope one of the other developers can offer you the assistance you are requesting. Sadly I am not able to offer more than my words of encouragement and my phone as your guinea pig.
Casey
Facegarden - I hope someone can help with your request
Facegarden, I have been tracking your committment to getting A2DP working on the PPC6700 phone. I hope one of the other developers can offer you the assistance you are requesting. Sadly I am not able to offer more than my words of encouragement and my phone as your guinea pig.
Casey
Add me to the list!!
Sign me up! I am also interested in A2DP support in the Apache (XV6700).
I can't help with coding but willing to beta test. This issue needs to be solved, there are older phones (PPC) and Palm devices supporting this.
If WiFi needs to be turned off because of RFI, so be it, that's no big deal!
Anyone?
Hey, I'm glad you guys are supporting this.
Here's what I know, and what you can do to help:
The files we need to decode are .nbf files, extracted from the .exe file for sprint's update. Just throw the sprint installer (found here: http://www4.sprint.com/pcsbusiness/downloads/APAC_SPCS_20600_300_11200_ship.exe ) into WinRAR, and it will extract it (yes, some .exe files can be extracted... I didn't know that at first...)
Anyway, once it's extracted, you should have one folder, with two folders inside. The interesting one for now is the "output" folder, which contains some encrypted ROM images, including nk.nbf, the encrypted main ROM. This is where apache owners seem to be stuck. Scripts and programs have been written for the other devices' ROMs to decode them into a workable file (an .nba file). We need to figure out how those decryption keys were determined, so we can do that with our files.
Furthermore, someone needs to help us make a program to actually do the decryption if existing tools don't work, because as much as I can use existing software, I can't code this kind of stuff for crap (i can do microcontrollers though! )
Anyway, there are some perl scripts that seem interesting, but from what I can tell, they don't work with Apache ROMs...
So, here are some more links to help:
More info on TyphoonNbfTool, the perl script (though it has been compiled in various flavors into .exe files by some nice people), can be found here:
http://forum.xda-developers.com/viewtopic.php?t=43689
I looked a bit for the different .exe versions of TyphoonNbfTool mentioned in that thread, but only came up with v05 attached to one of the posts... Maybe the Apache has a header like the others? v05 didn't seem to work.. maybe the others? I haven't had a chance to look hard enough for those .exe files yet (i've been really sick the past few days ), but maybe they'l work?
Also, in the perl script itself, there is some mention of an apache key or something, so if anyone know's what that's about, it's here:
http://nah6.com/~itsme/cvs-xdadevtools/xda2nbftool/typhoonnbfdecode.pl
Note that all that "Typhoon" stuff is supposed to be for just an HTC device called the Typhoon, but it seems like people have used it for other devices successfully...
Some other links:
A Universal ROM decoder (works great on Universal ROMs, but not on ours) http://buzzdev.net/index.php?option=com_content&task=view&id=65&Itemid=1
Once a ROM is decoded, these tools are used:
http://forum.xda-developers.com/viewtopic.php?t=34171
And the "A2DP for all devices" thread on here:
http://forum.xda-developers.com/vie...stdays=0&postorder=asc&highlight=a2dp&start=0
So yeah... Poke around, see what you can find...
If anyone knows or uncovers how these keys were discovered, help us out! Thanks!
-Taylor
And any "prize money" for this should go to the forum itself, they need donations to keep this great forum running!
-Taylor
you can use alpinenbfdecode.pl to decode apache roms.
willem
btw, the apache keys are already known, see typhoonnbfdecode.pl.
you can find them by looking for des encryption code in the radio rom.
in v1.03.00 they are the 0x18 bytes right before the key-permutation table in the rom.
.... you find the des tables by looking for instance for the bytes '38 30 28 20 18 10'
willem
Hey, sweet! Yeah, i thought i saw those keys in typhoonnbfdecode.pl, but I wasn't sure what to make of them, since i couldn't get the typhoonnbfdecode.exe to work on them... Anyway, I'll have to do some searching to figure out how to use those perl scripts, but if you have any advice I'm all ears. For now, I'm off to class. Thanks!
-Taylor
I managed to decode the Apache rom...
I started with the file
APAC_SPCS_20600_300_11200_ship.exe
I ran the file while the phone was NOT connected to the computer. I then went to the windows temp directory and pulled out nk.nbf and moved it to my linux machine (I hate perl... but I can at least get it to work under Linux)
I then used alpinenbfdecode.pl to decode the nk.nbf file to nk.nba
perl alpinenbfdecode.pl -d nk.nbf nk.nba
I then moved the nk.nba file back to my windows box and used the imgfs_tools
prepare_imgfs.exe nk.nba -nosplit
viewimgfs.exe imgfs_raw_data.bin
This dumps the decoded files to their own directories.
I confirmed that the decode was successufl by pulling the solitare.exe from the dump and moved it to my 6700 and it ran thereby confirming a successful decode.
Unfortunately, I don't know what I need to do next to incorporate A2DP.
atomclock said:
I managed to decode the Apache rom...
I started with the file
APAC_SPCS_20600_300_11200_ship.exe
I ran the file while the phone was NOT connected to the computer. I then went to the windows temp directory and pulled out nk.nbf and moved it to my linux machine (I hate perl... but I can at least get it to work under Linux)
I then used alpinenbfdecode.pl to decode the nk.nbf file to nk.nba
perl alpinenbfdecode.pl -d nk.nbf nk.nba
I then moved the nk.nba file back to my windows box and used the imgfs_tools
prepare_imgfs.exe nk.nba -nosplit
viewimgfs.exe imgfs_raw_data.bin
This dumps the decoded files to their own directories.
I confirmed that the decode was successufl by pulling the solitare.exe from the dump and moved it to my 6700 and it ran thereby confirming a successful decode.
Unfortunately, I don't know what I need to do next to incorporate A2DP.
Click to expand...
Click to collapse
bump
currently there are no tools to encrypt the nba files back to nbf - so far noone has managed to write something that computes the right checksum for the compressed images.
Yeah... What has to be done to get that to work? Can we use crc32 to compute the checksum and manually change it? I tried, but I can't find the location of the checksum in the file, which I would assume is other people's problem as well... But shouldn't we be able to take an unmodified file, and then calculate it's checksum with crc32, then find that value in a hex editor? I also tried that, but it doesn't work... Is the checksum encoded as well in the encoded files?
I'd really love to figure this out now, because the sprint people have been able to copy some a2dp files directly and, along with a registry edit, get a2dp working. It doesn't work on verizon phones though... something about sprint's update that verizon never got... I want to take their update and change the device info to match ours, but I can't get the checksum right!
Also, what happens if I succeed, and in the process copy a sprint radio rom to my phone? Do I then have a sprint phone instead?
-Taylor
the problem is not where it is stored in the file, i know that.
but when you change the file, you have to recalculate it, and produce the correct value, there i am missing something.
just have not take the time to look at it.
willem
hmm... so crc32 doesn't work then? well let us know if you figure it out!
Related
Announcing: ROMkitchen
Special Edition ROMs are soooo yesterday.... We're proud to unveil our largest project yet: ROMkitchen. Now you too can modify your ROM to contain precisely what you need. Create your personal ROM, based on the ROM you like.
Wanna see: Have a look at our showroom kitchen to see what we mean. As you can see the showroom kitchen shows the PPC2002 based 3.17.03 ROM released by O2, as well as the 4.00.05 Microsoft WM2003 test ROM. Neither of these ROMs is really present though: you need to download the scripts, include your own ROM images, and run the scripts on your own unix machine. But once you do, you and your friends can create ROMs to your heart's content.
Why didn't we just include these files and make it all work? Because we're not licensed to distribute these ROMs, that's why.
So now what?
Play around to see if you like it.
download all the files visible when logging in using FTP to xda-developers.com username 'kitchen', password 'kitchen'.
Put them on your own unix machine, which should be capable of executing php scripts, and which should have a 'little' memory, disk and processing power left over. (We're afraid ROMkitchen wasn't built with resource-efficiency in mind.)
Add your own ROM files, see the readme files in the "data/00[...]/_/cfg" directories for details.
Notes:
If you set up your ROMkitchen, make sure you only use it for yourself, and with ROMs you legally own. We're not responsible for abuses.
If you use an ftp-client which can ignore files which are newer on your side, you can regularly check for updates and always have the newest kitchen.
ROMkitchen does not yet support outputting self-extracting binaries a-la Jeff's exe. We're working on that.
ROMkitchen currently supports English language ROMs only. We're working on this too.
The welcome exe is back in ROMs made with it: a little too much hassle to make our own. So you'll have to go through the silly tutorial every cold-boot.
XDAunlock is missing still. (It will be incorporated, but most people will be making 4.00.05 ROMs, and it doesn't work on that anyway...)
How does it work?
The ROMkitchen consists of a number of php scripts that present the form with all the options to choose from, and which copy files ready for our 'mkrom' utility to process. If you take a look you can see the raw structure of the data that is presented and inserted into the ROM. We'll find some time soon to explain, but you can already learn quite a bit if you look at the files and directories carefully.
xda-developers u are AWESOME
I'm going to try it as soon as i get home tonight. So all that is needed at first is a 2003 or 2002 image file?
thanks
alex
This looks awesome
Is it possible to run this program on Cygwin ? I have configuered the Cygwin download to include Bash and Perl but can't find a reference to dd. I confess that although I have a reasonable amount of programming experience I have never used Unix before so don't even know how to invoke the scripts so any help would be much appreciated.
Richard
just uploaded everything to my unix box and tried to run setup.sh from 4.00.05 directory. i also uploaded bootloader.nb0 and rom.nb1 files to the cfg directory. when i run ./setup.sh this is what i get:
[[email protected] _]# ./setup.sh
Usage: splitrom <romimage(s)> [options]
-wx xipchain where to write xipchain
-wo osrom where to write output image
-wb bitmap where to write bitmap
-wl bootloader where to write bootloader
-rl bootloader which bootloader to use for NBF
-n nbfinfotext what NBF header to use [ex: PW10A1-ENG-3.16-007]
-ri nbfinfofile or where to read NBF header info from
-wi nbfinfofile where to save NBF header info
-rx xipchain where to get xipchain from
-rb bitmap where to get bitmap from
-rm [email protected] insert new romsection.
-ob offset where to find the bootup image
-oe offset the end of the desired os image ( default: 0x81f00000 )
-t NBF | B000FF | NB? | IMG type of result image (default is NB1)
also when i tried to convert the default.fdf file to default.reg i get error saying "unknown fdf file signature" and it creates a 0 byte default.reg file.
any help is appreciated. i know i'm asking too many questions, but same happened with ur mkrom tools and once i got answers from u i was able to build roms without any problems.
thanks
alex
Hold on a tick, if you guys added one more feature it would go nova, however. Some features I would like to see is the ability to mix drinks, roll joints, cook dinner, and cure premature baldness/cancer.
It would also be nice if you could arrange for the program to be delivered to my house by the drunken, naked Chinese twins, Fok u and Fok me.
You guys are the bomb. Keep up the great work!
-
# Put them on your own unix machine, which should be capable of executing php scripts, ...
Click to expand...
Click to collapse
this implies that you should also have setup a webserver, for running the php scripts.
you will have to change the 'splitrom' commandline in setup.sh depending on what source file you have.
it is not a configure all automatically script, just a guide, to what sort of is supposed to happen for setup.
Holy Cow, you guys are amazing....
This is just a short message to say I'm fighting with it as we speak. My friend's box does have PHP, this is good. I've already found that it needs two subdirs under its root ('download' and 'workspace') to be world-writeable. Took me a while to figure that one out. Haven't got it running yet though, this ROM setup.sh thing is far less than intuitive. But I have the two ROMs which have all the other mumbo-jumbo done: 3.17.03 and 4.00.05, and I will get this to run, if it's the last thing I do.
Jeff (Just back from the U.S., up since 4 am, severe jetlag)
Jeff Summers said:
I've already found that it needs two subdirs under its root ('download' and 'workspace') to be world-writeable.
Click to expand...
Click to collapse
Whoops... I guess you're right, that should have been documented. The things you take for granted sometimes...
Thanks, and good luck...
Thanks
hey, you are doing a great job guys, keep it up.
welcome back Jeff Summers.
Othman
OK, here's the status:
I'm close, really close. It wouldn't detect my OS, the bash on the system I'm on is in /usr/local/bin instead of /bin and now it's complaining about a missing perl file. I'm working on it though...
probably you are missing http://search.cpan.org/author/GBARR/Scalar-List-Utils-1.11/
which is included with perl 5.8, but not with perl 5.6.*
if you don't have root access to you box, you can also install ( see the README for build instructions ) list-utils in your home directory, by editing the generated Makefile, and changing 'PREFIX=$(HOME)', and then adding
Code:
export PERL5LIB=$HOME/lib/perl5/site_perl/5.6.*
to your environment. ( with '*' your perl version )
It's working
It's working!!!
With a little help, I got it to work !!!
Have a look at http://cuba.calyx.nl/~jsummers/ROMkitchen
I just created my first ROM!
Hi, I tried create 4.00 based Rom on Jeff web and it works... thanks.
I discovered only small problem, that there are not installed links in Programs to extra included programs. But I can do it manually for now.
I tried to start my version of romkitchen on my notebook but I was stopped on integration PHP to IIS. I tried some last installer php-4.3.2-installer.exe for Windows but I got CGI error when I tried to access index.php. I'll work on it.
I hope that it will run too, like mkrom on Cygwin.
aleho said:
Hi, I tried create 4.00 based Rom on Jeff web and I works... thanks.
I discovered only small problem, that there are not installed links in Programs to extra included programs. But I can do it manually for now.
Click to expand...
Click to collapse
Ah, you haven't noticed that we put these in subfolders maybe. Go to Programs, and you should see subfolders. If you unchecked the option to put in these subfolders, then you have also unchecked everything 'below' that, meaning you haven't installed these programs.
I tried to start my version of romkitchen on my notebook but I was stopped on integration PHP to IIS. I tried some last installer php-4.3.2-installer.exe for Windows but I got CGI error when I tried to access index.php. I'll work on it.
I hope that I will run too, like mkrom on Cygwin.
Click to expand...
Click to collapse
Go for it...
Ah, you haven't noticed that we put these in subfolders maybe. Go to Programs, and you should see subfolders. If you unchecked the option to put in these subfolders, then you have also unchecked everything 'below' that, meaning you haven't installed these programs.
Click to expand...
Click to collapse
I had unchecked only few of programs to fit in ROM 4.00 free memory.
But folders in Programs like Phone, System tools,... were not in this case created, but they were checked.
jeff: great work...
one bug i found: when i disable the modify rom and add programs i get an error: Warning: Invalid argument supplied for foreach() in /home/jsummers/public_html/ROMkitchen/processor.php on line 480
i wanted to get the orig 4.00.05 rom without modifications
Jabba
REQUEST: zipped Kitchen
Hi !
Thanks all developers! Great work
One request though: please put a zipped version of your ROMKitchen at your ftp -> downloading hundreds of files is a mess *g*
Thanks... Jabba
This is so frustrating: I had it working perfectly, and now all of a sudden it stopped working. I'm working on it...
It's working now. Not really sure what was up, but it seems to have fixed itself.
Nice!!! These new ROMs are sooo cool. All the programs are stored in neat subfolders with icons....
I did find that D9 and PocketCHAT (The EVB apps) do not yet work on WM2003. It complains some EVB shared files are still missing.
Hi Jeff, just to say I've successfully used your ROM builder principally it has to be said to get hold of 4.00.05 so I only choose the Hot Fix item.
Checked in startup (which I've not looked in before) to see the hotfix and its there, there is also aFlashman, cFlashman Handsfree poutlook, SMSReciever, stk & Ussd. Are these part of the normal ROM? Just want to check that the thing is running as lean and clean as it can.
Many Thanks
The WM5.0 emulator is working on my PC.
Japanese Emu, S-Chinese emu, and T-CHinese, emulator. also english.
i want dll, mui, exe files from them, to make Japenese or chinese WM5.0
on my Himalaya with english WM5.
Hope someone can help to dump it or make dump tool.
i have a dump tool my friend made for WM2003 emulator, so not worked for WM5.0.
if need emulator image from WM5.0 SDK, i will upload i them.
Please help!
ms would be pretty stupid if they made it possible for one to unload a real rom image from an enulator
as far as i know then all roms have to be 100% made / "compiled" for each pda to work
so unless that emulator was using an 100% image of the rom for the device you want to upload it to later
i doubt it would work
Rudegar said:
ms would be pretty stupid if they made it possible for one to unload a real rom image from an enulator
as far as i know then all roms have to be 100% made / "compiled" for each pda to work
so unless that emulator was using an 100% image of the rom for the device you want to upload it to later
i doubt it would work
Click to expand...
Click to collapse
thanks for your comment,
but plese dont worry i want just take the resourcese from dll or exe, to make mui files to pretend interface of OS.
i used this way to make japanese OS on my Blue Angel with PPC2003se.
Mr, Mamaichi teached this way to me in the past.
for your refference
http://asukal.seesaa.net/article/6114096.html
http://asukal.seesaa.net/article/5052836.html
Japanese site, but you can see the JPGs
ooh got a bit confused then i guess
Asukal
You can dump the ROM image from WM5 emulator with a normal dumprom tool, but first you need to convert image from B000F to the NB format with the command:
perl splitrom.pl PPC_USA_GSM_VR.BIN -wo ROM.BIN -oe 0x82000000
and then dump it as a normal rom:
dumprom.exe ROM.BIN -5 -d C:\ROM_DUMP
I've tested that on english version of emulator.
you'll need splitrom.pl script and a new build of dumprom tool from itsme.
Mamaichi>>>
thanks for your information!
i will try it!!
Thanks Mamaich!
after i got your private message and done it!
i got dumped roms files form mnu!
@Japanese OS image
@Simple chinese OS image
@Smart phone (WM5) japanese image
after succesfull them, the splitrom have error on following emu image.
@English OS image
@Traditional OS image.
i dont know why???
may try to restart windows system and try again
any way, i got it!
thanks!
hi Asukal,
can you please give me the links to your emu images?
i'm too lazy to search.. ;o)))
thanx
buzz
Yes, why not!
Here it it!
http://www.asukal.jp/ROMs/PPC_USA_GSM_VR.rar
20MB <not dumped yet>
i could dumed english image also.
here it it!
http://www.asukal.jp/ROMs/SDK_ENG.rar (17.32MB) dumped files
i dont know why i couldnt up load this as attachment???? :shock:
so i must use my own server :?
Asukal said:
after succesfull them, the splitrom have error on following emu image.
@English OS image
@Traditional OS image.
Click to expand...
Click to collapse
what is the error text? I've dumped english ROM without errors
to mr,mamaich
i got successfult to dump english SDK emu rom after that.
But i took Bin from SDK in another computer.
I guess Bin file which i tryied dump at beggining was broken or have some problem??
or i have already opened and drove this emu image on the Emulator many times so it was not default already.
i have never tried again about T-CHinese Bin.
i think it can be possible if i took out another T-Chinese bin from another SDK.
the error text was...... cant remember exactry because i left that computer coz i am trip in europe now.
maybe.....
This image files has incorrect(or invalid) boot image.....or some like that.
sorry my late rplay.
I am in Germany now and have to visit Milan and paris after here.
thanks
MUI's in wm2005
Hi, everybody!
I followed this thread and successfully created some MUI's for 2005 (I think) but I can't get the device to load them. I tried changing the registry settings (worked for 2003se) but it didn't help.
No changes I made are visible and the files can be deleted, so I guess they are just ignored for some reason.
Can anyone help please :?:
Thank a lot!
that is true, also cant do that.
keep on studying now.
Something different from WM2003!
MUI security signature?
Hallow again!
I think the problem might be with the digital signature Microsoft now requires. :idea:
Also I made the following experiment:
I put the resources in 2003SE MUI officeres and btres and it did load, but when I tried it with shellres or coresres it didn't work.
I think it won't load unsigned system files…
Any ideas?
Any leads will be greatly appreciated!
:lol:
Re: MUI's in wm2005
levenum said:
Hi, everybody!
I followed this thread and successfully created some MUI's for 2005 (I think) but I can't get the device to load them. I tried changing the registry settings (worked for 2003se) but it didn't help.
No changes I made are visible and the files can be deleted, so I guess they are just ignored for some reason.
Can anyone help please :?:
Thank a lot!
Click to expand...
Click to collapse
because on 2003, files are copied to RAM. on 2005 are used directly from ROM.
buzz
Re: MUI's in wm2005
buzz_lightyear. 2005 can also load dlls to RAM, for example when they are started from storage card or built-in storage.
There maybe one more reason. The DLL may be not loaded if your resource DLL does not have some resources that the original DLL has. Or if your DLL is somehow incorrect. You should make a program that calls LoadLibrary() for your MUI DLL and check the error code if it does not load.
For MS Smartphones there was a registry key that allowed to run unsigned applications. Maybe the similar method exists for WM5.
Asukal. I've attached the program that would try to dump shellres.dll of your device to \storage card\shellres.dll. I've tested the program only under emulator, on the real device it may crash.
If it would not crash - you should look into the produced DLL to examine its resources. This dumper would produce DLLs that are unable to load (they have no relocations information), and their size is larger than it should be, but resources should be extracted correctly.
PM me if the program crashes. And it probably would crash. I'll try to do something.
Mr,Buzz and Mr,Mamaichi!
thanks your comments, and i have just back from Paris and too tired to try mamaichi`s testwm5.exe
aftre sleep while, i will try it! (i dont afraid crash! glad to be sarifice!
I'd recommend you to try this tool - http://forum.xda-developers.com/viewtopic.php?t=23520&start=25#152044
To mr,mamaich
The first attached testWM5.exe dumped only dump.dll(?)
the second TESTWM5.exe of the link can extraxt installed files also, and RAM files can be dumped.too.
but not crashed.
i will remake MUI file and test it!
Thanks!
1 Is it possible to delete files (.dll is what I'm after) out of wallaby ROM? I thought I read that it was, but now I can't find that info, mkrom, splitrom, etc info that I see all tells me that you can only add or change..
2 BTW, what's with all the versions of romtools & tools with the same name (but different versions?) in the demokitchen? I assume its good to have the latest and greatest, but I am beginning to rethink my assumption there. When I say versions, I am looking at the dates of said files in either /~itsme/cvs-xdadevtools/romtools or /Wallaby/Tools/CustomROMToolset or /Wallaby/Tools/MKromxxx.zip or http://wiki.xda-developers.com/uploads/mkrom.zip as well as a bunch of different versions of dumprom.exe (win32).
Any particular set that is most functional? I've noticed that a .pl file or two wanted to run dumprom (ELF version) which !work on cygwin, and another wanted .. unicode whatever.. yeah.. In one place or another I had to edit the .pl file & run it under cmd prompt instead of cygwin. Worked swell.
3 So in a set (I think it's the wiki's customrom instructions) of cook-you-own-rom instructions, it says to add neccesary files to files directory. files directory you just dumpromed to. Ok. My neccesary files are MMS files & whatnot. Later in the directions it tells you to run some xipchains stuff, with files1 and files2 directories as arguments. Well, there's nothing in there, since I put them all in files. The ROM builds, but I end up with basically the same rom I started with. if I dumprom it back out, I can't see any of the file additions I did in the new rom.
So I'm gonna assume again, that I should stick my files in files2 for the most part, so the scripts that build xipchains & calc free space etc can do their job & one of those scripts will get my files where I want them. (in the rom!)
TIA
BTW, if anyone is interested in the Arcsoft MMS Composer software not working in LumpiStephans kitchen, you need to grab & install Camera_WWE.sa.cab from someplace, which will install the requisite .dlls to make the MMS software work. Yeah, it's big, and there is no camera on the wallaby, I know. But the EzOS wap browsers MMS software really sucks (for me), and looses parts of the messages from certain people. I dunno if it's their email client, or what.. don't care.
if anyone is interested, I can tell you what DLLs it needs, I sat there for a while checking out the dependencies, and that way you don't have to install as much extra crap, but I don't have it handy right now. lemme know.
squib308 said:
1 Is it possible to delete files (.dll is what I'm after) out of wallaby ROM? I thought I read that it was, but now I can't find that info, mkrom, splitrom, etc info that I see all tells me that you can only add or change..
Click to expand...
Click to collapse
No, it is not possible to delete files out of a ROM.....
squib308 said:
3 So in a set (I think it's the wiki's customrom instructions) of cook-you-own-rom instructions, it says to add neccesary files to files directory. files directory you just dumpromed to. Ok. My neccesary files are MMS files & whatnot. Later in the directions it tells you to run some xipchains stuff, with files1 and files2 directories as arguments. Well, there's nothing in there, since I put them all in files. The ROM builds, but I end up with basically the same rom I started with. if I dumprom it back out, I can't see any of the file additions I did in the new rom.
Click to expand...
Click to collapse
The 14. command (Run "perl makefiles.pl ./files ./files1 0x$size1 ./files2 0x$size2" ) should split the files with best fittings to the corresponding directories....
So perl makefiles.pl ./files ./files1 0x00050000 ./files2 0x00380000
would copy up to 320 KB to files1 and up to 3584 KB to files2......
squib308 said:
BTW, if anyone is interested in the Arcsoft MMS Composer software not working in LumpiStephans kitchen, you need to grab & install Camera_WWE.sa.cab from someplace, which will install the requisite .dlls to make the MMS software work. Yeah, it's big, and there is no camera on the wallaby, I know. But the EzOS wap browsers MMS software really sucks (for me), and looses parts of the messages from certain people. I dunno if it's their email client, or what.. don't care.
if anyone is interested, I can tell you what DLLs it needs, I sat there for a while checking out the dependencies, and that way you don't have to install as much extra crap, but I don't have it handy right now. lemme know.
Click to expand...
Click to collapse
You can tell it me, and send me the dll, than i will include it to the Arcsoft MMS-Composer....
Stefan
The Scoter Kitchen team is proud to release the first release of the kitchen. This kitchen incorporates all the tools used by Oki and the rest of the team to decode, modify, and rebuild ROMs. It includes a help system that is meant to be clear to new users, and useful to old pros. Of course, this is only the first release, and thus will have bugs, and areas in need of improvement. This Kitchen is based on Bepe's WM5 Kitchen, and many of his tools. Special thanks to Mamiach, itsme, machinagod, gmap, buzzlightyear, and many others. Oki started the initiative, and we in the team are grateful for allowing us the privilege of contributing. There are also many additional tools not directly used for general ROM analyzing that can be found throughout. The kitchen is designed to be sleek and clear for the new user, while still containing all relevant tools for every part of the build process. This post is one of many across multiple forums. We are opening up development to all, and ask for volunteer translators. We will coordinate through forums primarily, but later plan on PM's, e-mail, etc. to effectively coordinate further development of the Scoter Kitchen. In addition, the kitchen is designed to extract most HTC ROMs, but it has it's limitations in the tools included, and the outlined process which are in the help files. Again, this will become better implemented through the help of the community. Now though this Kitchen is designed primarily for the Scoter, we intend to make this kitchen the primary hub for all PDA customization across all WM5 platforms. This post will be posted on many forums, and since the team members communicate primarily w/ English, we ask that those respond to this thread in English, or at least include an English translation. As a last note, you are solely responsible for any damage to your device or computer that might result from the use of the Scoter Kitchen, or any of it's parts. The following posts are left blank and will be filled w/ info later. Here are the download links:
http://www.MegaShare.com/107480
http://rapidshare.com/files/15460590/Scoter_Kitchen_1.0.exe.html
Regards,
Jason
Kitchen Team Members
Oki
JKR
DwD
Theo - Greek translation
Nadavi
gerttom
Preaper
Friends of the kitchen
Bepe (done as much as any other member and is considered an incredible contributor, and even that doesn't give him enough credit)
Kinger
blueboy
Marshal
cyril - French translation
bakker_be - Dutch and German translation
kterz
Regards,
Jason
Reserved,
Regards,
Jason
Bakup Files Of 0 Bytes
i had done a backup with ur utilites but the size of BDK0,BDK1 & BDTL0 is 0 byte why it is so ?????????? I stop here and wating for reply
to bad these dont work for the hermes .nb and .nbh files.. hopefully in the future it can be integrated..
shogunmark said:
to bad these dont work for the hermes .nb and .nbh files.. hopefully in the future it can be integrated..
Click to expand...
Click to collapse
Yep, we plan to add the nbhextract to the tools. And as far as the backup utility, that only works for the Scoter. We don't own htc devices, so that why we've asked the community to fill in the gaps. The extraction is universal, since there will be back and forth on various ROMs. The ROM installer also only works for the scoter. So, some info on these and anything else that the HTC community would like added, just tell us how. We can't really test these things, so we rely on you guys. At some point, the installer will ask what device you have, and install apps that apply to your individual devices.
Regards,
Jason
thats cool.. integrating the the hermes stuff will be difficult at this time anyway since we dont have a good set process on everything, we are still fighting the possibility of bad nand blocks with some cooked roms.. Something that i think would be really cool would be a full blown GUI with all these features built in..
here's some release notes I posted over at Buzz's site
JKR said:
4d45h said:
Questions.....
1. What is OS.bat. It says missing OS.bat when I click Cooker and start the build OS.
2. Where do you put pakages inside LOC(Bepe ways of cooking)
3. What is CEImage.bin? Is it the same as nk.nba base ROM Bepe ways.
Thanks and what a great tool.
Click to expand...
Click to collapse
1. That is a file created when you decode a ROM. I'm not sure what exactly it is for, bepe could answer that.
2. You can't use the current Kitchen ROM archives. The Scoter Kitchen incororates some more advanced versions of bepe's apps. The best way to describe the current situation is that bepe's WM5 Kitchen is version 1.0, and the Scoter Kitchen is 2.0. Since bepe was a big part of the Scoter Kitchen development, this should make sense. Keep in mind that this is not ready to be a replacement to bepe's kitchen yet, because it is only setup for building ROMs for the Scoter. We released it to all for many reason: 1) To speed up the development of the Kitchen for use w/ other devices, 2) it currently seems to be the most complete set of tools and help files for decoding ROMs, 3) the help files have a lot of info that may be interesting to many users. Most notable tools from bepe that are in the Scoter Kitchen are: DMP2PKG.exe, and PKG2DMP.exe. These tools actually have their own UI's that are fairly impressive. So to answer you question, you'd need to decode your current ROM and then begin modify that. Oki is the ROM hacker on the team. Essentially what he does, is extract the drivers (in the OEM folder) from various ROMs for our device, picks the best ones, adds in the SYS files and then puts in the packages for various apps. Anyways, bepe combined the LOC and SYS folders together into the SYS folder. for aesthetic reasons, the SYS folder is referred to as the OS folder in the build room. This is only a short cut name, and actual folder is still called SYS and is located in the Utilities folder.
3. Yes, this is in the help files in file:///C:/Scoter%20Kitchen/Utilities/Tools/Excess%20stuff/J-Guide/Extraction%20Room.htm?zoom_highlight=.bin .nb, .bin, and .nba are handled in the same way. just copy the location i posted into your browser address box.
Regards,
Jason
Click to expand...
Click to collapse
JKR said:
A few release notes. The install directory is C:\Scoter Kitchen. You will also see an uninstall script in c:\. This obviously uninstalls the Kitchen, everything is removed (including any work files in the kitchen) except the desktop shortcut. Also, since the imgfs tools are used so much by ROM cookers including myself, the Kitchen will place a copy of the imgfs tools in the %SystemRoot%\system32\ directory. This allows these tools to be opened by any command box w/o having to change directories. As you explore the kitchen you will see readme files in almost all folders, describing what is in that particular folder. Lastly, you will see like 15 command box shortcuts throughout the kitchen, this just makes things easier since their working DIR is the one they are placed in.
Regards,
Jason
Click to expand...
Click to collapse
Nobody here seems to be too forthcoming w/ info about other devices. Now I could go and search for all this info on my own, but then I probably wouldn't have the time or energy to modify the kitchen accordingly. W/ that said, I'll list some specific questions.
1. What programs are required for installing ROMs on various devices, and what are the procedures?
2. Are other devices capable of changing just the CE image through the boot loader, or does this have to be done using itsme tools? And what is the procedure?
3. Is the page pool setting in the same address on all HTC ROMs, or does this vary from model to model?
4. Explain the whole IPL and radio rom issue.
5. What would you like added to this kitchen?
You could just point me to specific posts too. Like I said, the Kitchen is completely functional for us Scoter guy's, so we won't spend the hours and hours required to research this stuff, since we won't get any benefit. But if some direction is given, we are willing, and wanting to expand our kitchen for use w/ other devices.
Regards,
Jason
I thought that it is just for Mio, and a little more documentation to it will be nice, thanks
xplode said:
I thought that it is just for Mio, and a little more documentation to it will be nice, thanks
Click to expand...
Click to collapse
Well it is fully functional for the Mio, but most all tools are here on this site. The two things specific to the Mio are the ROM backup utility, and the ROM update utility. Everything else applies to the HTC community. We are hoping that somebody will point us in the right direction for the equivalents of the two previously mentioned tools. Now as far as the documentation, yes, we plan to expand it. However, what specifically do you feel should be added?
Regards,
Jason
First of all, this's a very FANTASTIC tool!
In the BEPE's ROM Kitchen, there's an initflashfiles.txt file in the folder of each OEM apps which is used to create shotcut or copy/move files, its content will be combined with others into the initflashfiles.dat. Does this file still make sense in your kitchen?
BrightMoonHeart said:
First of all, this's a very FANTASTIC tool!
In the BEPE's ROM Kitchen, there's an initflashfiles.txt file in the folder of each OEM apps which is used to create shotcut or copy/move files, its content will be combined with others into the initflashfiles.dat. Does this file still make sense in your kitchen?
Click to expand...
Click to collapse
yep
Regards,
Jason
@JKR
I have reach up to using the DMP2PKG.exe stage, which can see the files in the *.dsm (see attached pic).
How to extract the files in the *.dsm?
How do I use RECMOD.exe?
CWKJ said:
@JKR
I have reach up to using the DMP2PKG.exe stage, which can see the files in the *.dsm (see attached pic).
How to extract the files in the *.dsm?
How do I use RECMOD.exe?
Click to expand...
Click to collapse
Hi,
You probably read the help files, huh? Yeah, those are dated, my bad. You don't actually have to touch DMP2PKG. The extract modules/files has dmp2pkg already scripted. At the time I wrote the help file, bepe didn't allow for command line commands. He has since, and I have scripted for it since. The following is an excerpt that I post over at Buzz's site.
JKR said:
Ahhh, I see problem. the .dat file needs to be in one of the folders, the OEM one i think. When Oki (rom team member) creates a file set, he includes the .dat file in the same folder that mxip_lang.vol is in, on our device it's 6acba9af-b4de-c7a3-802b-91ff1f140caf, but is probably different on yours. Anyways, I'm not sure where you got the idea to drag those to the tools folder, if it's in the help file, please tell me where. I've just re-looked at the help files, and they are quite dated. I've added a lot of automation to the process. Sorry for that. The correct procedure to extract a rom and rebuild it is to extract a .bin, .nba, .nb, or .nb0 file from your rom image. Then drag it to the extract modules. Open in another window the build room. put the .dat file (if it was placed in the modules folder) in the OEM folder. Drag all the contents of the OEM folder to the OEM shortcut in the build room. Drag all the contents of the SYS folder to the OS shortcut. Place the .bin or equivalent file in the rom template folder, and place the boot.rgu file in the \rom template\xip folder. The boot.rgu may be different for different devices, so use one that works on your device. I don't remember where exactly we got ours from, but I think it may have been from bepe's file set for his kitchen. Now launch the cooker. In the end, you should have a .bin file in c:\Scoter kitchen, aka one level up from the build room. hmmm, looks complicated. This is in the help files, but like I said, I need to update them, we were anxious to release the kitchen, since it had been under development for so long.
Regards,
Jason
Click to expand...
Click to collapse
As one more note, you probably wouldn't have to worry about the missing entries in the dmp2pkg interface. Probably just dated references from your ROM, it's a custom ROM?
Regards,
Jason
The rom is custom rom by Helmi, AKU3.5 v1.3, see my signature.
I will take sometime to digest you writings.
Still have not able to extract the *.dll, *.exe, *.hv, etc.
Will try adding & delete files later.
@JLR
I am back, manage to get some time to try the extract problem I faced.
Thanks, the extract works.
See the attached zip file of extracted files' directory list.
I have some questions,
1. what "<DIR> SYS" does, seems to have some *.dsm and some repeated DLLs.
2. If I do not need some *.exe, *.lnk, *.etc files, I just delete them?
3. How do I know that I fully deleted the files related to the feature that I do not want?
4. How do I know which corresponding *.dsm to be deleted?
5. How do I know which files goes to which directory in the \Windows\ of PPC?
6. How do I add files, how do I know what *.dsm to add and the name of the directories with very long string.
Questions please...
What is the importance of extracting files compared to extracting modules?
I have a base nbf file that I converted to nba file, that I want to modify to add the apps to build the ROM, I am confused as to which one I need, is it the files or the modules?
Great work! Thx for very useful tools!
What about map.txt support that helps to replace the GUIDs with the actual Package Names? I seen it in Bepe's kitchen...
JKR said:
Reserved,
Regards,
Jason
Click to expand...
Click to collapse
I need help. I was able to run the cooker file without any errors. Now what?
How can I recreate the .nbf file? Where can I find it? Should I be looking at the DUMP folder?
Intro
Lately I've seen a lot of posts by people who are trying to replace WM internal or driver DLLs, either for hacking/testing or to release. Aside from the possibility they are just doing something that won't work in the first place, I've seen failure a lot of times because files aren't properly signed, or if they are, the certificate in question not being in the right certificate stores for it to have any effect. On some ROMs it will still work due to patched NK.EXE, on others it won't, its just not very reliable.
So, I present you with the correct way of doing this by means of a small tool that will do this for you: DriverWiz. It will take care of most of the stuff, and leave you room for additions. You will however still need some basic knowledge of the command line, if you don't have that, you have no business doing anything like this anyways.
Background
I use this technique myself all the time. When just hacking away, replacing system DLLs to trace calls, etc. It's also the same method used for the HTC-CA drivers and the ICS installer. This method works on most stock ROMs as well, though not on all of them (in rare cases some security policies are set that will prevent CAB installation)
Usage
It's fairly simple to use. Just extract the attached zip file somewhere, open the command promt, and change directory to where the zip was extracted. That's the installation part.
Now when you actually want to build a CAB file from a DLL, you use the DriverWiz.bat file.
DriverWiz v1.0 by Chainfire
Usage:
DriverWiz.bat "Description" "CAB-name" "DLL-name-1" ["DLL-name-2" ...]
Examples:
DriverWiz.bat "New DDI" "ddi.cab" "ddi.dll"
DriverWiz.bat "Two DDIs" "ddi.cab" "ddi.dll" "ddiaux.dll"
Click to expand...
Click to collapse
DriverWiz will take care of signing the DLLs, inserting the certificate, etc, and you will end up with a proper CAB file for this kind of thing. Just copy it to your device and run it to install.
#1. You need to put the DLL files in the same folder as DriverWiz. Do NOT include paths in your DLL names
#2. Include the quotes in the command like in the examples!
#3. The first time you install a CAB made by DriverWiz, your phone may still give you a certificate warning. This is normal, don't worry about it.
Caveats
While this method has never failed me yet, it is possible that some files cannot be replaced this way. Just a disclaimer
Modifying
DriverWiz bases the inf file it will create to build a CAB from on DriverWiz.tpl. If you need to add registry entries to your CAB file, modify DriverWiz.tpl before you run the batch file. You can make other modifications too, add files, etc. Just take care that you don't break it
You can use your own certificates as well, instead of the supplied "Dummy" certificate that comes with DriverWiz. The files you will want to modify/replace are DriverWiz.pfx (used for signing) and DriverWiz.xml (used for injecting the certificate). I'll see about finding a reference for how to do that online and posting the URL here (someday). Creating a new certificate from scratch can be a frustrating effort - make sure you got openssl handy
Changelog
19.03.2009 - 1.1 - Added some file exists checks and attribute changes
Download
Temporary PlaceHolder for more Info.
Whoo this is hot from the plate, looks very promising!
Driver testing withoud cooking! joohie
Well if you replace the wrong files you're still going to need to hard-reset to boot. I advise KITL before you do
Works flawless. You tha man.
Didn't work for me trying to cab up No2Chems Fast Charge battery divers.
ruskiyab said:
Didn't work for me trying to cab up No2Chems Fast Charge battery divers.
Click to expand...
Click to collapse
What exactly happened? Attach the files and such
It made the cab and all, but when I went to install it, the unsigned error message popped up just like when I tried it with WinCE cab manager.
That is perfectly normal behavior. The first time you install a CAB with this certificate it will not know the certificate. However, once you install it, the certificate will be injected in the right place, and the files signed with the certificate (the driver files in the CAB) will be allowed to be run.
It won't happen the second time you try it
So if I try to install it again, it'll work fine? is there aa soft reset required in between? I can replace these drivers manually by renaming the old ones and copying them over, the whole reason I want a cab in the first place is to facilitate the UC process when I flash a different rom
ruskiyab said:
So if I try to install it again, it'll work fine? is there aa soft reset required in between? I can replace these drivers manually by renaming the old ones and copying them over, the whole reason I want a cab in the first place is to facilitate the UC process when I flash a different rom
Click to expand...
Click to collapse
Actually it should just work the first time. Just click OK when the certificate error appears.
Nice nice nice work!
error message
I got error messages when creating a cab from a rilphone.dll. Does it mean anything, or are these errors okay? I guess I'm specifically wondering about the SignTool error. If its okay, then my cab should be good.
EDIT: I think I found the problem. I didn't have UAC disabled in Windows 7. I tried it again, after disabling it, and it works fine now. Thanks for the easy to use tool!
syntax for registry entries?
I was experimenting with creating a cab for the Rogers folks who need a specific rilphone for their Caller ID to work. There are some registry entries associated with this feature, so I was wondering what the correct syntax is for putting the registry entries into the .tpl file. I've tried a few different ways, and I've either a gotten a 'Registry section is empty' message, or a 'Registry has an unsupported registry root key' error. I'm sure its something really simple I'm missing, so any help you can offer is appreciated.
It just seems that since we now have this easy method to sign these dlls, so that they can be used in any ROM, that the Rogers people shouldn't have to jump through so many hoops to get it to work.
EDIT: Nevermind. I'm an idiot that didn't do a little bit of research. All is well now.
Excellent stuff, Microsoft may rant about this way of distributing signtool and cabwiz though.
Chainfire said:
You can use your own certificates as well, instead of the supplied "Dummy" certificate that comes with DriverWiz. The files you will want to modify/replace are DriverWiz.pfx (used for signing) and DriverWiz.xml (used for injecting the certificate). I'll see about finding a reference for how to do that online and posting the URL here (someday). Creating a new certificate from scratch can be a frustrating effort - make sure you got openssl handy
Click to expand...
Click to collapse
Here's an intro to cert stores for WM:
http://msdn.microsoft.com/en-us/library/aa458010.aspx
pfx generation is a 2-liner with openssl:
# Generate a CA certificate
openssl req -new -nodes -x509 -days 9999 -newkey rsa:1024 -md5 -keyout cert.key -out cert.cer -subj "/CN=DriverWiz"
# Convert to pkcs12/PFX format
openssl pkcs12 -export -in cert.cer -out cert.pfx -inkey cert.key
got error messages under vista sp2, any ideas?
I also get an error saying that the latest version of CAPICOM.dll is missing. The ones I can find for download from the internet are version 2.0.0, and the tool requires 2.1.0.1 or later.
Does anyone have the needed version of the dll?
EDIT: Found it, 2.1.0.2 version of the dll is in the attachment.
Time Saver !
Many thanks; DriverWiz /w the CAPICOM.DLL saved me about an hour of troubleshooting.
Cheers,
Thanks for the capicom.dll Even after disabling UAC in W7Rc1 it wouldn't go, so great to have it posted to.
Chainfire, which format should the Reg's be added?
I tried the default .reg formating just under:
[Registry]
[HKEY_CURRENT_USER\ControlPanel\Profiles]
@=""
"ActiveProfile"="Normal"
?
Scrap that i found the .inf format
[AddRegistry]
HKCU,"New Key","",0x00010001,1
Many thanks for this, i'll try to Point Driver replacing Sinners from now on to here.
Well INF files are a regular female dog.
If you rather use WinCE CAB Manager, the trick is easily done as well. I do not have it handy right here (I'm not at dev box), but it goes like this.
Put the DLL's and EXE's that need to go in the CAB into the same folder as DriverWiz
Execute the following command from the command prompt in the DriverWiz folder: signtool sign /f DriverWiz.pfx *.exe *.dll
Open your WCM/CAB with CM
Somewhere is an option for "Pre XML" (main screen IIRC).. click to add/edit, and load the DriverWiz.xml file
Save
signtool sign /f DriverWiz.pfx *.cab
Et voila. I should really make an update to DriverWiz to include CAPICOM and write a proper guide on how to do all this manually (including making your own certificates and such). It's easy if you know how
If you could insert another empty post for me at the top, that'd be great.