Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page GSM cell phone unlocking
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #3  
Old 08-26-2004, 20:16
McS2oo4
 
Posts: n/a
At begining all was in eeprom, so one could read eeprom with eeprom programmer, change one byte (ulualy was 01 locked, 00 sim unlocked). Then they started to add some realy easy algos so it was like just one XOR or switch nibles, example: locked state: 452398 , unlocked state:543289 (nibles swithced on every byte!). Then they have started to use more and more complicated algos linked to IMEI, Provider code ect. Other method was to directly patch rom image and flash back to phone. Actulay wioth this you just NOP the jmp in flash so skip sim security checks, nothjing more. But then again in nokias you hade to fix the cheskum of flash and update the OTP area. How time past thisng get complicated, and not New Motorola phones V series you can only unlock by codes sending IMEI number to unlock server. So if you tries to do some research this days it will be realy hard to track on now days protections inside new gsm models. Good luck anyway )
Ps. I used to write some of gsm crack sw in past
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT +8. The time now is 01:49.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )