Related
Any brave soul try using mkrom in conjucntion with the 2003 ROM? I think I might give it a shot here in a bit but wanted to know if anybody had tried it yet...
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
sheran_g,
i didn't know u could use mkrom with 2003 rom image. can u please post how u did it? i created a special version based on SE 1.1 rom but would like to put the same programs into the new rom. any help is appreciated.
thanks
alex
sheran_g said:
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
Click to expand...
Click to collapse
What's tricky about it...?
The modified registry file you make does not get picked up at the device startup. You need to manually inject the memory address of the modified registry file into the ROM in order for it to get picked up.
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
sheran_g,
can u post the steps that u take to buid it? i'm trying right now and its not working. i'm having little problems. can u post ur default.reg and initobj.txt? any other help is apreciated.
thanks
alex
Ok. Here they are in a nutshell:
Get the latest romtools.
Make the following dirs: romfiles, cfg, tmp, out, files, files1, files2
Split the ROM into Bootloader, bootimage, OS image, xipchain into the 'cfg' dir.
Dump the files in the OS image into a 'romfiles' dir.
Get the default registry file, initobj & initdb files into your 'cfg' dir.
Make changes to your default.reg and initobj.txt
Place any files you want loaded in the ROM into the 'files' dir.
Run 'mkrom.sh'
You should then have your new ROM. I'm sorry if it's extremely brief; you'll have to make do with this and the README file in the romtools archive file for now. You'll find my default.reg and initobj.txt files on my site: www.zensay.com/qtek/mkrom
sheran_g,
Have you created a decent working custom WM2003 ROM?
If so what Apps have you added?
How much ROM space does it use?
I've not added any apps to my ROM. I have only added a carrier logo file and made some changes to the registry. So I cannot comment on ROM space yet. The ROM works fine.
sheran_g,
what command did u use to extract rom files? did u do it under windows or unix?
I'm having problems trying to dump the rom image. I don't know if its too much to ask, but can u zip ur directory and post it somewhere so i can download it? or if u can post commands that u ran to dump the 2003 rom?
thanks
alex
Hi,
could you include "O2 home zune" to the 2003 image, like in the 2002 3.19 GER. Its for Germany interested only!
AR :?:
home zone depends on specific 3.19 rilgsm features. which are not in 4.*
okay, used dumprom -4 -d files -q nk.nbf and extracted all files. Got could not find pointer for ofs 00000000 ERROR but all the files seem to be there. Trying to figure this out. Saw the above abreviated directions but am fumbling around. Anyone have concise directions?
Val
Anyone? Just give me a good hint then please.
Hi all!
When i overwrite the rilgsm.dll file in the t-mobile 4.0.10 image with the rilgsm.dll from the O2 GER 3.19 image, i could use the "O2 home zone" option with the hz.exe in Starup directory? rilgsm.dll from german image hes 'at+creg=2' string in it. probably the RIL_GetCellTowerInfo call is now implemented. When it can work, how could i write the german rilgsm.dll to the image? I haven't linux, could somebody cook the image for me?
here is the germen rilgsm.dll and the hz.exe for the "home zone" funktion! http://www.nokiaprog.de/XDA/home_zone.zip
THX
PS: Sorry, my english! ;-)
AR
the homezone enabled rilgsm.dll depends on other dll's and exe's.
probably ril.dll, stk.exe, cell*.dll and maybe more, I have not tried
replacing all.
you don't need to build a new rom in order to experiment with this, you
can just copy the desired files to \windows, to override the rom versions.
And I don't think it works with the RIL_GetCellTowerInfo call,
but adds some notification events.
to change the CREG setting you need to call RIL_DevSpecific with parameter 25 ( to turn it on ) or 26 ( to turn it off )
even though that does not seem to be how hz.exe does it.
Hi,
I opened the image file in the Hex editor and renamed the file there rilgsm.dll. Then I flashed the image, which was phone probably deactivated, because rilgsm.dll was missing. Then I copied over ActiveSync the German rilgsm.dll into the Windows directory, XDA reset and he not accept the file. I assume because the file was not in the EPROM memory! Therefore I wanted to have rilgsm.dll first times in the image!
AR
XDA developer Itsme said:
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
Click to expand...
Click to collapse
Is there any other way i can access this site or I can download this files, the sites are block here in my country, Please Help
Ronnie
hi.
How can extract files from a mpx200 rom? I tried to use tools from the forum but with no success. Mpx200's rom is a file with .img extension. As i see so far in forum, rom's file extension for pda is .nbf. Is there any way to convert .img file into .nbf so i can use er2003edit program? Any other idea-guide that could help to extract the rom from my mpx200(wm 2003) would be very welcome. I couldn't find any resources on the web about extracting mpx200 rom and that's why i posted in this forum. I hope that i'm not totally off topic.
Thank you.
Nikos
I had a play with this a while back, to try to get MPX300 compatibility with VJCandela.
I believe the rom files have have a "B000FF header" (open it with a hex editor). Apparently splitrom can reassemble them into a rom we can play with, but it became more urgent to finish VJCandela then continue with this, so I put it aside. If you get anywhere on this, please PM or post so that I can see if I can make VJCandela cross compatible.
Many thanks!
V
I can upload a dumped mpx200 WM5 ROM to xda-developers FTP if needed.
These IMG files are somehow non-standard B000FF, I was unable to use splitrom to convert them to normal file.
You should dump ROM from a device, then remove a hole in the middle (probably MPx200 has 2 ROM chips at different addresses), then edit it manually because some idiot incorrectly edited that ROM to remove DevAuth.exe and broken its internal structure. After that you'll get a complete dump with broken ril.dll and gx.dll.
I wonder how that incorrectly patched ROM can even boot.
That would be interesting Mamaich. I'd appreciate it if you can.
Can we dump a live rom normally then? I'll try to speak to a guy with an MPX300 to get it dumped if possible, and try to upload it if he's successful.
V
hi.
I found so far that it's possible to convert the .img file, which is
used to update mpx200, into a .bin file. I opened the .bin file with a
hex editor and it starts with B000FF as you said. I don't know where i
can use this information or what it means. As you said it's the
header. When i try to dump rom with dumprom.exe i get an error message saying "unable to determine loading offset for out.bin". Looks like i have to find this offset myself and give it to dumprom. Could you help
me somehow on this?
Also where i can read a few things about the rom structure, xip and
stuff to understand what's going on.
Thanks!
EDIT1
Also tried with splitrom.pl.
With command splitrom.pl out.bin it gives me the following
B000FF entrypoint: 00000000
!!! your rom is not known to me: md5:
68847f4d859a242753798d9d0e205144
!!! your bootloader is not known to me: md5:
ea25e7468c09bf09a384a94cb4dcc67c
no operator rom found
no bitmap found
xip regions not found: 82d80000=LANG, 82040000=SMARTFON,
82d00000=OPERATOR, 82f2
0000=OE
And a lazy question. If i finally do it, i will get a folder in my
disk with all windows components unlocked and ready for modification?
EDIT2
Reading a few things about splitrom it says that it can handle bin
files with B000FF header. In our case(mpx200) we have a bin with
B000FF header. Right? So we can use splitrom to make the nk.nbf file.
An example on how to use splitrom.pl is the following.
perl splitrom.pl cfg/rom.nb1 \
-rm tmp/xda1.bin:0x81740000 \
-rm tmp/xda2.bin:0x81b00000 \
-rx tmp/xipchain \
-rb cfg/bootimage.bmp -ob 0x81ec0000 \
-rl cfg/bootloader.nb0 \
-wo nk.nbf -t nbf -n PW10A1-ENG-4.01-007
On the above, he opens rom.nb1 which is his rom file. Probably the
plain rom image format, i don't know the type. Then he refers to
another 2 files xda1.bin and xda2.bin. In my case i have only one
file, out.bin . He also uses bootloader.nb0, i don't have it or
something similar. Finally he writes nk.nbf file and gives it a
header. In my case i will give a B000FF header.
End.
nicktgr15, for extract files from 2002 and 2003 firmware you can use tools from http://onk.nm.ru/mpx200
Great site my friend onk. Great site. I hope i'll find something. Thank you.
Hi nicktgr15!
Any luck with the ROM extraction for MPx200?
Anyone here on this board can comment too.
I went to the link http://onk.nm.ru/mpx200 but can't really get thinks going with the WM2003 for MPx200.
I've the ROM but using dumprom.exe, I got something like 'can't determine the memory offset'.
So...where so I start?
I really need the SIMManager & Resource Manager for my WM5 MPx200.
Also, would like to have the SIM Tool Kit working on my phone since there's no way to interact with the SIM features.
Thanks anyone!
Please Upload the Dumped WM5 MPx200 Rom you are saying about!It will be a huge step!!!We can edit it,fix some bug,even make it work without the need of the SD Card...!!!
I've uploaded ROM dump to uploads/mpx200_dump directory on xda-developers FTP.
Buildimgfs tool is useless on this ROM, because 2 files in it are broken. Maybe addfile/delfile would work (but they would break data in imgfs_removed_data.bin). And of cause you have to manually remove hole inside ROM before working, and inject the removed data back before flashing. And figure out the format of imgfs_removed_data.bin and recreate it yourself.
For dump WM5 files you can use tool http://buzzdev.net/index.php?option=com_remository&Itemid=100&func=fileinfo&id=83
You must create directory "\Storage Card\" on SD and run this program on smartphone
I think this program work on many other devices with wm5
PS. you can read http://www.wce.by/forum/viewtopic.php?t=1517 (Russian language) about tools for firmware
Onk nice site but i can understand a thing!!!
Have you made a fixed version of wm5 for Mpx200?If yes where i can download it?
My goal is to make a cut down wm5 version that can fit on the 32MB ROM of MPx200...can that be possible?
I'm downloadl WM 2005 for MPX200 smartphone Build 14343 from sendmefile , but link id dead ;(
after extract files from archive, I convert part2.bin and part3.bin to CMCS IMGAGE (use BINtoIMG) and flash images to mpx200 (use Motorola Upgrade Wizard 1.8.x)
wm5 for mpx200 used SD card like /Storage on wm2003 and wm2002 (for save config, datafiloes, program etc)
Internal flash used only for firmware
for replace some files from firmware you can place it to /Windows on SD card
BUT! This build of WM5 work on 80-90% of mpx200 devices ;(
some devices can't run wm5.
And the speed of operation WM5 strongly depends of speed used SDcard (x80..x132 recomended)
Your file mpx200_wm5_bin_B00FF.7z (17460816 Bytes) is now online.
Your Download-Link: http://rapidshare.de/files/14495499/mpx200_wm5_bin_B00FF.7z.html
for extract files you must use 7zip archiver www.7zip.org
what?is this a fixed wm5 version?
does it works without the need of the SD?
NO
this version NEED SD
is there ANY chance to remove some files (Images,Sounds,maybe some prorams) from the WM5 ROM and make it work without the need of the SD?
I believe then,the OS would be STABLE and work Faster.
Let's make a Try!!!
What do you think?
part1.bin сontains magneto with use built-in flash memories (WM5 build 14122)
It is necessary to correct a little. Find in an firmware
Code:
0BFC440: 65 6D 72 65 67 69 73 74 │ 72 79 2E 64 6C 6C 00 44 emregistry.dll D
0BFC450: 65 76 41 75 74 68 2E 65 │ 78 65 00 62 74 68 61 74 evAuth.exe bthat
and change DevAuth.exe to AuthDev.exe for disable Device ID check
But this firmware contains one more "protection" - works before some date.
If before flashing set date 2004 - works normally. If the current date - show a modal system window with the message that is the version for developers.
How to disable this "protection" - it is not known yet
And it is not known about locking the register in this firmware
PS: In Firmaware structure ROM similar 2002/2003 is used. Use dumprom for extract files
PPS: my page is updated. Added simple manual about firmware and tools
mamaich said:
I've uploaded ROM dump to uploads/mpx200_dump directory on xda-developers FTP.
Click to expand...
Click to collapse
Can you please upload this dump somewhere once again? as it seems /mpx200_dump is already deleted from FTP.
Hi,
i know it's possible to know some values starting from the .nbf header (like device, lang, version, etc) but what i'd really like to know is the ROM version just from the OS image extracted from the nk.nbf file with Typho5.exe (typhoonnbfdecod.pl)
let's say i have such a file "80040000-OS_0.nb" and i forgot from which installer i extracted it from and would like to discover it then. Any clues?
tx
UPDATE:
should i have waited a couple of days and answer would fall on my lap
http://forum.xda-developers.com/showthread.php?t=296861
http://forum.xda-developers.com/showthread.php?t=263201&highlight=find+ROM*+version
Hi all. I am trying to learn the finer points of cooking a rom. I havent been able to cook a new version of Comm Manager into any rom, because when I run BuildOS, it finds a duplicate copy, even though I have searched and searched, and still cannot find it. Same goes for Config_PT. I need to edit config_pt to add UC to the rom. Does anyone know how to do either of these
ghettofreeryder said:
Hi all. I am trying to learn the finer points of cooking a rom. I havent been able to cook a new version of Comm Manager into any rom, because when I run BuildOS, it finds a duplicate copy, even though I have searched and searched, and still cannot find it. Same goes for Config_PT. I need to edit config_pt to add UC to the rom. Does anyone know how to do either of these
Click to expand...
Click to collapse
I'm not sure what phone you are trying to cook for but Comm Manager stuff is located in the OEM folder under OEMAPPS on my phone. You need to remove the comm manager files and delete the .rgu reg keys related to it.
I am trying to cook into a Touch, using the no2chem base 107 rom. Everytime i try to run buildos when cooking in a comm manager, it says it finds a duplicate of commmanager.exe. This file, however, does not exist anywhere in my oems or sys folders. Same goes for config_pt.txt. Any idea where else to check?
OK, so I just did a check, and the file might be being created by a dsm in oem\operatorPKG_PT. How can I change this file to not create this file
ghettofreeryder said:
I am trying to cook into a Touch, using the no2chem base 107 rom. Everytime i try to run buildos when cooking in a comm manager, it says it finds a duplicate of commmanager.exe. This file, however, does not exist anywhere in my oems or sys folders. Same goes for config_pt.txt. Any idea where else to check?
OK, so I just did a check, and the file might be being created by a dsm in oem\operatorPKG_PT. How can I change this file to not create this file
Click to expand...
Click to collapse
I just checked the basekit No2Chem made for the Vogue. CommManager.exe is located in the OEM/OEMAPPS folder. There are a total of 5 files you need to remove from that folder to get rid of commmanger completly.
Alright, I found the issue. THe files werent showing up in a search because hide protected system files in the folder options of XP was checked. Ive been trying to find these files for 3 days, now I know. Thanks for the help
I've tried to dump the rom from my pna device which dumped a dump.rom using grab_it then tried splitrom/dumprom without any luck so i opened the .bin file in a hex edit and it says stuff like...
Enter programmable end block address
Software locked
Lock-tight: to clear lock-tight, reset S3C2440!!!
The file only goes down to address 4,095 then the rest is blank
Is anyone able to tell me what this means or how I can progress with getting the image of the unit?
Thanks
Anyone able to help please?