Hi all,
I have a little bit of a predicament with my old 6700. I was restoring the phones file structure when my computer lost power and somehow the nvm_security file on the phone was written with junk/null chars. I am attempting to use cdmaworkshop to send a low level command to the phone to force the SPC(40 XX XX XX XX XX XX), but I can't figure out which position in the file is used for SPC. I'm looking at the junk file with a hex editor trying to determine which bytes are the spc but I cannot seem to figure it out.
Could someone post their nvm_security or if someone else has experienced this, give any advice on how to repair the SPC?
Many thanks!
-Elerian
Related
Each time I unlock a phone, I use their execute progam, put the phone in USB mode, and unlock it, I receive a a file with a "UIF" extension. I then upload this file and recieve an unlock code. Now I have 5 of these files, all with their respective IMEI and Unlock codes. Does anyone know how we can read these .UIF file to unlock these phones ..FOR FREEE!!!. (we wouldn't have to send them up to have them read?
Appareantly, according to Google, .uif is some sort of 'longform for WordPerfect' format. Any ideas?
We are almost there...
i have 3 files and there codes, if anyone can help ....
John
i have tried reading it with note pad but with no result . i also tried reading it with word for windows but the system is just giving me garbage.
please help. doe anyone have any ideas
You can open these files probably in Coral WP.
A free trial is available at:
http://www.corel.com/servlet/Satellite?pagename=Corel3/Downloads/Trials
I tried that ....
just about the first thing i did. couldn't get didly with it. Still, someone else could try. I also tried a hexedecimal viewer, out of desparation.....
It seems like some kind of "program" so I would suggest to decompile the file using some kind of decompiler, But I don't know in which language it's written so you should find that out first I guess.
hello
coul you please upload that files somewhere ??? i wanna analyse them
Hi
I have a few question
--is it possible that i replace my application with the default dial applciation when the start call key is pressed . i read the post that by replacing /windows/cprog.exe this can be achieved temporarily. i want it for permanent.
--secondly is it possible to stop any default voice call when number is pressed on touch screen or through dialer application..........by intercepting the internal message mechanism .
--How XDA2s make a voice call ....is it through tapi ...i m talking about the normal phone calls ....if its tapi i will b help ful if a detail is provieded whether a seperate TSP is required for that ?
Thanks in advance ...any help will b highly appreciated .....
Regards,
Tabish
Replace cprog.exe with custom phone app
Hi hsibat,
I have almost the same problem. I want to replace the original phone application with my custom phone app. In this custom app I want to control which phone numbers are allowed to dial, and which numbers to accept a phone call from.
My results untill now are:
- My app works well when it runs besides the originale cprog.exe, using tapi calls like lineInitialize ... tapiRequestMakeCall etc.
- When I overwrite \Windows\cprog.exe with my app (now also named cprog.exe) I cannot dial or receive calls anymore. Building up a line and selecting a provider in the end results in "No service" in the connection dialog. Despite the fact that i'm seeing when debugging that the registration with my provider results in the correct provider (lineRegister) "NL KPN".
Obvisouly cprog has some more coding in it to setup a good connection.
- After this I tried to analyze the disassembled cprog.exe, but I didn't succeed until now to reveil which extra coded I needed in my app. Reading and interpreting the disassembled code is not easy for me, because I'm not experienced in assembly.
The disassembling I did in the following way:
1. Extract the pda os into a rom file using the OSImage tool (which you can download from http://cuba.calyx.nl/~jsummers/XDA/XDAtools-Jeff.exe).
2. Extracted all files from the romfile on my pc with the tool dumprom from itsme (which you can download from http://www.xs4all.nl/~itsme/projects/xda/dumprom.html).
3. Disassembled cprog.exe with IDA Pro 4.17.
- Now I'm trying to get my app working by replacing the original cprog.exe with my app and renaming the original cprog.exe and store the file somewhere outside /Windows, and starting the renamed cprog.exe from within my app. This Worked!!!! BUT my purpose to block "screened" outgoing calls can be bypassed. When an incoming call is missed you still are able to view missed calls (icon in the taskbar), and if you selected a missed call the original cprog phone app is started (dispite the renaming). And you are free to make any call.
So I'm searching for a solution for this "leak". A solution could be by intercepting ALL outgoing call by receiving a message in my customized app. But like you I didn't figure out how to do this, yet. Or an even better solution would be to get the missing coding I need to be able to exclude the original cprog.exe completly.
You problem to make your overwritte of the cprog permanent can be solved I thing by making your own rom file with your own cprog.exe included and upload that to your pda. Using the tool makerom.
I hope you can extract some tips from my quest, and I hope someone has some tips for me.
greetings
Re: Replace cprog.exe with custom phone app
i'd recommend you to use completely different method. As you know OS communicates with GSM device through a COM-port. It sends normal AT-commands. You can hook the COM-port, parse ATDxxx and modem's responces and hide unneeded commands.
Replace cprog.exe with custom phone app
Thanks Mamaich (famous celebrity in France),
I think your solution is neater, do you perhaps also have an example of how this should be done ? I searched the whole bb, but couldn't find more then cproghook. Learning by example works perfect for me.
Compliments for this great app by the way. I wonder how you come to these kind of ideas of hooking ?
tai
Re: Replace cprog.exe with custom phone app
http://mamaich.kasone.com/rover/IrCOMM.rar
archive contains a wrapper driver around one of COM-ports. It has no comments and was written to a different device.
Hooking COM
Thanks again Mamaich,
I'll start trying to make this work for my purposes. As soon as I have some results I 'll update my findings to the BB.
Greetings
Replacing the default Dialer App by hook or by Crook ..HELP!
Thanks a lot guys for so much suggestions.
What i m doing is trying a different options now mostly based on your suggestions....listed follows
-- I downloaded the WINCE source code provided by Microsoft under shared source code .Under there faq they said them selves that the source given is very different what runs on a pocket pc ..contains custom applications as well ....secondly i ddidnt find any thing related to GSM in the code but did find about Tapi which is used by a number of applications . i didnt find any thing like cprog.exe as well.....i m stuck what should i do ...i m unable to find even the dial button event handler ........i dont know how to put the dialing application do i need to build a custom one and if so ..how can it b possible to call it when the dial button is pressed ....
-- it might be an idea that intercepting the com port might help...but when there is nothing insied the availabe source code abt the GSM ....what i want to ask is is that are u talking about some external GSM device connected to com port .....if that so how the pocket pc makes the call
sorry if the questions are too childish but i m very new to this ..
Any help will be highly appreciated ..
Regards,
Tabish
Re: Replacing the default Dialer App by hook or by Crook ..H
hsibat said:
-- it might be an idea that intercepting the com port might help...but when there is nothing insied the availabe source code abt the GSM ....what i want to ask is is that are u talking about some external GSM device connected to com port .....if that so how the pocket pc makes the call
Click to expand...
Click to collapse
The code provided by MS does not have the code for RIL and other stuff.
Our devices contain 2 parts - a GSM modem and a Windows part that works with it via TAPI and RIL interfaces. They internally use COM2 to communicate with modem device (also COM9 is used during data session, but this can be ignored in your case). You can intercept all commands going through COM2 and filter out unnecessary ones.
MS shared source code would provide a little help. Most info can be obtained by decompiling DLLs/EXEs with IDA (www.datarescue.com).
Intercepting the COM2 port for GSM
Thanks for the reply,
i m into writing an application that will intercept the commands destined for COM2 as its a gsm port right ....i hope this will work for me .
Is there are good starting article for writing hooks for COM ports and is there any detail available for WinCE what port is for what purpose ?or u can say WinCE internals .
Any extra advice or information will also be highly appreciated in this regard.
Regards
Tabish
Re: Intercepting the COM2 port for GSM
i don't know such articles
Hi
Now i m trying to get into details and trying to write a GSM port interceptor .
A few problems that i have that ....i wanna create a seperate rom iamage i mean my little application will be a part of OS . but unfortunately i dont have the RIL module code in the shared source code ...there is no TSP ( not remember the exact name )avaialble that Tapi uses to make the call.
Secondly if i dont make it a part of OS then will it b possible to make it background process that will run every time OS starts and will not disappear even after a hard reset.
I will be needing guidance to achieve this .....
ideas matters alot .....
Thanks in advance ..
Tabish
to add files to ROM you can use itsme's romtools, or you can make a CAB and place it to extended ROM so that it would be installed after each hardreset
Oks ...
making the cab file is the second part ....
firstly i tried to extract the rilgsm.dll and ril.dll from my device , i was succedded in getting rilgsm.dll but was unable to get ril.dll....infact i wanted to have a look at the functions provided there ....
i m not sure where to start from .....i check the forum ther i found a very complex solution for hooking the dll in this link
http://forum.xda-developers.com/viewtopic.php?t=19558
and i will have to hook the dll in ordert to intercept what even command goes to the port .....
Correct Me if my direction is wrong ....
Regards
Tabish
I have followed many posts on how to establish data call and am still having problems.
1) When collecting data from TAPI shall i createfile through COM 1 ? because when i try to, i get an error message. Maybe shall i get rid of CProg.exe ? However in my program i'm only requesting a connection to recieve data from a remote module.
2) When connecting through COM 2 with AT Commands i get normal AT responses. However with my ATD i have more difficulties. I dial ATD"0123456789"; and i get an OK then NO CARRIER response. Anyone got an idea ?
thanks for your helps.
PLS some boday help!
to edit dll / mui / exe in Universal latest ROM, such like V1.30,
they have the \000 at the end of each Strings Tables` sentence line.
also instmsgrresources.dll in old version ROM has that.
But once i edited or transrate those strings table, \000 were missed and couldnt inject this again into Strings Tables.
Used Resource Hacker.exe---PE Explore,,VS2005. all of them were same,
couldnt.
Do anyboday have a solituions?
exaples from Insantmessage dll
----------------------------------------------------------------------------------
STRINGTABLE
BEGIN
65 "%s may not reply because his or her status is set to Away.\000"
67 "%s can't reply because he or she is not in your Allow List.\000"
68 "Your block of %s is not in effect for this conversation.\000"
70 "%s may not reply because his or her status is set to On The Phone.\000"
71 "%s may not reply because his or her status is set to Be Right Back.\000"
72 "%s may not reply because his or her status is set to Away.\000"
73 "%s may not reply because his or her status is set to Out To Lunch.\000"
Hello Asukal!
I noticed those too, but I usually use Platform Builder or one of the IDEs (Visual Studio or eVC) to edit the resources.
There the \000 are not shown for every string (at least not in coredll.dll and such) but they are preserved where present. Also I try to avoid deleting them in the first place, just type the translation in.
Worked fine so far.
I am still wondering why there are 3 zeros. In C\C++ string end is symbolized by the zero value character '\0', but why the extra '00'.
Any way, try a different resource editor, and good luck.
Hope this helps.
thanks for your replay.
On PE Explore<resource hunter also> discribed \0x00
VS5 discribed \000.
different something.
some of dll didnt have it.
but new dll i need edit has it
Any way,i will keep on trying to use another tool. but i already used out what i know.
Serching again!
My suggestion is evaluation version of Platform Builder 5. It is free, but takes a long time to download (about 2.5 gigs for minimum installation).
But I know for a fact that it will produce usable MUIs after you edit the resources.
The 0x00 and 000 are the same thing, I am pretty sure they are just two different representations of the 0 character PE explorer choosing to display the values in hex. the 0x is just for esthetics.
Also see if the resulting MUIs work, even if you can't see the \000. It is possible that the character is still there and the editor just won't display it because it 'realized' it means 'end of string'.
thanks again
i have Plat form Builder also.
But ..
you mean Build OS with wrokable MUI with PB, then use those MUI to WM5 device?
or i can edit dll with PBuilder?
thanks again
Just like you can open a DLL with Visual studio to see resources, same can be done with Platform builder, no need to build an image.
Just drag and drop.
thanks again, ya tried it.
1;edit with PB and did not lost \000 as you said.
but another problems
2;edeted dll <to mui> can not be signed.
3;Japanese Chalactors were not discrbed correctly on device.
but open it again with PB, it was correctly discribed.....
so i addapted those String Tables to another living empty dll,
then i can sign....
but the chlactor problems were not solved yet!
i will try to edit chinese mui to japanese.
it also 2 bytes chalactor,.....
You may need to replace wince.nls and add a code page to it. I don't know what code pages are needed for Japanese or Chinese, but try this:
Create a new platform for pocket PC with PB and make sure to add Japanese and all possible code pages to the platform.
(sorry, I don't remember where exactly that menu is but it's there somewhere).
Do 'sysgen' on the project. Then search the project directory and all sub-directories. You will fined a proper wince.nls.
I think you will need 'usemynls.exe' you once told me about, to swhitch the original nls with this one.
Hope that helps.
thanks. but i meant it is not problem of OS code page.
i already made wince.nls and injected into ROM,
and worked fine. also all of dll and exe had changed japanese and wroked well.
@Asian Languages Supported QTEK 1.30 ROM with A2DP+Push Mail
http://forum.xda-developers.com/viewtopic.php?t=46644&highlight=
@80% T-chinese i-mate 13 ROM
http://forum.xda-developers.com/viewtopic.php?t=43606&highlight=
@Way to make your Language OS for Universla
http://forum.xda-developers.com/viewtopic.php?t=48093&highlight=
Only dll for MSN messenger was not finished.
also i want to use latest shellress.dll and tshres.dll on my localized one.
those two have some defferent resource with previouse versions.
<but with old resources, lates one also work exept Password Function>
just i meant was chalactors were broken if i transrate with PB.
i guess it should be the English word to say it. but i can know how to say.
seems to be some non-word chalactores.
But if Open with PB again, it can read JP.
i guess Chalactor code of PB is not correct for our Language??
<our language means not Alphabet chalactores>
i am using PB Japanese interface version.
now i got solution!
1;change Country ID from Engllish and Japanese for all resources in target dll which i want to transrate.
2:then open with PB and edit to japanese.
3;save it as mui
4;addapt all resources i need to living empty dll
5;then make it signature.
finaly japanese are correctry discibed without missing \000 !
now i am procceeding to transrate Instant messenger dll!!
i dont know why japanese Instant messenger was not existing!
on SDK, Chinese, Korean and the other languages' instant messenger were eixinsing, but only Japanese OS and SDK also doesnt have it!!
wandering that! but any way, i will finis it!
Thanks a lot! :wink:
31/8/2008
Two years after, I found this thread reaaaaallllyy USEFUL.
Thanks masters!
LEO
hello
i have seen or read many article on how to change spc to 000000. i needed to download and tweak my phone but without changing my imei. it's as good as nothing.
Please which better way to edit my existing SPC number to 000000. i use MSL utility to know my SPC. but i am having problem changing it.
i also made use of CDMA but i was hanged on the Password (16 digit ) where my sprint number said ( check image below )
so how will i achieve this?
thanks
http://forum.xda-developers.com/showthread.php?t=2270191 should be what you are looking for...
Hi,
I'm using L29C636 in U.S (B161), and received this "invalid recipient" error. After some digging, I found out it was caused by phone number formatting issue ( if I remove all non number characters and add country code at front, it then works fine), and we can modify an entry in feature.xml file to fix this. Typically the file should be located in /system/csc/, but I don't see this folder... Anyone has an idea where it could be?
Thanks!
yaoye said:
Hi,
I'm using L29C636 in U.S (B161), and received this "invalid recipient" error. After some digging, I found out it was caused by phone number formatting issue ( if I remove all non number characters and add country code at front, it then works fine), and we can modify an entry in feature.xml file to fix this. Typically the file should be located in /system/csc/, but I don't see this folder... Anyone has an idea where it could be?
Thanks!
Click to expand...
Click to collapse
I have a VKY-L29C636B124 in Canada. I have had a similar issue. When I send a text message to someone for the first time, going through the contact manager I will always get an "invalid recipient" error, I go back to the contact manager and try again and THEN my message will go through.
I think the my phone wants me to put a 1 in front of every phone number and treat them as if they were all long distance calls.