Related
Hi,
First of all sorry for double posting.
I'd already posted in the universal forum, but then I figured this also concerns other modules
So here goes:
I'm trying to disassemble the Camera app with IDA, it wants to see some DLLs like note_prj.dll and mfcce300.dll, but when I try to copy them from my Universal I get an access denied error :/
Is there any other way to get these files ?
Thanks,
TB
TheBlasphemer said:
Hi,
First of all sorry for double posting.
I'd already posted in the universal forum, but then I figured this also concerns other modules
So here goes:
I'm trying to disassemble the Camera app with IDA, it wants to see some DLLs like note_prj.dll and mfcce300.dll, but when I try to copy them from my Universal I get an access denied error :/
Is there any other way to get these files ?
Thanks,
TB
Click to expand...
Click to collapse
They are XIP and that is why you cannot copy them - they are not normal files. There are several ways to dump such modules.
1. Use my TestWM5 tool (search forum). It would produce incorrectly dumped files with garbage at data sections, at the end of file and all sections merged to one, but IDA can understand such modules
2. Use rdmsflsh.pl by itsme. It would produce better files, but as far as I remember it is incompatible with universal ROM
3. Use my viewimgfs tool, but in this case you have to manually reconstruct a DLL from individually dumped sections.
Hello,
Please forgive me if i'm asking a dull question
I wish to import a module from another Rom
I tried to replace it with a file that reconstructed by Recmod.exe but it's not working....
Sadly I failed to find a tutorial about relocating modules
Got some pieces of info but very vague
What would be modified actually? S000? S001...imageinfo.bin? imageinfo.txt?
Address range of *.DLL are listed in dump_MemoryMap.txt
How about *.EXE ones?
(PS, Which tool can extract XIP partition other than RomMaster.exe?)
Any help will be welcome
Thanks in advance
Regards
No one can help?
I've been searching over and over but no luck
All that I know is about hex editor, xipport by Mr Bepe(if modify XIP), modify imageinfo.txt, imageinfo.bin(How to do this?)
Am I missing something?
Please kindly do me a favor
All I've found about it so far is:
(look for section "documents"): http://hpcmonex.net/izemize.htm
(about xip): http://www.pxdxa.com/read.php?tid=40125
Sources of mamaich's and bepe's tools (xda-developers)
Itsme tools and infos: http://www.xs4all.nl/~itsme/projects/xda/romtools.html
Pls give some feedback if it's worth to read.
Did you ever figure out how to do it?
I tried replacing a single module (folder) and it messed up my ROM (locks up on Today screen). I even tried G'Reloc after replacing the module and then the ROM wouldn't get past the boot screen. Information on how to replace modules is hard to find.
Hi!
There a lot of kitchens avaialable for ROM building. Now this one is to ease TouchFlo3D building.
This kitchen uses the knowledge and works of 6Fg8, D-MAN666, xboxmod, chainfire and many others who are involved in Manila hacking.
If you use this kitchen and/or any of the decompiled scripts then be so kind and share back the source code of your modified scripts too!
This kitchen (v1.5) has the following utilities included:
6Fg8's mode 9 editor (v3.3.0.1)
sztupy's mode9 converter (v1.0)
chainfire's CFC compressor (v0.46)
MKT: a tool for batch converting/compressing/compiling mode9,qtc,png,xml,lua files (v1.1)
LuaDec (2.0)
A work in progress lua and xml IDE
And various other tools
In the center of this kitchen stands MKT aka manila_kitchen_tool, which is like 'make' but for manila kitchen developement.
It has the following functionality:
split hased _manila files back to their original filenames
join a bunch of files in a directory back to their hashed form
mass decompile mode9 files back to xml and save their lua scripts
mass convert qtc files to/from png files
mass compile lua files
It works like 'make' in sense that only the modified files will be recompiled/recompressed so after the firts setup it might be ideal for manila development.
The output of the kitchen was tested with the Rhodium manila (WVGA version) on a HTC raphael device and it works, so this project is no longer a prototype, but is still considered beta stuff
Kitchen set up
I uploaded a complete Rhodium2 Manila kitchen in case you want to use that as a base (download both the kitchen and the rhodium files, then copy them to the same directory), but of course you can use any other manila pakcage you get across. To set up the kitchen copy the package into the 'pkg' directory then run:
Code:
mkt split
to split the hashed files back into their filenames. (For this conversion it uses the same table as m9editor uses.)
You will get a "bin" directory. This will hold all "compiled" stuff, so here you will find all the files that don't need more preprocessing, and can be hashed/installed to the device
Next you want to get some editable files out from the luac, mode9 and qtc files, so use:
Code:
mkt -x bin frommode9
To decompile mode9 files back to XML (it will also extract the scripts out of the package)
Next:
Code:
mkt -c d,qp fromqtc
or
mkt fromqtc
Will convert all qtc files to png files. (the first type will work on cfc compressed qtc files, the second will work on non cfc compressed files)
After this only the scripts are remaining. Unfortunately these can't be decompiled easily, so grap the decompilation of someone (like me ), and put these files into the "insrc" directory. After this run
Code:
mkt -d insrc -o src split
so all the hashed _manila files will be converted back to their original filenames to ease searching through them.
After this you're ready with your prepared kitchen. These things were already done with the Rhodium manila so you might use that package to start manila modding.
Compiling
You can use tomode9, compile and toqtc commands to compile these files back to their binary counterpart. Alternatively you can use:
Code:
mkt -c pq,c,p make
to run this three command after each other. It's like a Makefile, so it will only compile things that have changed. Of course you might want to 'make all':
Code:
mkt -a -c pq,c,p make
This will build all files from the "src" directory into the "bin" directory
Creating the package
After you're done you can use
Code:
mkt -o outdir join
to hash all files from the bin directory back to hashed form, and put it into the 'outdir' directory. Next add the binaries and you're ready to flash
Alternatively I included createpkg that will create a cab package from the OEM apckage found in the 'pkg' directory
Download and other stuff: http://winmo.sztupy.hu/manilakitchen.html
Sounds great! Downloading now. Thanks sztupy!
Yeah, good job sztupy, this will be a great addition.
nice...gotta buy a bigger house...so many kitchens
pcarvalho said:
nice...gotta buy a bigger house...so many kitchens :d
Click to expand...
Click to collapse
roflcopter
pcarvalho said:
nice...gotta buy a bigger house...so many kitchens
Click to expand...
Click to collapse
what you need is a microwave
sztupy said:
Missing functionality / bugs:
Embedded decompiled scripts can't be re-embedded into mode9 files automatically (this would need a command line mode9 editor
Click to expand...
Click to collapse
I can help you out with that. Not that it's already done but copying the relevant parts from m9editor together isnt the big deal.
6Fg8 said:
I can help you out with that. Not that it's already done but copying the relevant parts from m9editor together isnt the big deal.
Click to expand...
Click to collapse
I hoped so
unfortunately it's hard to tell a command line tool where to inject the scripts... An XML export/import function would be cool (export it to XML, without the binary scripts, then add the decomp'd scripts, and the importer would do its job esolving everything), but I know that won't be possible until you resolve the mode9 files completely...
sztupy said:
I hoped so
unfortunately it's hard to tell a command line tool where to inject the scripts... An XML export/import function would be cool (export it to XML, without the binary scripts, then add the decomp'd scripts, and the importer would do its job esolving everything), but I know that won't be possible until you resolve the mode9 files completely...
Click to expand...
Click to collapse
hm, didnt do much with xml, but i think i can figure that out. mode9 is almost done, there's only one bytegrave at the end of a mode9 file still unknown to me.
6Fg8 said:
hm, didnt do much with xml, but i think i can figure that out. mode9 is almost done, there's only one bytegrave at the end of a mode9 file still unknown to me.
Click to expand...
Click to collapse
your visualization of the m9 files look like xml, that's why I thought about that (but yaml could be a good serializator too). But this is just an idea, if you can tel me an easy way to tell a command line script where to inject a script that would be fine
And a command line CFC compressor is also needed
sztupy said:
your visualization of the m9 files look like xml, that's why I thought about that (but yaml could be a good serializator too). But this is just an idea, if you can tel me an easy way to tell a command line script where to inject a script that would be fine
And a command line CFC compressor is also needed
Click to expand...
Click to collapse
mode9 is basically binary XML, so i had no choice
The easiest way (at least for me) is byte positions just kidding ...
I'm on vacation next week, maybe i'll get struck by an ocean of light while skiing on one of the wonderful austrian mountains
CFC compressor .... I've that lying around somewhere here, shouldnt be a problem to adapt it.
an ambitious project... thank you
nice work great addition
Scripts update addon with the newest decompiled stuff.
Kitchen is now tested and considered BETA. Also added a great new tool: MKT to the kitchen. Read first post.
sztupy said:
Kitchen is now tested and considered BETA. Also added a great new tool: MKT to the kitchen. Read first post.
Click to expand...
Click to collapse
Just downloaded kitchen and getting ready to start playing. Just wondering, will this make a installable cab file for rhodium manila for touch pro? Of course with vga adapted files. I've noticed that previous attempts of making a cab for it have failed, but oem packages work when cooked in. I'm making a theme, which shouldn't require a full install, but would be nice to know.
showaco said:
Just downloaded kitchen and getting ready to start playing. Just wondering, will this make a installable cab file for rhodium manila for touch pro? Of course with vga adapted files. I've noticed that previous attempts of making a cab for it have failed, but oem packages work when cooked in. I'm making a theme, which shouldn't require a full install, but would be nice to know.
Click to expand...
Click to collapse
I tried to install it as a cab on NATF's ROM I'm using, and it worked flawlessly. It might break on a stock ROM though. The whole convert to cab thingy is alpha currently, but hopefully it will be solved.
sztupy, So how do you go about fixing the main function? I have the LUA file I've been working on done except for the main function and all the Q16.16 instances. But looking at the src.lua file, it appears chunks of the main are scattered throughout the file. Literally, I have code parts at the beginning of the file, in the middle and at the end of the file.
That's how the luadec output that you ran for me (because luadecguess was inaccurate) outputted the decompile.
So I'm stuck because I'm not sure how to proceed with fixing it. What do you do, just leave it where it's at and search for what it's referring to and fix it where you find it? Or do you cut/paste (move) it at the top of the src code in the order it's supposed to be in?
EDIT: never mind, left the code where it was and just searched out and fixed what it referenced. Other then the Q16.16 lines, everything is good.
Hi sztupy. Excellent work. Im poor and unemployed so although Id like to, I cant donate any cash at the moment. I like this project enough to offer body parts though, if any of yours fail
EDIT - bug report removed. was related to luaconv.exe. moving to another thread.
smotrs said:
sztupy, So how do you go about fixing the main function? I have the LUA file I've been working on done except for the main function and all the Q16.16 instances. But looking at the src.lua file, it appears chunks of the main are scattered throughout the file. Literally, I have code parts at the beginning of the file, in the middle and at the end of the file.
That's how the luadec output that you ran for me (because luadecguess was inaccurate) outputted the decompile.
So I'm stuck because I'm not sure how to proceed with fixing it. What do you do, just leave it where it's at and search for what it's referring to and fix it where you find it? Or do you cut/paste (move) it at the top of the src code in the order it's supposed to be in?
Click to expand...
Click to collapse
You can consider every function in the file as a value. It's just like a number or a string in this case, because in the main body you assign functions to some variables. So if you find something:
Code:
SomeStuff = function(foo)
lots of stuff
lots of stuff
lots of stuff
end
SomeOtherStuff = function(bar)
lots of stuff
lots of stuff
lots of stuff
end
Then in the main body this will translate to:
Code:
SomeStuff = funtion1
SomeOtherStuff = function2
And in the disassemlby to something like this:
Code:
R0 := Function(f1)
SomeStuff := R0
R0 := Function(f2)
SomeOtherStuff := R0
And of course the definitions of these functions will be put after the main body (just as with any other inlined function, the only exception is that compare/luadec and the other tools I made will handle these functions separately to ease decompiling). So if you have to fix the main body you have to only look at the part of the script which is not in a function...end body
I try to create a program which consists of
.asx files (to show online tv channels),
.lnk files (shorcuts to the .asx files) and
a .dll file which contains only some .ico files (icons of the tv channels).
I added all these files to a cab using WinCE Cab Manager and tried to install it on my ppc. So far so good. The problem occurred when the message “The program can not be installed. Choose another location” appeared during installation, just after the process bar was filled.
Although I have no idea about computer programming, I have created many cab’s with WinCE Cab Manager for skins I have created for several programs. Anyway, I realized that the problem occurred due to the .dll file, since this is the first time I add such a file in a .cab.
I created my .dll file using a .dll from another program which had only icons in it, as well. I deleted them using Restorator 2007 and I had an “empty” .dll sized 4KB. Then I added my icon files using XN Resource Editor.
I searched the Internet to see what might be the problem with the .dll and I found out that I have to “register” my .dll file. I really have no idea what this means but it needs to be done. I also found an option in WinCE Cab Manager for “self-registering” file, but it didn’t work either.
So, the question to you dev guys is how can I register my .dll file, or should I create it from the beginning with another way?
Please help! Thanks in advance!
sorry to repost but it seems that posts keep coming in this forum and this thread is already in the second page and I'm afraid that noone will see it and reply to it. By the way, is there any special sub-forum for such questions?
This may help. I use his instructions to edit existing DLL's
http://www.modaco.com/content/i9x0-...88904/lisbian-taskbars-for-i910/#entry1023568
It will unsign the dll which will probably fail on your custom dll but it should sign it when you are done editing.
NilsP
Many thanks for your suggestion but unfortunately it didn't work for me.
As you said, this is mainly for resigning already signed .dll files.
Any other help will be appreciated. I can attach it here if anypne is willing to help. Or just tell me the way. Thanks!
I deploy a few dll's with my app, without any problem. If the installer complains about the location, what did you specify where it should go?
There are 2 approaches to solve this problem:
1.) If you have a private key to match a certificate in the device's certificate store, sign the .dll and .cab with this private key and it will be installed with elevated privledges, and be successful. To facilitate this you can install the "SDK Certificates" - and sign with the matching private key (you should be able to find these on a search, term "SDKCerts" or similar)
2.) Look for an "Application Unlocker" or other security reduction tool, run it, and you should be able to install the cab. On this note, if you check here, it will give you a more technical overview of the security policies. You want to change 4101 / 0x1005 to "SECROLE_MANAGER" (8) - which tells the system to install it with elevated privledges. Also make sure 4102 / 0x1006 is set to 1 to allow unsigned applications.
6Fg8
I don't believe that is the location I specified that causes the problem because when I deleted the .dll file from the .cab, it was installed properly. How do you create your dll files? With programming or you just edit existing files? If I send you my .ico files, will you be able to create the .dll file for me?
Da_G
Thanks but both approaches seem very complicated for me!
So, will I need Visual Basic in order to do this or is there any easier way? Can anyone sign the dll for me?
angelos_cy said:
6Fg8
How do you create your dll files? With programming or you just edit existing files? If I send you my .ico files, will you be able to create the .dll file for me?
Click to expand...
Click to collapse
Yes with programming, C++ or .net. Never had any issue with signing. I can try to make a dll if you send me the icons (or post them here if they aren't too secret ).
6Fg8 said:
I can try to make a dll if you send me the icons (or post them here if they aren't too secret ).
Click to expand...
Click to collapse
I have sent them to you by pm. They are not secret at all but I will create a "program" (wannabe ) with that dll and I want that program to be a surprise for users of the forum where I'll post it. I may post it on xda too, but it's nothing important.
Many thanks!
angelos_cy said:
The problem occurred when the message “The program can not be installed. Choose another location” appeared during installation, just after the process bar was filled.
Click to expand...
Click to collapse
This happens because you've changed resources in signed file, which changed file checksum and invalidated it's signature, and Windows installer refuses to install file with invalid signature. But it won't refuse to install this file WITHOUT signature at all - so use unsigner (search for it on XDA) to remove signature completely; if you encounter error, try to remove signature from original (unmodified) file, and then change resources in it...
6Fg8
the_ozyrys
Thanks to both of you!
6Fg8 has created and signed the dll for me and it finally worked, but I also tried the_ozyrys' method and it also worked.
So thanks to baniaczek too, since he created the unsigner.exe.
Everything worked fine with the dll. Now the cab is installed properly.
However, I have another problem. Just after the installation of the cab on my ppc, it seems that the device freezes for about a minute. This is propably because my cab contains a lot of shortcuts (.lnk files) that go under Programs folder.
So, I would like to ask for another favour, if it's possible. As I said I intend to give this cab to others too. Since this delay can make them believe that my program has freezed their device, I would like to make the cab restart the device just after installation and after uninstallation as well. I think this is made with the "Setup.dll" which I don't know how to create.
If anyone knows how to do this and has the time for it, could you please create this setup.dll for me. If the cab is needed to do this, just tell me to send it to you.
Thanks in advance!
Anyone? Plzzzzzzz!
If you want to sign .dll or .exe u can use the apps posted in the two posts below
http://forum.xda-developers.com/showthread.php?t=432041
or
http://forum.xda-developers.com/showpost.php?p=3530246&postcount=18
raykisi
Thanks for your answer but 6Fg8 and the_ozyrys already helped me on that.
My question now is how to create a setup.dll in order to make my .cab to prompt the user to restart the device after installation and uninstallation. If anyone can do it for me, I can send you the .cab which I alreday created and you can add the setup.dll with those functions.
hey there,
i created an oem package which contains an dll file, one that exists also in the sys-folder as folder (contains imageinfo.bin and s000), when cooking with my kitchen buildos gives an error, something about that the expected file already exists as folder...
what can i do?
It's not a good idea to over-write a module; in fact, it's a bad idea, because it crashes most kitchens (buildos will crash every time).
1. Why are you trying to over-write a module with a file?
2. If you really want to do it, you need to remove the module from the sys directory. I'm not sure it's a good idea myself; you should at least convert the file to a module. If you don't know the difference between a file and a module, then you should search and find the answer. It's easy enough to do.
It would help a great deal when you start a topic if you give more information. What build are you using? What device? Most importantly, what module are you trying to replace?
Thanks Ted,
sorry for the small amount if informations. I'm using EXEcutor von pako777, it's kitchen tool for the omnia 2... almost, it dissambles the dump-file, then i can delete/add files and then it assembles it again... some kitchens i saw over here a really great, but the executor get the work done...
i found the informations, thanks for the hint i will now try reversmode.exe
right now i want to convert a taskbar.cab to an oem package and so i need to replace shellres.192.dll and some other files
I think that kheb 1.1 (search, it's easy to find) is the best way to make a package for your cab. Just run a snapshot, install the cab, then run another snapshot (+difference). Select the 'make an oem' function. It doesn't make a working oem, but it will dump the reg keys that you need, and collect all the files (I assume they'll all go to windows). It sounds like you're building the rom straight from a dump, and not with full packages? Then you'll need to just swap the new files in for any old ones (as well as add new ones), and figure out how to add the registry keys, if there are any. I guess you can use ceregeditor or something similar to import the keys into the default.hv. Convert files to modules, if that's how the dll's appear in the dump.
You have to be a little careful with an app like kheb (or sk tracker): it may dump out some extraneous files or reg keys, as changes occur all the time to a device's registry and file system. Make sure you separate the wheat from the chaff. It's best not to soft reset after the cab install, if you're prompted to do so. That creates a butt-load of random new reg values that are irrelevant. If any certificates are installed by the cab, you can probably ignore them.
Thanks again, but i used the package creator from ervius to convert the cab, converted the rgu to an provxml and the dll-files with reversmode and everything worked fine
but i will take a look onto kheb, sound promising when converting a cab with setup.dll