PasjaGSM.pl
  Jesteś w: Forum > Dct4 Editing


Dct4 Editing

Forum.PasjaGSM.pl » ...:Sprzęt:... » Nokia » DCT-4 » [DCT4] Modyfikacje HW i SW » Dct4 Editing
Poprzedni temat «» Następny temat
Autor Wiadomość
 
Piotrek 



Telefon: K750i
Operator: Heyah
Pomógł: 18 razy
Dołączył: 11 Maj 2004
Posty: 1889
Skąd: Poznań
Wysłany: 2006-04-02, 13:36   Dct4 Editing

Kod:
         ----------------------------------
                    DCT4Crypter
         ----------------------------------
                 by nok5rev & g3gg0

__________________________________________________  _____

 Yes, this package contains the necessary routines and
 even some apps to decrypt DCT4 FlashFiles and also to
 encrypt again after you applied some changes. We must
 admit, this stuff is not "hot" anymore - it was coded
 in about 2 months between 01/2004 and 03/2004. That's
 now nearly 2 years. But it still should be a somewhat
 interesting X-Mas present for all the GSM-Modders out
 there...
__________________________________________________  _____


 Why this was done?
-----------------------

 Why? I think it was just fun :)
 But i dont remember anymore who of us had the idea
 to start analyzing the encryption algorithm.
 I just remember, we both suddenly sat in front of
 many bits (really MANY!) and stared at them to
 find out how the data was encrypted.


 How this was done?
-----------------------

 Heh, just open your notepad.exe, paste some 100
 lines of 11001001 10101010 11100100 11100001...
 and you know what we've done in these 2 months ;)
 We didnt have any access to neither the flash device,
 MCU or RAM, nor we used any (Java-)Exploit floating
 around. We didnt even have any of these DCT4-devices
 at this point. This was simply done with looking at
 about 20 different flash files.

 
 Who did this?
-----------------------

 This was all done by nok5rev and g3gg0. We both spent
 about the same amount of time for this stuff and
 both helped each other in finding out the neccessary
 bits for decoding. But we also got little help from
 kodo (thanks for the auto basevalue finder)


 What can i do with it?
------------------------

 Generally you should now be able to en/decrypt the DCT4
 FlashFiles used in "standard" dct4 devices. Standard
 DCT4 devices means any 6310, 8310, ...., 6610, 7250
 and so on. TIKU-devices like the 6230, 6230i or even
 symbian devices are _NOT_ supported.

 The first DCT4 devices still had enrcypted PPM's, but
 nokia switched to non-encrypted ones for obvious
 security reasons.
 So don't wonder, when some people already have modded
 3510i handsets which just have some graphics changed.
 It's the standard PPM structure that was also used in
 DCT3 phones. Unfortunately theres a little difference
 that causes the most tools to crash or do mistakes.

 However, the MCU files still are crypted ;)

 The FlashFiles all have the same encryption method,
 it just differs in a (we call it) basevalue, which is
 just a  simple XOR parameter. When decrypting, the
 programs spit out the basevalue which you normally don't
 need. The tools remember the value and ask you for the file
 that should be encrypted again (or they use a predefined
 filename).


 Will modding work?
-----------------------

 After you re-encrypted a modified FlashFile you can
 flash it, but your phone won't power-on. why?
 We didn't track that down very deep, but when removing
 the "Claudia" sequence in the flash header it will work
 at least with the wrong "FAID" - that means it resets
 after some time :)
 But please make sure, you have a working, original file
 flashed before you write a modded file with disabled Claudia.

 Claudia is the tag in flash header starting with 
 D3 40 and the 0x40 bytes coming after that. Just FF the
 0x40 bytes behind the tag.

 ->  D3 40 [0x40 bytes Claudia]
     replace with
 ->  D3 40 [0x40 times FF]

 
 Okay that's it :)

 We've flashed our phones (we got after reversing the encryption)
 several times - even with faulty Claudia and FAID - without any
 bigger problem.

 So, if you turn your phone into a brick, dont blame us...
     ... it's your fault!  ;)




 Thanks to:
------------------------

  Kodo
  B.
  U.
 

  Oh, and if you plan to integrate this code into your commercial
  products... ...unfortunately we can't do anything against it :(
  But if you do so, _please_ be so kind and reward our work with
  sending an license/sample of your program/device to either
  nok5rev or g3gg0   -   thanks!



enjoy this stuff as much as we enjoyed coding it :)


Best Regards,
nok5rev/g3gg0


Merry Xmas (fixed).zip
Pobierz Plik ściągnięto 282 raz(y) 44,51 KB

_________________
Płodni.com - Płodzimy kuszące pomysły,
PrzerwaNaReklame.pl - poczytaj o najlepszych światowych kampaniach reklamowych.
^
  Skype
     
AdSense


riger 
Expert
Elektronik...



Telefon: 5200
Operator: Orange
Pomógł: 25 razy
Wiek: 26
Dołączył: 26 Lut 2005
Posty: 1483
Skąd: 50km do Gdanska
Wysłany: 2006-04-08, 20:12   

W zalaczniku wersja skompilowana

CrypterX.rar
Pobierz Plik ściągnięto 252 raz(y) 641,84 KB

^
 
 
     
Wyświetl posty z ostatnich:   
Odpowiedz do tematu
Nie możesz pisać nowych tematów
Nie możesz odpowiadać w tematach
Nie możesz zmieniać swoich postów
Nie możesz usuwać swoich postów
Nie możesz głosować w ankietach
Nie możesz załączać plików na tym forum
Możesz ściągać załączniki na tym forum
Dodaj temat do Ulubionych
Wersja do druku

Skocz do:  

Podobne tematy
Temat Autor Forum Odpowiedzi Wysłany
Brak nowych postów Mini toutorial - modyfikacja ppm i cn... xury [DCT4] Modyfikacje HW i SW 34 2007-12-31, 17:23
Brak nowych postów Odbudowa imei dct4 lichen111 DCT-4 10 2008-01-13, 12:29
Brak nowych postów kable od dct4 flashera do JAF-a adammmos SW 6 2008-10-29, 14:41
Brak nowych postów NSS pod DCT4 kapikp910i DCT-4 6 2009-01-21, 22:18
Brak nowych postów life timer w dct4 kocik1993 DCT-4 8 2011-05-29, 18:13