Related
Any brave soul try using mkrom in conjucntion with the 2003 ROM? I think I might give it a shot here in a bit but wanted to know if anybody had tried it yet...
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
sheran_g,
i didn't know u could use mkrom with 2003 rom image. can u please post how u did it? i created a special version based on SE 1.1 rom but would like to put the same programs into the new rom. any help is appreciated.
thanks
alex
sheran_g said:
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
Click to expand...
Click to collapse
What's tricky about it...?
The modified registry file you make does not get picked up at the device startup. You need to manually inject the memory address of the modified registry file into the ROM in order for it to get picked up.
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
sheran_g,
can u post the steps that u take to buid it? i'm trying right now and its not working. i'm having little problems. can u post ur default.reg and initobj.txt? any other help is apreciated.
thanks
alex
Ok. Here they are in a nutshell:
Get the latest romtools.
Make the following dirs: romfiles, cfg, tmp, out, files, files1, files2
Split the ROM into Bootloader, bootimage, OS image, xipchain into the 'cfg' dir.
Dump the files in the OS image into a 'romfiles' dir.
Get the default registry file, initobj & initdb files into your 'cfg' dir.
Make changes to your default.reg and initobj.txt
Place any files you want loaded in the ROM into the 'files' dir.
Run 'mkrom.sh'
You should then have your new ROM. I'm sorry if it's extremely brief; you'll have to make do with this and the README file in the romtools archive file for now. You'll find my default.reg and initobj.txt files on my site: www.zensay.com/qtek/mkrom
sheran_g,
Have you created a decent working custom WM2003 ROM?
If so what Apps have you added?
How much ROM space does it use?
I've not added any apps to my ROM. I have only added a carrier logo file and made some changes to the registry. So I cannot comment on ROM space yet. The ROM works fine.
sheran_g,
what command did u use to extract rom files? did u do it under windows or unix?
I'm having problems trying to dump the rom image. I don't know if its too much to ask, but can u zip ur directory and post it somewhere so i can download it? or if u can post commands that u ran to dump the 2003 rom?
thanks
alex
Hi,
could you include "O2 home zune" to the 2003 image, like in the 2002 3.19 GER. Its for Germany interested only!
AR :?:
home zone depends on specific 3.19 rilgsm features. which are not in 4.*
okay, used dumprom -4 -d files -q nk.nbf and extracted all files. Got could not find pointer for ofs 00000000 ERROR but all the files seem to be there. Trying to figure this out. Saw the above abreviated directions but am fumbling around. Anyone have concise directions?
Val
Anyone? Just give me a good hint then please.
Hi all!
When i overwrite the rilgsm.dll file in the t-mobile 4.0.10 image with the rilgsm.dll from the O2 GER 3.19 image, i could use the "O2 home zone" option with the hz.exe in Starup directory? rilgsm.dll from german image hes 'at+creg=2' string in it. probably the RIL_GetCellTowerInfo call is now implemented. When it can work, how could i write the german rilgsm.dll to the image? I haven't linux, could somebody cook the image for me?
here is the germen rilgsm.dll and the hz.exe for the "home zone" funktion! http://www.nokiaprog.de/XDA/home_zone.zip
THX
PS: Sorry, my english! ;-)
AR
the homezone enabled rilgsm.dll depends on other dll's and exe's.
probably ril.dll, stk.exe, cell*.dll and maybe more, I have not tried
replacing all.
you don't need to build a new rom in order to experiment with this, you
can just copy the desired files to \windows, to override the rom versions.
And I don't think it works with the RIL_GetCellTowerInfo call,
but adds some notification events.
to change the CREG setting you need to call RIL_DevSpecific with parameter 25 ( to turn it on ) or 26 ( to turn it off )
even though that does not seem to be how hz.exe does it.
Hi,
I opened the image file in the Hex editor and renamed the file there rilgsm.dll. Then I flashed the image, which was phone probably deactivated, because rilgsm.dll was missing. Then I copied over ActiveSync the German rilgsm.dll into the Windows directory, XDA reset and he not accept the file. I assume because the file was not in the EPROM memory! Therefore I wanted to have rilgsm.dll first times in the image!
AR
XDA developer Itsme said:
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
Click to expand...
Click to collapse
Is there any other way i can access this site or I can download this files, the sites are block here in my country, Please Help
Ronnie
Can anybody please help me to build a rom? specially to the XDA-developers, thanks in a million...in advance.
My question is:
1. Do i need a base rom(no program included) on the cfg/(rom.nb1)? is it necessary ?
2. what is the maximum files i can put in the files/ directory? that will be splited by mkrom, i know it is depending on the version since 3.17 the maximum for all files is 5 M. how about other version. 4.01,4.05, 4.10 and 4.16
3. when i run the bash setup.sh nk.nb1(4.05), using parameter for 4.05 i get a message "!!! your rom is not known to me: md5:fb9e70c5786f08e4db6db7c184c59704" is this normal or it is not define on the splitrom.pl ?
4. what kind of editor did you use for building a BMP file with 16 bit, I tried to use adobe photoshop 6.0, but i can not seem to save it as 151 k, the option is only 24 bit and 8 bit, if you can give me a site where i can download it , i will really apreciate it.
Thanks for the Help..
More power to the XDA team
and
Welcome TMO 4.16!!! (which i think no diff with 4.10)
1. yes you do need some kind of rom to start with
2. you can check using
Code:
perl splitrom.pl yourrom.nb1 -ob <your bmp offset> | perl calcgaps.pl 0x3ffff
and add the sizes of the holes.
you have to figure out where the bootsplash is for your rom. ( for new roms this is most likely 0x81ec0000 )
3) there is a list of 27 roms I know about in splitrom, if I never saw your rom, the signature will also not be there.
btw, what rom do you have?
4) I think we used photoshop for that. ( Peter Poelman knows more about that )
thanks for the reply XDA developer Itsme,
but how can i build a baserom with the rom i have, I have a ROM 4.05 which i created in jeff's kitchen? or any site where i can download the base rom 4.05?
I have a ROM 4.05, 4.10 which i get from jeff's kitchen and also the original 4.10 TMO. regarding the signature of the ROM, i read your splitrom.pl and i found out you 27 list of roms, but i didn't find that signature "md5:fb9e70c5786f08e4db6db7c184c59704" is it because my ROM is not base ROM?
my param is ;
wincever=4
start1=21740000
size1=0040000
start2=003c0000
startbmp=81ec0000
startop=81b00000
I'll still try to use the photoshop, maybe i miss something there.
Please correct me if i done something wrong with my commands.
I have Perl 5.8 and cygwin, installed in windows 2003
then make the path for perl/bin and cygwin/bin
then i copy all the things i need to build a rom in one directory including nk.nbf(with jeff's 4.05) and mkrom tools(which i got from the demokitchen)
i run "perl setup.sh nk.nbf" to extract the bootimage.bmp and rom.nb1 to cfg/ directory
then i dump "dumprom -4 -d files -q nk.nbf" to extract all files in files directory
then i convert "perl fdf2reg.pl files/default.fdf cfg/default.reg"
"tr -d "\0" <files/initobj.dat >cfg/initobj.txt"
"cp files/initdb.ini cfg/initdb.ini"
then in files/ directory i delete all the windows files i leave only the program with the dll i wanted to add in the rom like total commander, file commander.. etc...
(I compare it with the original files of WM2003)
then i run "bash mkrom.sh out/out.nbf"
but i got an OVERLAP message on the screen
and also the same message like i told you before "Your rom is not know to me"
Please Help me with this because i want to build my own rom according to the program i need.. and many thanks.
split rom does not recognize romkitchen roms, since they vary too much.
you should use an original rom, not one from the romkitchen.
the overlap means that somehow the params file was not correct.
or maybe you just tried to add too much files.
XDA developer Itsme said:
split rom does not recognize romkitchen roms, since they vary too much.
you should use an original rom, not one from the romkitchen.
the overlap means that somehow the params file was not correct.
or maybe you just tried to add too much files.
Click to expand...
Click to collapse
Thanks Itsme, thats why splti rrom can not recognize the ROM I have, I'll try to search for the base ROM in the forum, or can you give me a site where i can download the baseROM, I think that's why I am having a OVERLAP because there is a added program on my ROM, XDA-Developers File1 and File2 is duplicated.
It answer my question regarding the ROM i have, thanks a lot man you really a good help.
Now my only problem is to find all the base rom so i can start cooking some ROM.
hi all, i have a .nb0 file which extracted from a wm5 ppc phone ( cant remember the model), and i need some help here to view this nb0 and extract some cab file from there.
This .nb0 consist a lot useful softwares, for example, soundcover (background sound during conversation), answering machine, conversation recorder and it works flawlessly on wm5 ppc phone.
Any expert??? please help.
**ok, I found the phone model, its GIGA, this is the nb0 file, latest update from thier website http://www.higiga.com/HigigaFrontStage/event/download/update/V1.12.80.zip
Hi,
Congratulations on extracting an .nb0 file. There are many methods to do so, depending on the device. Out of curiosity, which method did you use? Assuming that you correctly extracted the .nbo file of the CE image, you can treat it the same as an .nb or .bin file. use "viewimgfs *.nb0". the * of course meaning the name of your nb0 file like MSFLSH50_2.nb0, or what ever. This will give you all the files and what not. You can then use the DSMtool by bepe. This will organize all the files into packages. Then you can use cabwiz or some other program to create a cab installer. Good posts to follow are mamiach, bepe, buzzlightyear, and others, if you didn't already know. The dsmtool is found in bepe's WM5 kitchen. the viewimgfs and other imgfs tools were created by mamiach.
Regards,
Jason
thanks for your reply, i will try to use the tools to see whether i can extract anything out of it...thanks again.
I think i have successfully dump the rom to a dump folder, but i cannot see anything but only some dll files, what else i need to do??? do i need to use some tools to convert all these dll files to view the rom content?? please advise, thanks.
Hi all.
I started using MSDevice emulator v1.0 to check some programs before I put them on my QTEK.
Atm,I'm trying to install the OS from Faria rom to the device emulator.
The emulator uses images *.nb0 and I'm having *.nbf rom
The tool on the FTP site (nb2nbf) does the exact opposite thing from what I want .
Can someone tell me how I can extract the nb file from eg Farias rom? {edit -found correct programs -check below}
Will farias hacks & customizations work ?
Is the device emulator a reliable program to test applications?
Also, I found somewhere in the internet some skins/localisations for the qtek for using in the dev emul but I can't remember where. I'd appreciate if someone could post a link.
Thanks
Note to moderators :I wouldn't like to add these kind of questions on the Windows mobile specific topic because I'm interested more in reliable wizard emulation. If you think I posted in the wrong place you can move it somewhere more appropriate . Thanks again
There are related links to this topic related links.
Beta: WM5 ROM editing tool
http://forum.xda-developers.com/showthread.php?t=249836&highlight=imgfs
extracting nk.nbf :
http://forum.xda-developers.com/viewtopic.php?t=33321
HI jtrash, did you find out the solution to run Wizard Rom in the device emulator?
Can anyone suggest tools/utilities that would allow me to disassemble a WM 6.5 dll to reveal it's methods and parameters? In .net desktop world I can use tools like Reflector to do this, but I seem to be having difficulty doing this on WM apps.
Unregister dll - EDiT - Register dll
Here two threads discussing Developer tools & Kitchen Utilities for (ROM) Chef's;
Kitchen Utensils
60 Universal Tutorials for Customizing any Device and Cooking
Have fun, develop something nice for free and please do it here on xda-developers
There are a lot of ifs and buts to this but here goes:
If the dll was created as a .NET app, then reflector should be able to list the code within it, as it will contain the MSIL code within it. If it has been run through an obfuscator when it was built, this can mangle some of the internals and give Reflector a bit of a hard time.
Otherwise it will be a Win32/MFC/ATL object containing ARM object code. A DLL file is the same format as an exe file i.e. Microsoft's PE (Portable Executable) format. Microsoft's DUMPBIN, part of Visual Studio, (run it from the VS Command Prompt), is able to dump out the EXPORT table which lists the public functions visible in it.
There is a freeware ARM dissassembler , CHARMED, which can run on your device which can display the ARM assembly code, but to make any sense out of it, you will require a pretty good knowledge of the ARM instruction set and basic knowledge of how compilers work. If you don't know what a stack frame is, you'll struggle.
Providing a link to chARMed and C/P from that page
stephj said:
There is a freeware ARM dissassembler , CHARMED, which can run on your device which can display the ARM assembly code, but to make any sense out of it, you will require a pretty good knowledge of the ARM instruction set and basic knowledge of how compilers work. If you don't know what a stack frame is, you'll struggle.
Click to expand...
Click to collapse
Here is the link for this nice freeware ARM dissassembler;
http://sites.google.com/site/naphos/software
Requirements: Windows 98,Me,2000,XP Size: 246kb Description: ABOUT ChARMeD:
ChARMeD is a Windows Mobile / Pocket PC / Win CE (for ARM CPUs) Disassembler and Assembler
The name ChARMeD stands for:
Carolo's Hexadecimal ARM Editor and Disassembler
FEATURES:
· Disassemble a Windows CE Executable for ARM CPUs.
· Assemble instructions in ARM Assembler.
· Upload modified file to Windows CE Device.
· View MZ and PE Headers of executable.
· View Import Table of executable.
ASSEMBLER:
· Added NOP instruction 0x90909090, which is not part of the ARM instruction set, but nevertheless works because it is an undefined instruction.
· Supports all no operand instructions, Branches (Jumps) and instructions with two registers as operands.
DISASSEMBLER:
· Recognises 0x90909090 as NOP (see ASSEMBLER above)
· Supports all no operand instructions, Branches (Jumps) and double operand instructions.
ARM Classic Processors
ARM Infocenter
I think IDA is standard for this kinda reversing. If you can find a location where the DLL is called from in another app, you should be able to quickly identify at least the number and format of the parameters. Obviously you can also refer to the import/export tables for this.
V
Awsome bits of info to get me started ... thanks!!
Is a DLL signed?
And if it is, how does one know it? I use a tool from sysinternals called Sigcheck
Sigcheck
Verify that images are digitally signed and dump version information with this simple command-line utility.
One way to use the tool is to check for unsigned files in your \Windows\System32 directories with this command:
Code:
sigcheck -u -e c:\windows\system32
Though there are way more options than the example above.
As all reverse engineers/hackers or cooks you too should investigate the purpose of any files that are not signed.
Besides some nice sysinternals standard utilities, there's also;
SystemInternals_Suite
For obvious reasons I'm using not a direct link to the Suite. Therefore you need to click on it (on the left) yourself. There's a load of useful utilities there waiting to be downloaded by (would be) developers, power users and system / network administrators (are we not all).
If it is signed with a signature; you need to unsign it before editing it!
It's dead easy.
1) Copy your DLL from your phone to your PC. You may need to use ROMExtractor to do this if you have problems.
2) Unsign it using Unsigner. To do this download Unsigner and the Unsigner batch file here. Copy Unsigner, the Batch file and the dll from the phone to one directory and run the .bat file. It should tell you that the certificate has been removed.
3) Download Reshack
4) Open the dll from the phone using Reshack or the better not free PE Explorer
5) Do your editing.
6) Click Compile String at the top and then save the file.
7) Download Ssigner. Launch it and use Select File to select the DLL file you've just modified. Click Start Sign Process! When it's done check the text file that's created to make sure it signed properly.
8) Copy the file back to the Windows directory on the device using for PPC/handheld/CE free Total Commander. If necessary Reboot.
Kitchen Utils Reviewed gives links to programs a developer / cook needs!
Have fun edtinig, vewinig ,bwroisng, assilimating, copamirng and itengaritng your files,
o/~