Database Info

How to extract this rom? (Gigabyte S1205)

What tools can be used to decompress/extract the contents of that ROM correctly?
http://www.gigabytecm.com/Russia/Download.aspx?id=91
The device is Gigabyte GSmart S1205.
Any help is appreciated.

im interested too. the osnbtool seems to recognize the four sections however, it crashes.
OS ROM Partition Tool V1.59 By Weisun :> PDAclan.com
Sector size : 0x00000800
Extra data bytes : 0x00000008
OS IMAGE found.
Partitions infomation:
**************************************
Part-0 type: BOOT SECTION image
Part-1 type: XIP RAM Image
Part-2 type: IMGFS file system
Part-3 type: legit DOS partition
**************************************
flash.bin.PRE written.
-------------------------------------------------
Sector counters (extra-data) found in source file.
Partition 0 true offset:00003EAC true size:001FA173 Len:000007BE
Partition 1 true offset:00000000 true size:0000C478 Len:00000440
Partition 2 true offset:00000000 true size:00000000 Len:0000CAC0
Partition 3 true offset:00000000 true size:00000000 Len:00011440
Click to expand...
Click to collapse
*** the osnbtool stopped here. and windows caught an exception ****
i also tried to prepare_imgfs the flash.bin (with the ff params or combinations of each: -nosplit -acer -mpx200), the operation seems to have succeed everytime as there are no error messages.
However running viewimgf throws an exception (invalid header) and stops.
any help would be greatly appreciated.

flash.bin is signed?
i found this document
the requirement said something about signing the flash.bin? are all bin files signed before flashing to device?
curious, if this only applies to s1205, then is this the reason why osnbtool or other tools cannot dump the ROM?
any help is greatly appreciated.

Rom extraction - only from spec cable:
1. Pinout special contacts under accu:
From left to right: 1- Gnd, 2- Tx, 3-Rx, next symmetric 4 - Rx, 5 - Tx, 6 - Gnd
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Connect s1205 with Serial->USB to comp.
2. Flasher:
h..p://4pda.ru/forum/dl/post/1011438/SP_Flash_Tool_v1.1110.00_new_mcp.7z
3. run flasher
2. go to tab "Read back"
3. remove all task button "remove"
4. press button "Add"
5. 2 Click on stroke - select where save dump, press "save", in textbox "Length" - write 0х10000000
6. On tab "baudrate" select speed (std 115200 b/s, can 460?)
7. See in comp manag number of com port of cable and write this number in number port in flasher.
8. Press "Read back" and get rom(1) file without ext.
Do not start memory test in flasher!!! it's destroy you s1205.
If anybody need full dump - h...p://www.multiupload.com/ZBKA138KIN (Russian)

previous link is dead
fullflash reupload
new link:
uploadmirrors.com/download/1FBPRTOE/s1205_fullflash.rar

[i9001][GUIDE/REF]Unlock Your i9001!

To do this you will need an Hexadecimal editor and have root access to your phone.
FIRST MAKE A BACKUP OF EFS PARTITION!USE GOOGLE FOR HOW-TO
Steps:
1. Make a full backup of the /efs folder
2. Get the nv_data.bin file located in /efs
3. Open it with an hexa editor (like WinHex)
4. Go to line 181460 and modify from 01 00 00 00 00 to 00 00 00 00 00
5. Copy the modified nv_data.bin file into /efs
6. Set the appropiate owner user and group doing chown 1001.1001 nv_data.bin
7. Remove the nv_data.bin.md5 file
8. Reboot your phone
9. Enjoy!!
LOCKED
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
UNLOCKED
ADB commands:
# su
# cd /efs
# cp /sdcard/nv_data.bin /efs/nv_data.bin
# rm nv_data.bin.md5
# chown 1001.1001 nv_data.bin
# reboot
To check it you can do *#7465625# and verify that Network Lock is [OFF]
I hope it can be useful for you.
I AM NOT RESPONSIBLE IF U SCREW UP UR PHONE....IF U DONT DO THIS CORRECTLY,U WILL SCREW UP UR /EFS PARTITION AND YOU WOULD NOT BE ABLE TO USE NETWORK!!

Hi,
this method doesn't work.
The main problem is that this file doesn't exist in I9001.
This method is similar if it is not the same that the one used for I9000 (I'm not sure if is the same address in the file)
Regards

sugggus said:
Hi,
this method doesn't work.
The main problem is that this file doesn't exist in I9001.
This method is similar if it is not the same that the one used for I9000 (I'm not sure if is the same address in the file)
Regards
Click to expand...
Click to collapse
ok...can u attach your /efs folder and pm me?
i am pretty sure all android phones have these files
which files u dont have?

Yep... file nv_data.bin doesn't exist on 9001. Made search on whole phone.

sh!t happens..........................
ok,so any "similar file"?

Hi Sakindia,
this is what I see:
- .files
.dj550 (folder)
empty
.jck12 (folder)
empty
.ssh01 (folder)
empty
keystr (file)
- lost+found (folder)
empty
Ther are 2 folders, the first one has 3 empty folders and one file (keystr) and the second one is empty.
Any solution for us?
Regards

this is /efs partition,right?strange............

sakindia123 said:
this is /efs partition,right?strange............
Click to expand...
Click to collapse
Hi,
yes, this is the /efs folder.
regards

has anyone tried any app?since this doesnt work,thats the last resort

Hi,confirm that it does not work on my phone.
file nv_data.bin doesn't exist

sakindia123 said:
has anyone tried any app?since this doesnt work,thats the last resort
Click to expand...
Click to collapse
hi sakindia, wise forum people, any alternative?
i have root and i9001XXKP4, european Vodafone lock (Spain).
Have been searching and trying out all the free apps available in the market, incl. sgs2 apps. Nothing works.
SGS unlock complains about a busy box error, but i think it just cant find the i9000 file its looking for.
Having to pay for IMEI unlock feels like a defeat... i'm finding out too late that the i9001 is a bit of an unsupported niche thing, i guess.
Hope someone comes up with something!!! Cheers

sakindia123 said:
To do this you will need an Hexadecimal editor and have root access to your phone.
FIRST MAKE A BACKUP OF EFS PARTITION!USE GOOGLE FOR HOW-TO
Steps:
1. Make a full backup of the /efs folder
2. Get the nv_data.bin file located in /efs
3. Open it with an hexa editor (like WinHex)
4. Go to line 181460 and modify from 01 00 00 00 00 to 00 00 00 00 00
5. Copy the modified nv_data.bin file into /efs
6. Set the appropiate owner user and group doing chown 1001.1001 nv_data.bin
7. Remove the nv_data.bin.md5 file
8. Reboot your phone
9. Enjoy!!
LOCKED
UNLOCKED
ADB commands:
# su
# cd /efs
# cp /sdcard/nv_data.bin /efs/nv_data.bin
# rm nv_data.bin.md5
# chown 1001.1001 nv_data.bin
# reboot
[...]
Click to expand...
Click to collapse
# cp /sdcard/nv_data.bin /efs/nv_data.bin
Really ???

eBug said:
# cp /sdcard/nv_data.bin /efs/nv_data.bin
Really ???
Click to expand...
Click to collapse
oops...my bad
thanks

...could you be a bit more clear? what is the problem with the instructions? thanks in advance.

senor_coconut said:
...could you be a bit more clear? what is the problem with the instructions? thanks in advance.
Click to expand...
Click to collapse
it doesnt matter really since this method doesnt work.....i9001 doesnt have that file!

Hi,we are awaiting a new method..........

sakindia123 said:
it doesnt matter really since this method doesnt work.....i9001 doesnt have that file!
Click to expand...
Click to collapse
Or we don't see it.

promi said:
Or we don't see it.
Click to expand...
Click to collapse
As u say maybe it`s hidden
Try to root your phone and install ES File Explorer from Market.
Maybe u will find it

I know that root is needed to access /efs.
I just stated that maybe this file is hidden somewhere.

EFS doesn't exist in I9001
The problem is that despsite you are toot and you can navigate through this folder, it seems to be almost empty and the NV_DATA.bin is not found inside.
Regards

[Q] how to change from relocked to locked after getting s-off?

since s-off has the power to change anything, is there anyway to make the boatloader report locked instead relocked?
i know this is not necessary for doing anything at all since it is already s-off, but i'm just wondering what keeping this locking flag/status...

found this:
http://forum.xda-developers.com/showthread.php?t=1970252
http://forum.xda-developers.com/showthread.php?t=2168578
i have dumped the mmcblk0p3, and found the same "HTCU" (unlocked) or "HTCL" (relocked) string at 8404 address. so i went to modify it to x00 x00 x00 x00 and viola, it become "LOCKED" now.
here is the command that i used:
adb shell
su
dd if=/dev/block/mmcblk0p3 of=/sdcard/mmcblk0p3
exit
exit
adb pull /sdcard/mmcblk0p3
copy mmcblk0p3 mmcblk0p3mod
hexalter mmcblk0p3mod 0x8404=0x00,0x00,0x00,0x00
adb push mmcblk0p3mod /sdcard/mmcblk0p3mod
adb shell
su
dd if=/sdcard/mmcblk0p3mod of=/dev/block/mmcblk0p3
exit
exit
so in summary, we can quickly jump from lock to unlocked, or unlocked to relocked/locked without using the token...

i found :
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Code:
[COLOR="Red"]This build is for development purposes only.
Do not distribute outside of HTC without HTC's written permission.
Failure to comply may lead to legal action.[/COLOR]
in : hboot_signedbyaa.img
Do you think we use hexalter to remove "Disclaimer on HTC Splash Screen" ?

Not sure about that, I have not see the flag to control that yet... I think you can change that, but finding the right location for that flag might be difficult...
For this lock/relock/unlock flag, people is able to find it by comparing the rom during before and after, validate the result using other phone, and confirm the finding with other users...
If you don't have other phone to use as experiment and other people to confirm your finding, I afraid it is going to be very hard, you are just like walking in the dark...
Sent from my HTC Butterfly using Tapatalk 2

gbear said:
Not sure about that, I have not see the flag to control that yet... I think you can change that, but finding the right location for that flag might be difficult...
For this lock/relock/unlock flag, people is able to find it by comparing the rom during before and after, validate the result using other phone, and confirm the finding with other users...
If you don't have other phone to use as experiment and other people to confirm your finding, I afraid it is going to be very hard, you are just like walking in the dark...
Sent from my HTC Butterfly using Tapatalk 2
Click to expand...
Click to collapse
But I think we cant do that, coz hboot ship is sign hboot, we will brick our phone! So flashing eng boot with that hex editor to remove will help, but i dont wana to take that risk..
? Killx Kernel ?

Editing Baseband and Hardware Version on Samsung S6

Hi everyone, I have Samsung S6 G920P but i want to replace G920P with G920I in About Phone section. I have already changed Model Number, Build Number by editing Build.pro file but unable to Edit Hardware Number and Baseband version . Help me how can i edit this ?
Thanks in Advance
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

i,m also searching for this , did you found something?

/system/bin/getprop
/system/bin/setprop
baseband version is gsm.version.baseband
hardware version is ril.hw_ver
not tested... create a backup.

Bryan48765 said:
/system/bin/getprop
/system/bin/setprop
baseband version is gsm.version.baseband
hardware version is ril.hw_ver
not tested... create a backup.
Click to expand...
Click to collapse
no in bin not have any of them. did you tested yet? and how we open the bin file?
mean how edit this files?
/system/bin/getprop
/system/bin/setprop
and where,s found this files?
gsm.version.baseband
hardware version is ril.hw_ver???

Mr Hassan said:
no in bin not have any of them. did you tested yet? and how we open the bin file?
mean how edit this files?
/system/bin/getprop
/system/bin/setprop
and where,s found this files?
gsm.version.baseband
hardware version is ril.hw_ver???
Click to expand...
Click to collapse
/system/bin/getprop and /system/bin/setprop are commands to use in a terminal emulator aka bash shell aka CLI. Execute "su" first to gain root access for setprop. It's getprop to get a list, and setprop to set. It's like build.prop. I am not able to test on that specific device, and this is simply information on where it could be at. Create a backup. The hardware version uses the same format on Verizon devices.

Bryan48765 said:
/system/bin/getprop and /system/bin/setprop are commands to use in a terminal emulator aka bash shell aka CLI. Execute "su" first to gain root access for setprop. It's getprop to get a list, and setprop to set. It's like build.prop. I am not able to test on that specific device, and this is simply information on where it could be at. Create a backup. The hardware version uses the same format on Verizon devices.
Click to expand...
Click to collapse
i open it but now is there anyway to edit it? coz its just showing the property but not able to edit
and what,s the mean ?( terminal emulator aka bash shell aka CLI. Execute )
and i already have root access in terminal ,

[Request] persist.img for OnePlus 8 EU

Hi,
My fingerprint sensor stopped working after restore clean rom and relock the bootloader .
I think reflashing the persist partition will fix this. I already have tested the unbrick tool and this don't worked.
So can someone please share their persist partition with me, you can use this app to extract it:
https://play.google.com/store/apps/details?id=ma.wanam.partitions
or ADB command :
adb shell
su
dd if=/dev/block/bootdevice/by-name/persist of=/sdcard/persist.img
exit
Click to expand...
Click to collapse
I'm running Oxygen OS version 10.5.4.IN21BA
My phone model is: IN2013
Thanks

Hey man, what happened did you solve the issue? or what, my fingerprint is also broken

I sent it to after-sales service.
The UPS guy picked it up at my house on Tuesday morning. And it was returned to me repaired this Thursday morning, two days later, which is extremely fast.
So if your oneplus is guaranteed, don't bother with it and send it to service.

Hello !
Can you send a dump of your **persist.img** ? I have downgrade my phone from android 12 to android 11 due to a critical crash but my persist is now dead.
Regards
Hello !
I have found a way to fix the fingerprint reader without any backup of the persist.img. At the first my OnePlus 8 EU IN2013 was reset with MSM tool. So the fingerprint system is KO. To reinstall the fingerprint system, you need to:
1) Enable the OnePlus FactoryMode (EngineeringMode)
1.a) On the phone type the phone number
Code:
*#06#
and copy the IMEI1
1.b) Go to https://one.andro.plus/ and select Unlock for 10 minutes and type your IMEI1
Spoiler
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
1.c) Type the phone number
Code:
*#*#5646#*#*
then exit the qrcode scanner by pressing back and type the generated code found on one.andro.plus
Spoiler
2) Now the EngineeringMode is unlock, use the phone number
Code:
*#808#
to open it. (see
Spoiler
)
3) Go to Debuging Device > Finger Print Test > Finger print calibration test (Pure White - 90% Blue)
4) Click on Start Test. It may print an error at the first time but try it again.
5) Click on Flesh Rubber Sleeve Test1, wait the first test and then PUT YOUR FINGER ON THE READER AND KEEP IT'S OVER
6) Click on Black Rubber Sleeve Test and DO NOT TOUCH THE READER
7) Click on Positionning Circle Test and PUT YOUR FINGER ON THE READER AND KEEP IT'S OVER
8) At the end there is an error but it's fine And the fingerprint reader now works