Related
So you’ve got a nice, shiny, new G1 and you’ve been hearing about all the amazing things you can do with it but you “MUST HAVE ROOT”. As far as you know, you’re not a plant (although you may feel as smart as one at this point) and beyond that, you have no clue what any of the terms or concepts mean in context.
Well, I’m bored so I’m going to try and clear some things up.
There are a lot of threads that cover each of these things but I’m going to try and put as many basics into one post as possible. Hopefully it can be a perfect start for n00bs and good reference in lieu of search for others. Please feel free to correct any semantic (or blatant) mistakes I make.
I’ll keep the glossary here and update terms as I add to this post:
Android OS - Like Windows Mobile but based on Linux, using a Java based front end.
Linux - Open Source operating system used instead of Windows XP/Vista, Mac OSX etc... it's free (as in beer).
Open Source (From Wiki) – Free and open source software, also F/OSS, FOSS, or FLOSS (free/libre/open source software) is software which is liberally licensed to grant the right of users to study, change, and improve its design through the availability of its source code.
Root (as in access)- root is like the administrator account on a windows machine (also referred to as su, or superuser). It allows you to have complete access to the underlying OS of a linux or *nix based machine. For the G1, it allows for the use of themes, native backup functionality, manually selecting which apps can utilize root access, auto-rotate screen, multi-touch in browser, moving applications/caches to the sd card etc...
Root (as in location)- the 'root' of a folder or drive is the top most area of that location. In windows, C:\ is the 'root' of your hard drive. The 'root' of your SD card just means you haven't moved into any subfolders.
Shell – (also heard as terminal, bash, command line) This is a loose definition, but it’s basically a command line to run specific actions against the OS.
Bootloader – the SPL and IPL of a flash based device. See jashu’s description here.
SPL (Secondary Program Loader) - You get to the SPL by holding the camera button while powering on your phone. This is where you flash NBH images. See bootloader above.
Recovery Mode - Holding the 'Home' key while while powering on the G1 will take you into Recovery Mode. From here you can perform a NANDroid backup, wipe your phone, access a command line and of course, flash your phone with an update.zip file.
RC## (or release candidate) – In context to the G1, it is an official release of Android from T-Mobile meant specifically for the G1 (not ADP).
ADP (Android Developer Phone) – A Google specific (or carrier non-specific) version of the G1/Dream that has root access by default and is meant for developers writing apps for the G1, or Android in general.
ADP vs. RC## - Neither RC’s or ADP versions are tied to their respective hardware. With the right bootloader, you can flash an ADP image to a G1 or an RC image to an ADP.
JFV1.## - Is a specific Version of a JesusFreke ROM. JesusFreke is a developer on this website that has graciously spent his time to modify the G1 OS to allow us to have root access to our phones. This gives us the ability to explore and modify our phones via a command line.
Cupcake – a development branch of the Android OS that contains many improvements that was merged into the master build of Android and is currently being released to new phones as Android 1.5.
Nandroid – a utility, accessible through Recovery Mode, that allows you to backup your phone and restore to the exact condition at backup.
Apps2SD – Applications moved to your SD card instead of internal memory. Some people like the extra room, some people don’t want to hassle with the partitioning.
Partition – just like the partitions that separate cubicles in an office, a partition separates parts of a drive.
File system – there are many. It’s basically a specific way of organizing data on a partition. FAT(32) is generally windows, ext2 is generally linux. This is not a hard and fast rule, just most common in context with what you’ll see here.
Scripts – scripts are text files that contain a list of commands to perform. Instead of typing each command out multiple times, a script can be run that will initiate all steps listed in the script.
Android SDK (System Developer’s Kit) – This includes all tools (sans fastboot) that a developer needs to create applications for the G1. It also has tools for interacting with the phone via a command line (ADB).
ADB - is a part of the SDK that allows you to run commands against the G1 in lieu of using the terminal on the phone itself.
Fastboot - is a tool used to flash system images (.img files) to the G1 from a command line on your pc. IMG files are created when you do NANDroid backups and official images can be downloaded from HTC as well. To get to fastboot mode on your phone, hold the back button while powering on.
When T-Mobile first released the G1, they left a bug in the Android OS that allowed anything typed on the keyboard to be passed on to a root shell running in the background. This really was a major flaw and needed to be patched. Unfortunately, when they patched it, they really patched it. RC29 was the last version that still had root. With all versions RC30 on, it was removed. It completely denied us any hope at modding our “open-source” phone.
Somehow, the base image for RC29 (dreaimg.nbh) was leaked and some enterprising developers were able get access to the bootloader and return an updated G1 (RC30+) to RC29 and use this to regain root.
Somewhere along this road, Google released the ADP (Android Developer Phone), which has root enabled and uses a specific SPL (EngineeringSPL) that was the base for the modified HardSPL that most of us use now. Nandroid was included to allow us to back up our phones and shortly after, JesusFreke modified RC30 to keep root and still provide the fixes and improvements that came with it.
I’m not sure where it all started, but eventually, LucidREM released a modified version of JesusFreke’s ROM. This made moving applications to SD painless and freed up system storage and now we can have 32 flashlights and 62 tip calculators installed all at once.
Apps2sd has been the bane of many peoples existence. It requires you to partition your SD card in to separate file systems (FAT32 to remain compatible with windows computers as a mass storage device and ext2 to maintain compatibility with the underlying linux OS of the G1). It also requires you to move your apps to the SD card and then create symbolic links (similar to a windows shortcut) from the internal location pointing to the SD card. Lots can go wrong in this process and that’s why LucidREM, MartinFick, MarcusMaximus04 and others have created tools to help simplify the process.
Now of course, to achieve any of the things you want to do with the G1, you have to interact with it. There are at least 2 main ways to do this. Some prefer to do everything from the phone itself using a terminal, while some prefer to use their PC with the phone connected via USB. Others avoid both of these, as best they can, and use other peoples apps or scripts anywhere they can get away with it. This is why you may find many different explanations of the same goal.
In order to interact with your phone from a pc, you need the Android SDK, which includes ADB. ADB is basically a linux shell that communicates with the G1. It is easier to copy and paste from threads and insert commands without worrying about making typos. It also requires it’s own bit of hoops to jump through (unless you use a mac or linux ;-)) and sometimes scares people away. It is highly recommended if you plan on hacking at your phone with any regularity.
Of course, there are some sadists (I once was one) that like to type line after line of code on a tiny keyboard and use the terminal directly from the phone. This is fun and it makes you feel 1337, but it also leaves a lot of room for error. Remember, you are a root user now, and any mistake you make can be potentially huge.
Well, that’s all for now folks. Please feel free to add, subtract, reorganize, correct anything I’ve said, in the comments. Also, I’ve tried to add links to any relevant threads and sources that I used in making this… this, whatever you wanna call it.
Thanks to everyone in this community for doing what you do. We are all geeks and enjoy doing this stuff. It's good to have so many talented people taking an interest in Android and the G1 in general. It is open source communites that keep technology interesting and exciting.
Thanks to Haykuro, TheDudeofLife, all the theme devs, and all the big players that I didn't reference in this post. Oh, and SolemWishing for the Timeline! It helped, thanks!
Reserved for future posting
Awesome post for nuubs. This should be permanently stickied!
Very cool. a couple terms you should add:
Fastboot
SPL
Recovery mode
(including what key strokes you need to hit to get into spl and recov. modes)
Thanks for the feedback!
I added SPL and Recovery... let me get my facts straight on fastboot and I'll add that tomorrow.
I don't know if it is the right place for it, but there seem to have been lots of question about "radio" or more specifically "radio update".
I feel smarter already.
I particularly found the file system explanation useful, i put it together that fat32 and the other were the two partitions but didnt realize which was for cpu. Not ready to attempt but definitely closer (although Im not even sure if I want to partition i have no need for all that space at this point) It doesnt affect performance does it?
Agreed. Good stuff. Definitely noob required reading material.
Yes, indeed a very nice guide for the beginners. Hell we ALL started that way...i remember when I first got this phone ~6 months ago (no root), and there was almost nothing about it, no support, no add-ons, no hacks, nothing. It was boring, and for me I was coming from a motorola (motomodders?), so going to something that was far superior but didnt have community support made me almost cry.
Though look now, 3 months later the market was filling up and being abundent of new stuff to play with (I didnt even try rooting for a while, until it became a lot more well-known [fixes and the likes], and themes became a necessity because they started to get really good), and now 6 months later people are hacking away figuring out soo much stuff about it. Amazing work everyone, seriously.
Something good: It all starts at the roots .
Well, I added info on fastboot and exceeded my 10000 character limit. Now I understand why so many people reserve the second post. lol...
I'll make some changes so I can add info about the radio, however the link to fastboot explains the radio fairly well.
Thanks for the feedback everybody, I hope this helps some people out.
skri11a said:
So you’ve got a nice, shiny, new G1 and you’ve been hearing about all the amazing things you can do with it but you “MUST HAVE ROOT”. As far as you know, you’re not a plant (although you may feel as smart as one at this point) and beyond that, you have no clue what any of the terms or concepts mean in context.
Click to expand...
Click to collapse
When i read those lines i knew that this post would be worth reading
It was a really nice n00b guide, though ive done some WiMo flashing so some of the terms sounded familliar i certanly learned a thing or two
I would say it should be stickied and put on the wiki - oh and perhaps list it in alphabetic order, it would make it more usefull as a "I dont understand this term so ill just look it up"-thread...
Perhaps you can get a mod to give you post #2 & #3
//M
DMaverick50 said:
I feel smarter already.
I particularly found the file system explanation useful, i put it together that fat32 and the other were the two partitions but didnt realize which was for cpu. Not ready to attempt but definitely closer (although Im not even sure if I want to partition i have no need for all that space at this point) It doesnt affect performance does it?
Click to expand...
Click to collapse
I'm glad it helped. As far as performance issues, I've had none. In fact, when I was skating along with 12-19MB of free space, my phone would crall and cause me all sorts of grief. Since I've moved the apps and dalvik-cache, it's been very responsive and reliable. That being said, get a GOOD sd card. I see a lot of people having problems using cheap or < class4 sd cards.
m.klinge said:
When i read those lines i knew that this post would be worth reading
It was a really nice n00b guide, though ive done some WiMo flashing so some of the terms sounded familliar i certanly learned a thing or two
I would say it should be stickied and put on the wiki - oh and perhaps list it in alphabetic order, it would make it more usefull as a "I dont understand this term so ill just look it up"-thread...
Perhaps you can get a mod to give you post #2 & #3
//M
Click to expand...
Click to collapse
lol... I'm glad you liked it.
And thanks for the tips. I'm gone for the weekend, but I'll alphabetize it when I get back. Not sure what I can do about getting it stickied but I'll look into the wiki on monday too.
can you add busybox
in the nandroid instructions it requires busybox but I didnt see an explanation for what busybox is. Thanks and this thread has already been very helpful for me
speaking of stickying this....
who is in charge of stickies? A lot of stickable topics aren't stickied and a lot of topics that should be unstickied are still stuck...
DMaverick50 said:
in the nandroid instructions it requires busybox but I didnt see an explanation for what busybox is. Thanks and this thread has already been very helpful for me
Click to expand...
Click to collapse
Hey sorry for the late reply... Been pretty busy since Friday.
I'll try and add this to the first post shortly. I may have to remove some of the history lesson if I can't get a mod to give me the second/third post.
BusyBox - This is a single executable utility that contains many common Linux commands, instead of having an individual executable for each command. As far as I know this is built into all of the JF releases, as well as Dude's. It is also usable in the JF recovery console by hitting alt-x. To use busybox, just type "busybox" in front of the command you want to use (i.e. #busybox ls -L --to get a list of your directory).
AbsoluteDesignz said:
speaking of stickying this....
who is in charge of stickies? A lot of stickable topics aren't stickied and a lot of topics that should be unstickied are still stuck...
Click to expand...
Click to collapse
If you figure this out, let me know. I haven't tried to PM a mod or anything but I'd still be curious to know what the magic requirements are.
This will definitely help a lot of newcomers. Thanks for taking the time to make it.
Way to get stickied! Now I can stop copying pasting updates worrying I might not be able to find the post...
skri11a:
BusyBox - This is a single executable utility that contains many common Linux commands, instead of having an individual executable for each command. As far as I know this is built into all of the JF releases, as well as Dude's. It is also usable in the JF recovery console by hitting alt-x. To use busybox, just type "busybox" in front of the command you want to use (i.e. #busybox ls -L --to get a list of your directory).
Click to expand...
Click to collapse
Wouldn't "Unix utilities" be more correct than "Linux commands"?
And saying Android is "like windows mobile" is blasphemy! You can't compare Unix to Micro$oft Windoze (Yes, that's a very sophisticated and mature way to express my hatred of the OS )! >:|
Anyway, it's good that you wrote this, theres probably a lot around here not having a clue about how things work in the world of unix
Surfing the daily news I stumbled upon a short article about Micro Systemations XRY (Danish article), a tool meant for use by the law enforcement, military and intelligence agencies. It can pull every last detail out of the phone, by first rooting/jailbraking the device, and then bruteforce the Pin lock. After this, it should be pretty much "open" and ready to get ripped. It works on just about any type of (cell)phone you might have around, including all smartphones running one of the major operating systems - such as Android, IOS, WP7 etc...
More info:
http://www.msab.com/
http://www.forensicswiki.org/wiki/.XRY
See it in action:
v6.2 smartphone support video
In the hands of the right people/instance this is a very useful tool, but it could potentially be a threat if it gets out to the public.
And now to my question; What would be the best way to secure a device from something like this??
The first thing that comes to my mind would be to either use a pin code of 5+ numbers, as the bruteforce attack would be much longer or using the pattern lock if you are on an Android phone.
The second thing would be just as simple as keeping the device updated, so older exploits would be patched up by the manufacturer.
And how about the device encryption from Android 4.0, would it have any impact on this or would that also be circumvented by the rooting procedure?
from what i've gathered they need to get root to then find out your pin. They also mentioned that in previous videos that they used to use super1click to gain root.
I wonder how far they would get with a non-rooted,pin-enabled phone that has USB debugging turned off?
sidenote: the youtube video alludes to multiple access routes; wifi, bluetooth and USB (the desire in the video looks like it does not support bluetooth rooting though), I thought it was worth mentioning if it changes anything
nzdcoy said:
I wonder how far they would get with a non-rooted,pin-enabled phone that has USB debugging turned off?
Click to expand...
Click to collapse
Exactly, and I guess that almost all (Androids atleast) comes with USB debugging disabled by default..
Please use the Q&A Forum for questions &
Read the Forum Rules Ref Posting
Moving to Q&A
Mods please move this post if in the wrong place. OK, I couldn't find it ANYWHERE on XDA but, I did find it by doing extensive baidu (China's Equivalent of Google Search engine) searches and translations. So I give to you all QPST 2.7 build 402. I have the newest and latest QXDM and QCAT also. They were uploaded to the Chinese site on February 13, 2013. QXDM requires activation so I wont post it. I will post QCAT if anyone requests it though, as it does not require activation and neither does this version of QPST. I have seen numerous posts over the net where people wanted QPST 2.7 build 385 but this one surpasses that version. Annoyingly enough though, I still cant write settings to my girlfriends LGL55CV3 Straight Talk android phone with it . So if anyone here can help me out on this, please feel free to do so. So enjoy and hit thanks if I've helped you out.:good: http://www.mediafire.com/?yya85byog8kqtxn
:good:
solcam said:
Mods please move this post if in the wrong place. OK, I couldn't find it ANYWHERE on XDA but, I did find it by doing extensive baidu (China's Equivalent of Google Search engine) searches and translations. So I give to you all QPST 2.7 build 402. I have the newest and latest QXDM and QCAT also. They were uploaded to the Chinese site on February 13, 2013. QXDM requires activation so I wont post it. I will post QCAT if anyone requests it though, as it does not require activation and neither does this version of QPST. I have seen numerous posts over the net where people wanted QPST 2.7 build 385 but this one surpasses that version. Annoyingly enough though, I still cant write settings to my girlfriends LGL55CV3 Straight Talk android phone with it . So if anyone here can help me out on this, please feel free to do so. So enjoy and hit thanks if I've helped you out.:good: http://www.mediafire.com/?yya85byog8kqtxn
Click to expand...
Click to collapse
---------- Post added at 04:36 PM ---------- Previous post was at 03:44 PM ----------
:good:
solcam said:
Mods please move this post if in the wrong place. OK, I couldn't find it ANYWHERE on XDA but, I did find it by doing extensive baidu (China's Equivalent of Google Search engine) searches and translations. So I give to you all QPST 2.7 build 402. I have the newest and latest QXDM and QCAT also. They were uploaded to the Chinese site on February 13, 2013. QXDM requires activation so I wont post it. I will post QCAT if anyone requests it though, as it does not require activation and neither does this version of QPST. I have seen numerous posts over the net where people wanted QPST 2.7 build 385 but this one surpasses that version. Annoyingly enough though, I still cant write settings to my girlfriends LGL55CV3 Straight Talk android phone with it . So if anyone here can help me out on this, please feel free to do so. So enjoy and hit thanks if I've helped you out.:good: http://www.mediafire.com/?yya85byog8kqtxn
Click to expand...
Click to collapse
Ummmm...Yeah. If you say so.
solcam said:
Ummmm...Yeah. If you say so.
Click to expand...
Click to collapse
Anyone managed to download this?
No. It says that it belongs to an unvalidated account. I know that 418 is now out too if anyone might have this one.
cezar1 said:
This file infected by troyan. Thanks a lot
Click to expand...
Click to collapse
I had no issues with it... and still use it. I will look into it. I did not upload it, I just posted the link.
---------- Post added at 10:56 PM ---------- Previous post was at 10:32 PM ----------
cezar1 said:
This file infected by troyan. Thanks a lot
Click to expand...
Click to collapse
I did some checking and a few people DID have issues with this. Thank you for bringing it to my attention...
If you install this via "setup.exe" it will put a backdoor on your system. It lives at "C:\Users\Admin\AppData\Roaming\Qualcomm". It will also add itself to the "HKCU/Software/Microsoft/Windows/Current Version/Run" key in the registry. There is no virus in the MSI file.
You should be able to detect it, remove it and use build 422. Again, I am using it without issue.
rekamyenom said:
I had no issues with it... and still use it. I will look into it. I did not upload it, I just posted the link.
Click to expand...
Click to collapse
Hello, fellow QPST users.
QPST 2.7 Build 4.2.2 is a fake version with keylogger.
Some a$$hole downloaded latest public QPST build (4.0.2) and decompiled MSI installer package, then edited all "4.0.2" to "4.2.2", added "fake changelog", added keylogger (qualcomm.exe), then repackaged and spread around web!
Everyone who downloaded QPST build "4.2.2" should change all his passwords.
More info about malware from fake 4.2.2 build (QPST.2.7.422.msi)
MSI package (QPST.2.7.422.msi) was embedded/tampered with qualcomm.exe which is a .NET based malware that logs your keystrokes and sends it to attacker's server.
How to delete the actual malware from your system?
Look at the startup from msconfig or CCleaner, there should be a file called qualcomm.exe thats set to start everytime system starts. Delete both registry and file.
If you wanted to see what data thief was stolen from you. Just open the .dc file (in "dclogs" folder) with Notepad and see for yourself.
In XP, dc file is located here!
C:\Documents and Settings\Administrator\Application Data\dclogs
there should be a file called "201X-XX-XX-X.dc
if you open that DC files with Notepad, you'll see all your keystrokes.
Here is mine. I've intentionally entered paypal site with fake info.
:: Run (3:01:51 AM)
Script kiddie. NET Based malware, huh?[ESC]
:: Program Manager (3:02:14 AM)
e
:: Firefox (3:02:18 AM)
www.paypal.com
[email protected][TAB]
mypaypalpass
[ENTER]
:: Documents and Settings (3:02:19 AM)
[UP]
:: Administrator (3:02:28 AM)
[DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN]
[DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN][DOWN]
d
:: (3:02:34 AM)
:: Administrator (3:02:34 AM)
d
:: (3:03:11 AM)
mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm
:: [Release] QPST 2.7 BUILD 422 - Download Here - Enjoy - Mozilla Firefox (3:03:57 AM)
crap
How to delete?d
:: Clipboard Change : size = 16 Bytes (3:03:57 AM)
QPST.2.7.422.msi
:: (3:04:23 AM)
cccccc
Click to expand...
Click to collapse
Keylogger sends the logs from keylogger to "qpst.hopto.me"
So please report about this incident where and when you encounter QPST 4.2.2 somewhere (forums, posts, sharing-sites, etc)
Copy my whole post and paste it where you see 4.2.2 mentioned.
Bonus: Fake Changelog
If you've installed this 422 build, then open the Readme.txt in C:\Program Files\Qualcomm\QPST\Documents
Scroll down and see the "6/12/13 QPST 2.7.422 changelog"
6/12/13 QPST 2.7.422
1) EFS Hello commands will not be sent unless the device is in a compatible mode. Sending this command when the
device is in download mode can cause a "server busy" message for a few seconds because of command retries.
2) Support for the Sahara device protocol (see 80-N1008-1 or equivalent) is now built in to the QPST server process.
This protocol is only supported by USB Serial ports, not TCP/IP connections. In QPST Configuration a device in
this mode will display as "Q/QCP-XXX (Sahara Download)". This mode can only be detected (1) when the QPST server
process starts or a COM port in this mode added to QPST, or (2) when a device enters Sahara mode on a port assigned
to QPST. This is because the device only sends its Hello message once, as soon as the COM port is opened.
Click to expand...
Click to collapse
Changelog above is actually cloned from QPST 2.7.394 Just scroll down and see Build 2.7.394 changelog. Its same!
So forget about Build 422. It doesn't exist.
Use QPST 2.7 Build 402. It's the latest public build
Sorry about my english
Best Regards
AnycallMongolia
can somebody give proper qpst latest version.
pl provide dropbox link
madroamer said:
can somebody give proper qpst latest version.
pl provide dropbox link
Click to expand...
Click to collapse
Okey, someone (HuaweiDevices.ru) leaked QPST v2.7.411 to the public. I've installed it myself and confirmed that its legit build.
Here is original link of the leak..
Here is my link.
http://d-h.st/qAy
Thread cleaned, potentially unsafe file and posts are gone. All members are to be reminded that whenever you flash anything, regardless of what it is, you take chances.
Thanks for the report, and thanks for not being disrespectful regarding the matter.
Now, back to development.
Thanks for your sharing this.
solcam said:
Mods please move this post if in the wrong place. OK, I couldn't find it ANYWHERE on XDA but, I did find it by doing extensive baidu (China's Equivalent of Google Search engine) searches and translations. So I give to you all QPST 2.7 build 402. I have the newest and latest QXDM and QCAT also. They were uploaded to the Chinese site on February 13, 2013. QXDM requires activation so I wont post it. I will post QCAT if anyone requests it though, as it does not require activation and neither does this version of QPST. I have seen numerous posts over the net where people wanted QPST 2.7 build 385 but this one surpasses that version. Annoyingly enough though, I still cant write settings to my girlfriends LGL55CV3 Straight Talk android phone with it . So if anyone here can help me out on this, please feel free to do so. So enjoy and hit thanks if I've helped you out.:good: http://www.mediafire.com/?yya85byog8kqtxn
Click to expand...
Click to collapse
anycallmongolia said:
Okey, someone (HuaweiDevices.ru) leaked QPST v2.7.411 to the public. I've installed it myself and confirmed that its legit build.
Here is original link of the leak..
Here is my link.
http://d-h.st/qAy
Click to expand...
Click to collapse
Link works. Thank you.
Hello guys, i have a LG G2 with 3g issue , it works just in 2g, somebody can upload his QCN file so i try to replace mine with it? Thank you so much
!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!
!!! TROJAN AGAIN !!!
Some time ago in Feb 2014 man named anycallmongolia posted a link to QPST 2.7 build 411
Link points to the site HuaweiDevices.ru
h_t_t_p_://_huaweidevices._ru/ROMS/QPST_2.7.411.rar
Later I'd personally downloaded this version from this topic a few times in 2014 and this was normal non fake QPST which i'd installed on a few PC's. (Can't remember particular link now). Today I would like to install QPST to a new NB PC, so assumed this topic as the best source. Being a recovery/data structures expert I always inspect code (mostly by viewing in text/hex). As most of members I've very high trust level to xda (certainly it's much higher then one related to the "famous and respectable" corps like Google/MS/Apple/etc, who aren't on my side, I'm sure).
I've installed QPST got from this topic a few times, so I'd almost pressed Enter (I use FAR most of time and advice you to do the same) over the DL'd file "qpst 2 7 411.exe".... What??? - EXE??? And it's just about 500Kb long... But QPST installer occupies about 16Mb.
I've explored body - I's typical malware with slightly "encoded" (to prevent direct reading) data inside. QXDM offered on the neighbor page is the same malware of the same size.
If you'll try to dl QPST from above link you'll got 404 error in the center of normal html page with site menu etc... What normal man would think in this case? He'll think page/product have moved (e.g. due to overload protection) and what he'll do next? He'll try to find where page have moved and... will got link in menu just at the bottom of 404 page. It's just trivial (but very good working!) "social engineering" - publish real app in trusted place and when it will pass checks replace it with malware. (Or may be domain was sold to the criminals as it often occures in Russia for a few latest years). Even if you will check DL url in the status bar it will show link to the .RAR archive, but ASAY click the link it will be redirected to .exe!
PLEASE PUBLISH BIG WARNING on TOPIC START and remove links to HUAWEIDEVICES.RU!!!
Furthermore. Situation is much worse because huaweidevices shows 1ST position in search request "QPST 2.7.411" by Yandex.ru (#1 search engine in Russia) and 2ND position in Google results with the same request!!! It's VERY DANGEROUS situation! Thousands if not millions of peoples are at risk of infection.
I'm going to write abuses to Google and Yandex NOW!
Please spread info on such a new attack manner/technique around your friends, collegues and internet.!
Always check what you run!!!
QPST 2.7 build 425 (The REAL Thing!)
It is so irritating to see all of the jerks who are trying to spread viruses and malware nowadays.
Here is the REAL build 425:
http://www.mediafire.com/download/neeapht51ub2333/QPST.WIN.2.7_Installer-00425.1.zip
drkcobra said:
It is so irritating to see all of the jerks who are trying to spread viruses and malware nowadays.
Here is the REAL build 425:
h_t_t_p_://_w_w_w.mediafire.com/download/neeapht51ub2333/QPST.WIN.2.7_Installer-00425.1.zip
Click to expand...
Click to collapse
Very very very BIG Thank you!!!
That's really new one and it contains new very promising QFIL util. Didn't explored much yet!
God bless on you man!
BTW does anybody know how to descramble (decrypt)/scramble (encrypt) back EFS/NVRAM partitions (in most cases modemst*). I'd like to be able to patch/change every byte in EFS (not just locks etc bull****, my phones are always free of any contracts). Full modem FW reversing seems too difficult to me (i'm 'not so strong' in ARM assembly and there is too much code in modem FW). I'm sure for a such long period (over decade) of EFS life there should be methods around to manipulate it independently of mfr/commercial products, but I can't find them for a long time. Trust me, it's fully idiotic situation I'm (you're) not able to do with my (yours) computer (PDA is computer, not the "phone") all I want to do being "restricted" to access only data some f...n mfr "allowed" me to access. It's my device, I'd paid for it and I will decide what me to do with it.
Furthermore, modern public licenses don't allow to hide parts of object (device) code, where GNU/GPL code is the main part. Is anybody here who think that Linux/Unix value in ALL there f...n "modern" Android devices less than 90%? Most router mfrs have already forced by requirements GNU/GPL to publish full compilable code of their firmware. I shouldn't have clue what all they want to hide related to their "commercial" and manipulating interests. Using 30years of thousands people's free labor in their commercial products , they're obligated to publish full sources and should DO IT.
Apple is today wealthiest corp on this planet, but If you'll look into the Apple's internals you'll find tons of MODERN Linux code (protected by modern GNU/GPL) simply stolen from open source depositories, then adopted to MacOS/iOS then closed and sold as commercial product . Is it fair game?
TheDrive said:
Very very very BIG Thank you!!!
That's really new one and it contains new very promising QFIL util. Didn't explored much yet!
God bless on you man!
BTW does anybody know how to descramble (decrypt)/scramble (encrypt) back EFS/NVRAM partitions (in most cases modemst*). I'd like to be able to patch/change every byte in EFS (not just locks etc ...................
Click to expand...
Click to collapse
I use EFS Pro for BackUp and Restore.... Sadly its windows only, but works great with VirtualBox on Linux Mint Cinnamon/MATE 17.1 x64.
Hosted on the wonderful XDA:
http://forum.xda-developers.com/gal...ol-updated-09-06-14-efs-professional-t1308546
FWIW
I hear you about Apple, used to be a hardcore fan, when they were nearly bankrupt. I still swear by OS X, but not the iTard line of devices. I tell my nieces and nephews to get an Android cause they are not ignorant! lol There should be more of an effort to make people understand that Apple is using allot of *BSD (Linux) source. The GUI is closed, but some of the other source is available in the dev program site they host.
unimatrix725 said:
I use EFS Pro for BackUp and Restore.... Sadly its windows only, but works great with VirtualBox on Linux Mint Cinnamon/MATE 17.1 x64.
Hosted on the wonderful XDA:
http://forum.xda-developers.com/gal...ol-updated-09-06-14-efs-professional-t1308546
Click to expand...
Click to collapse
Thank you! Certainly I know this good product. It can manipulate NVRAM through COM-port, just the way QPST does it communicating w/modem FW. Is has many advanced options but seems not to be reliable enough (too many OEM customizations around, it's difficult to reverse all) As you stated it can also backup some partitions (like EFS). but you can do this yourself just by simple ADB/Unix shell commands (e.g. "dd if=/dev/block/mmcblk0p?? of=/sdcard/mmcblk0p??.img")
You can write simple scripts and perform such backups directly from device (to SD). Furthermore, you can customize CWM/TWRP for your device to perform such backups from recovery.
To do it you should know which partition numbers to backup/restore (to backup/restore what data you want).
There are methods/commands available to get needed info to build full device partition map (e.g. some devices contains "folders" named "by-names" deeper in /dev/block/... (where partitions are named), but in some cases (e.g. some 2013 MSM7227 based Samsung phones like GT-S756x) there is no names associated with particular proprietary partitions in the device, (at all) so the only way to find what data reside there is to backup and look (hex) with your own "experienced" eyes what these data seems to be (or search what others found on the theme). EFSPro "from the box" also knows only a few device's partition maps so, in most cases you should build configuration for your device manually with full knowledge of it.
There is no problem to locate and backup encrypted modem data partitions (modemst*/efs/etc...) if your device is rooted. Moreover, if your device has standard Qualcomm bootloader (not OEM's cut) you can switch device to the standard Qualcom DM (download mode) when all your eMMC contents will be exposed to USB bus as mass storage device (just like UFD or SDCard) and you can backup/restore whole drive contents or particular partitions just like PC's own partitions (try some "chnese" stuff (made of quality parts) instead of "branded" ones and you'll see superiority of the "open world".
But main question is how to decrypt modem data to explore and change them as I want at any time. Mfrs (i.e. Qualcomm and OEMs hide serials, locks etc BS there, but there is a lot of other interesting stuff related to modem configuration which is also closed and encrypted. This drives me wild because it's my device and my serials/locks and other stuff too, so it's my option to do with is what I want and no one else. I'm definitely know and sure modem FW/config and even mask ROM (which we most probably never will be able to explore) contains many hidden features that may lead to remotely force device to collect info about user and perform actions without his knowledge and consent. I have no matter what all these sec... services planned to do with all these exploits they forced OEMs/chipmakers to implement., but (sic!) they allowed information about these exploits to leak wild! So some "generic" engineers who simply have job and low level access to cellular provider's equipment (which able to broadcast custom service packets) to make "what they want with user's phones (e.g. switch it on or request GPS data) just "for fun". F them all, but most idiotic is fact that being an 25y experienced "lowest level" service engineer I can't get access and control over my own devices (i.e. computers). It's incorrect. It would be difficult but we should pay more attention to explore internals and get clue what goes on.
unimatrix725 said:
FWIW
I hear you about Apple, used to be a hardcore fan, when they were nearly bankrupt. I still swear by OS X, but not the iTard line of devices. I tell my nieces and nephews to get an Android cause they are not ignorant! lol There should be more of an effort to make people understand that Apple is using allot of *BSD (Linux) source. The GUI is closed, but some of the other source is available in the dev program site they host.
Click to expand...
Click to collapse
I've personally explored OSX files and partitions and seen much modern Linux code inside. They even don't hide "copyrights". Nobody will explore anyway and nobody cares. Old 80x-90x versions of public licenses allowed to do "anything" with free open sources (including to make changes, then close sources and sell product). After some smartasses like Apple used this hole to sell free labor of thousands of peoples, public license had changed. Modern licenses allows you to sell derived product, but obligate you to open sources (with same license) so anyone else can use them to and sell too. You can't close your part of sources if free code is most valuable part of your product. E.g. router mfr can't close part his own sources to make firmware sources "uncompilable" because Linux definitely is most valuable part of router FW. This warrant later development of free open source programs and free community n whole. Apple stated that they used only old 80x code in their OS'es and then developed it separately and thus they are not obligated to open sources to everyone. They would be right unless they didn''t used a lot of modern code protected by modern public license's requirements. I didn't explored deeply. May be they publish all derived code for free. Today we can't say accurately if some modern Linux components they adopt for Mac/iOS are most valuable part of their systems or not. We should explore all the code to make decision. but anyway it's not fair to use a lot of thousand's people's free labor just to make money. Google's position here is not ideal but much more fair. They publish most of sources and support open source community. They don't try to make system "unbreakable" and they don't force you to use their accounts too much. I've NO Google "phone" account AT ALL. I've no need in any "markets", "clouds" ect BS., which lead absolutely no problem to me to effectively use Android devices. There are lots of free APK's around
It practice, I have 2-3 old iPhones just for experiments. Yes we have Jailbreaks and some other stuff, but even if you break and get access to your device it's very uncomfortable to work with it at low level. On my sight just one ADB interface costs more then all "jingles and bells" of iOS's GUI. All these "tethered-untethered", "unbreakable" bootloaders in Mask ROM, lack of normal tools to explore and manage data on any level, total control and extraction of my data by mfr via strongly encrypted obfuscated protocols and hidden services make these devices useless for me in practice.
Windows Phone is even far more closed OS then iOS. You have no control over your data at all. You can't do a thing with WP device unless you sign up with MS account. You can't get access to your own data (except MM files) unless you sync it with MS cloud, i.e. you will be forced to send all your private data to MS and MS will decide whether to give piece of it back to you or not. Matrix in action. I've absolutely no clue what thought MS bosses when they decided to close ALL in OS that have had less than 1% of market. Their 1st goal was to attract developers to write apps for their OS and there was no better way to kick them than "close All". There is no matter does it perform GUI actions good or not when devs and users have no effective way to collect and use "useful" results of device's work.
drkcobra said:
It is so irritating to see all of the jerks who are trying to spread viruses and malware nowadays.
Here is the REAL build 425:
http://www.mediafire.com/download/neeapht51ub2333/QPST.WIN.2.7_Installer-00425.1.zip
Click to expand...
Click to collapse
The new versions got rid of QXDM and RF NV Manager.
Build 415
etirkca said:
The new versions got rid of QXDM and RF NV Manager.
Click to expand...
Click to collapse
I have not used this version, so do not know if it has been removed from this one or not, but here is a legitimate copy of build 415:
http://www.mediafire.com/download/ac6yh57yye363mx/QPSTWIN2700415.rar
After reading many posts across various forums and buried in the comments of threads spanning many years--I've summed up moving from Verizon to Page Plus in one document. This is the 2014 definitive step-by-step guide to manually programming the 4G LTE Verizon HTC Thunderbolt Smartphone for use with Page Plus Cellular (PPC). This guide might also serve for Kitty Wireless and other PPC resellers. Topics include: (1) Porting your phone number from VZW to PPC (2) Checklist of everything you'll need to succeed (3) Device driver and software installation (4) Configuration & DIY Free Programming (5) Activation (6) PPC Account & Plan Finalization
I hope this benefits anyone still using this excellent smartphone. I gave up my unlimited data on VZW and moved to PPC after realizing I mostly use WiFi these days and was not taking full advantage of unlimited data on a 4G LTE network. Saving $696 per year is a great incentive. I give credit and reference all of the various posts that were summed up. Rather than attempt to reformat the document as a forum post I've made it available on Google Drive. I hope that's fine. I've attached it to this post as a DOCX. Hopefully one or both of these methods works.
http docs.google.com document/d/17Tmz2R-DEHRQqQZmbEPALR7UIYNYyZO8aqBi2_AOFn0/edit?usp=sharing
Peace ~
corezion said:
After reading many posts across various forums and buried in the comments of threads spanning many years--I've summed up moving from Verizon to Page Plus in one document. This is the 2014 definitive step-by-step guide to manually programming the 4G LTE Verizon HTC Thunderbolt Smartphone for use with Page Plus Cellular (PPC). This guide might also serve for Kitty Wireless and other PPC resellers. Topics include: (1) Porting your phone number from VZW to PPC (2) Checklist of everything you'll need to succeed (3) Device driver and software installation (4) Configuration & DIY Free Programming (5) Activation (6) PPC Account & Plan Finalization
I hope this benefits anyone still using this excellent smartphone. I gave up my unlimited data on VZW and moved to PPC after realizing I mostly use WiFi these days and was not taking full advantage of unlimited data on a 4G LTE network. Saving $696 per year is a great incentive. I give credit and reference all of the various posts that were summed up. Rather than attempt to reformat the document as a forum post I've made it available on Google Drive. I hope that's fine. I've attached it to this post as a DOCX. Hopefully one or both of these methods works.
http docs.google.com document/d/17Tmz2R-DEHRQqQZmbEPALR7UIYNYyZO8aqBi2_AOFn0/edit?usp=sharing
Peace ~
Click to expand...
Click to collapse
Thanks a lot for the updated guide. I was hoping to use this to turn on data on my Thunderbolt (voice already works).
However, I am stuck on the part about connecting the phone to the PC. My laptop is on Windows 8.1 Pro. No matter which HTC sync version/drivers I use, the laptop does not recognize the phone.
I tried downloading an older version of HTC Sync, but that did not work either.
I experienced the same setback and, instead of troubleshooting further, used an old Windows XP laptop. See if you can find access to an older machine for the purpose of programming your phone. Perhaps a family member, friend, neighbor, cybercafe, or yard sale.
Before XP was EOL Microsoft offered a downloadable kit to install XP within Windows 7 etc as a virtual machine for running older applications. I'm not sure if USB devices were accessible within the VM. Another option might be WINE from within Linux but I've never attempted that either. The easiest route is to find a 32-bit machine you can borrow.
There may be a simple 64-bit driver workaround but I'm not yet aware of what that might be. When I have some free time, I'll explore the 64-bit driver dilemma and if I'm successful I'll update the documentation.
corezion said:
After reading many posts across various forums and buried in the comments of threads spanning many years--I've summed up moving from Verizon to Page Plus in one document. This is the 2014 definitive step-by-step guide to manually programming the 4G LTE Verizon HTC Thunderbolt Smartphone for use with Page Plus Cellular (PPC). This guide might also serve for Kitty Wireless and other PPC resellers. Topics include: (1) Porting your phone number from VZW to PPC (2) Checklist of everything you'll need to succeed (3) Device driver and software installation (4) Configuration & DIY Free Programming (5) Activation (6) PPC Account & Plan Finalization
I hope this benefits anyone still using this excellent smartphone. I gave up my unlimited data on VZW and moved to PPC after realizing I mostly use WiFi these days and was not taking full advantage of unlimited data on a 4G LTE network. Saving $696 per year is a great incentive. I give credit and reference all of the various posts that were summed up. Rather than attempt to reformat the document as a forum post I've made it available on Google Drive. I hope that's fine. I've attached it to this post as a DOCX. Hopefully one or both of these methods works.
http docs.google.com document/d/17Tmz2R-DEHRQqQZmbEPALR7UIYNYyZO8aqBi2_AOFn0/edit?usp=sharing
Peace ~
Click to expand...
Click to collapse
I was able to follow the instructions and get the voice working. Many thanks for this detailed instruction.
using DFS to change the phone settings works fine on non-9k port. but on 9k port, lots of the parameter was "read only", not allow to change.
I must have a sim card in the phone, otherwise it will stuck in dailing. Incoming calls/txt was first not working at all, but suddenly working and working since. i would guess it has to do i was calling when someone called me, but i have no proof.
Separate question: I am not able to use "settings->software upgrade->check new" to upgrade my phone from gingerband to icecream. Pageplus said they don't support and their OTA will ruin 4g phone. do you know any alternative way?
stupid question: i activated in diag+modem mode. Now everything completes, when the phone restarts, it still do that. do i need to disable it?
Halp!
FIRST A HUGE THANK YOU!
your walk through combined with the one where I found the link to yours both let me set up my phone after a friend accidentally factory reset my store flashed phone lol.
From never flashing a phone to scrounging up the software and getting my phone set up and working without spending a dime!:good:
Now that I have a better understanding I am hoping you guys with more experience can help me figure out shy I'm stuck on 1x
everything else is working except 3g when i boot the phone i see 3g for about a milisecond then just 1x
No matter how many times I enter the "vzw" passwords for PAP, PPP, etc and write them to the phone they are gone when I read the phone.
Everything else is there, [email protected] sticks but not the passwords.
Hello all! First off, this is my first day as a new member on this forum, which I should've done long ago honestly! This forum has helped me a lot and given me insight on many problems I've faced as I delve further into Android development. With any luck, one day I can return the favor to other inspiring developers as well!
Introductions aside, I am helping develop an app for the company I work for which requires a connection to many different devices which all broadcast a hidden Wi-Fi network. The way I see it, the easiest solution is to add the networks manually through the Wi-Fi settings on Android devices, however it is long and tedious and lends to human error (I have to manually copy over SSIDs and long PSK strings). I have also come to understand that each Android device has a "wpa_supplicant.conf" file, containing all the saved networks for that device.
I am working with an array of different phones, all running some version of Android, and I need a way to add networks en masse instead of one-by-one. Is there any way that I can:
1.) set-up a "wpa_supplicant.conf" file with all the preexisting networks and PSKs,
2.) gain temporary root access to edit the ".conf" file already present (or even bypass the need for root access), and then
3.) replace each ".conf" file for that device with the updated version.
This is all assuming that the process is relatively the same per each device, which I have also come to understand is not always the case. If this cannot be done, any insight into an alternative solution would also be much appreciated! Once again, I am just trying to avoid mulling through manual setup and inevitably entering something in wrong (I've got to be somewhat dyslexic). Kudos!
- Tristan Wright