T
Tr0nAd0r
Guest
where i can buy the flash ics?
is posible disable the OTP check?
is posible disable the OTP check?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
T
Tr0nAd0r
Guest
where i can download the .fls of the C55 v24?
T
Tr0nAd0r
Guest
any idea to change the imei in the C55/C56?
A
Andrew911
Guest
In you dont know how work Siemens phone dont tell imei registering to network cannot changed. Im test my patch IMEI to network from EEPROM not from OTP Area.
Best reards,
Andrew911
Best reards,
Andrew911
0
0xFEDF
Guest
http://www.pine.spb.ru/temp/FF_172C_24911.rar
http://download.siemens-club.ru/files/fullflash/c55full_v24_172C.rar
Check offset 3A7398: 88908880 in fubu file - it is correct 100%
If you use Freia addressing - add 0x800000 to all offsets (for C55).
http://download.siemens-club.ru/files/fullflash/c55full_v24_172C.rar
Check offset 3A7398: 88908880 in fubu file - it is correct 100%
If you use Freia addressing - add 0x800000 to all offsets (for C55).
0
0xFEDF
Guest
;Flash patch for C55 v.24 phones
;(c) Sinclair
3A7398: 88908880 FA8B8465
0B6584: FFFFFFFF E6FE9025
0B6588: FFFFFFFF E6FF2D02
0B658C: FFFFFFFF FADC443B
;0B6590: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 20494D4549206E6F7420666F756E6400 ; new IMEI as String, last byte must be 0x00, originally here is string " IMEI not found"
I don't know, is this "new IMEI" shown to operator, or not, but it is shown in any program, that can read IMEI from phone. After applying this patch to phone, EEPROM and OTP IMEI still the same, like before patching - You can check it with Freia.
If they are different - phone not work, but there not needed change EEPROM or OTP IMEI with this patch.
;(c) Sinclair
3A7398: 88908880 FA8B8465
0B6584: FFFFFFFF E6FE9025
0B6588: FFFFFFFF E6FF2D02
0B658C: FFFFFFFF FADC443B
;0B6590: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 20494D4549206E6F7420666F756E6400 ; new IMEI as String, last byte must be 0x00, originally here is string " IMEI not found"
I don't know, is this "new IMEI" shown to operator, or not, but it is shown in any program, that can read IMEI from phone. After applying this patch to phone, EEPROM and OTP IMEI still the same, like before patching - You can check it with Freia.
If they are different - phone not work, but there not needed change EEPROM or OTP IMEI with this patch.
T
Tr0nAd0r
Guest
EEPROM and OTP IMEI still the same?
its work?
its work?
C
carmobile
Guest
If it is short, IMEI in Siemens C55 to change it is IMPOSSIBLE. Now I explain, as as. In Siemens C45, and earlier phones, IMEI it is stored only in area EEPROM, therefore it changes on absolutely anyone without any problems, at unlock.
In Siemens A50 and in more senior models IMEI it is stored already in two places, in EEPROM and in a special, unitary programmed microcircuit (PZ and * 1059. If with change IMEI, stored in EEPROM, problems both were not, and are not present to change contents of a microcircuit of a ROM only program methods it is impossible.
And the insertion of phone compares these two IMEI and if they do not coincide phone does not work. From the aforesaid it becomes clear, that if to alter A50 in C45 (there is such "technology", only, except for zalivki fullflesha, it is necessary still at least perepajat a pair rezistoro and * 1074 That change IMEI in such phone becomes possible because insertion C45 of concept has no about existence IMEI, taking place still somewhere, except for area EEPROM. So, only theoretically, decisions of " our problem " two, but I yet did not see concrete realization of any of them. For now we shall consider only theoretically possible variants:
1.
In Siemens A50 and in more senior models IMEI it is stored already in two places, in EEPROM and in a special, unitary programmed microcircuit (PZ and * 1059. If with change IMEI, stored in EEPROM, problems both were not, and are not present to change contents of a microcircuit of a ROM only program methods it is impossible.
And the insertion of phone compares these two IMEI and if they do not coincide phone does not work. From the aforesaid it becomes clear, that if to alter A50 in C45 (there is such "technology", only, except for zalivki fullflesha, it is necessary still at least perepajat a pair rezistoro and * 1074 That change IMEI in such phone becomes possible because insertion C45 of concept has no about existence IMEI, taking place still somewhere, except for area EEPROM. So, only theoretically, decisions of " our problem " two, but I yet did not see concrete realization of any of them. For now we shall consider only theoretically possible variants:
1.
T
Tr0nAd0r
Guest
Pls post the details Andrew
you have the patch??
How i disable the otp check??
you have the patch??
How i disable the otp check??
M
myjames
Guest
i am using FREIA, it does not works
T
Tr0nAd0r
Guest
any can explain this clue about imei changing:
3.24 updateflashimei(ufi)
-------------------------
From A50/C55 on there's another IMEI in the OTP protection registers
of the flash chip. Theis register is locked to prevent further updates.
Apart from this, you might want to set this IMEI as well when - for
example - replacing the flash chip.
Please note that because of the OTP behaviour of the protection
register, it means that you can only write (theoretically) once the
contetn of the register. To be exact it means that you might write the
register as many times as many times you wish (if it's not locked),
but you can only make 1 to 0 transitions in the IMEI mask.
So it might turn out that you end-up with a different IMEI (different
from the one you requested to set).
This command is only a flag indicating that the flash IMEI shall be
updated after a successful unlocking. Please note that you might
"reunlock" with the "adjusted" flash IMEI (because of 1 to 0 transitions
only).
how can apply this concept?
3.24 updateflashimei(ufi)
-------------------------
From A50/C55 on there's another IMEI in the OTP protection registers
of the flash chip. Theis register is locked to prevent further updates.
Apart from this, you might want to set this IMEI as well when - for
example - replacing the flash chip.
Please note that because of the OTP behaviour of the protection
register, it means that you can only write (theoretically) once the
contetn of the register. To be exact it means that you might write the
register as many times as many times you wish (if it's not locked),
but you can only make 1 to 0 transitions in the IMEI mask.
So it might turn out that you end-up with a different IMEI (different
from the one you requested to set).
This command is only a flag indicating that the flash IMEI shall be
updated after a successful unlocking. Please note that you might
"reunlock" with the "adjusted" flash IMEI (because of 1 to 0 transitions
only).
how can apply this concept?
T
Tr0nAd0r
Guest
and the otp check is in fw or in the boot of the phone??
D
debeliamark
Guest
@Andrew911
Right - OTP IMEI is only for service checking. Phone registered to network with copied to RAM EEPROM stored IMEI.
BTW - have you progress with M55 patch? If yes - let me know!
WBR - DebeliaMark, BG. Mailto:[email protected]
Right - OTP IMEI is only for service checking. Phone registered to network with copied to RAM EEPROM stored IMEI.
BTW - have you progress with M55 patch? If yes - let me know!
WBR - DebeliaMark, BG. Mailto:[email protected]
C
carmobile
Guest
please enter to this web page, i don't understand it but maybe could help us with our problem
http://motp.dyndns.org/
http://motp.dyndns.org/
0
0xFEDF
Guest
To be sure, You may try it
On my C55 v.24 phone it work - *#06# -> I see new "IMEI" (ANY string from address 0x0B6590 instead of IMEI from EEPROM or OTP)
On C55 You must disable CRC check before applying any patches to fullflash:
;C55v24 - disable first CRC check
;(c) avkiev
109BAE: DA90B894 CC00CC00
;C55v24 - disable second CRC check
145BEC: 2D 0D
or after patching fullflash Your phone will be locked - not turning on.
If so - restore original EEPROM or unlock phone, but without "disabled CRC check" phone will be locked again. For patching Use V-Klay. Nothing more to add.
On my C55 v.24 phone it work - *#06# -> I see new "IMEI" (ANY string from address 0x0B6590 instead of IMEI from EEPROM or OTP)
On C55 You must disable CRC check before applying any patches to fullflash:
;C55v24 - disable first CRC check
;(c) avkiev
109BAE: DA90B894 CC00CC00
;C55v24 - disable second CRC check
145BEC: 2D 0D
or after patching fullflash Your phone will be locked - not turning on.
If so - restore original EEPROM or unlock phone, but without "disabled CRC check" phone will be locked again. For patching Use V-Klay. Nothing more to add.
E
ESN Authority
Guest
So regarding point 6...
It is the solution for making phones work!, why changing IC to repair ORIGINAL IMEI??
@myjames.
Wich soft are you using.
I appreciate your info.....
Best Regards.
It is the solution for making phones work!, why changing IC to repair ORIGINAL IMEI??
@myjames.
Wich soft are you using.
I appreciate your info.....
Best Regards.
J
Jaythrax
Guest
A55...
OK fellow GSM researchers... here is the deal : the most common thing to happen when you try to disable the lock in the otp area is that ur set die... i had this problem a cluple times ad have sien it al around.... but is there any way to disabe the lok using a diferent set's firmware and epprom??? when freia is asking you to use a new imei it shoud be because u can chage it is any one there that actually know how to to this operation using freia??????
best regards
Jay
OK fellow GSM researchers... here is the deal : the most common thing to happen when you try to disable the lock in the otp area is that ur set die... i had this problem a cluple times ad have sien it al around.... but is there any way to disabe the lok using a diferent set's firmware and epprom??? when freia is asking you to use a new imei it shoud be because u can chage it is any one there that actually know how to to this operation using freia??????
best regards
Jay
T
Trixxie
Guest
Anyone knows if there is any patch for SL55? or where can I find more info?
Thx in advance & B/R
Thx in advance & B/R
T
Tr0nAd0r
Guest
I have a C56 (American 850/1900) i can apply this patches?
T
Tr0nAd0r
Guest
any know about this patches??