UNLOCKING: HOW TO PREVENT WIFI MAC AND NVITEMS LOSS

[Guest John W]

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Edited November 13, 2011 by John W

[Guest glossywhite]

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Doesn't Channel1.nvm contain this info?

[Guest John W]

Doesn't Channel1.nvm contain this info?

I thought it did, BUT when I try doing an A/B comparison between restoring Channel1.nvm and the QCN file, QCN works, Channel1.nvm doesn't. The QCN file is much bigger than Channel1.nvm and I suspect contains more than it (rather than just being in a less efficient format).

[Guest xiaoyaoswim]

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Well done John, that's really a brilliant finding! Hope this could finally make a perfect solution.

Could someone pls try and confirm this?

[Guest glossywhite]

Wish I had known this before unlocking, LOL!

[Guest kevwales]

Well done John, that's really a brilliant finding! Hope this could finally make a perfect solution.

Could someone pls try and confirm this?

Confirmed.

About re-locking, I flashed the files: GB_P743FV1.0.0B05 and OUK_P743TV1.0.0B18 from hecatae. Using FTM flash tools.

Results were: still unlocked, I think the xcsp_eclib.dll file is guilty! So i was thinking of using QPST to flash the above files.

But i have had a few to many drinks to do tonight :blink:

[Guest xiaoyaoswim]

Confirmed.

About re-locking, I flashed the files: GB_P743FV1.0.0B05 and OUK_P743TV1.0.0B18 from hecatae. Using FTM flash tools.

Results were: still unlocked, I think the xcsp_eclib.dll file is guilty! So i was thinking of using QPST to flash the above files.

But i have had a few to many drinks to do tonight :blink:

Exciting news!

Saturday night = drinking night

[Guest glossywhite]

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"

00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

Edited November 13, 2011 by glossywhite

[Guest xiaoyaoswim]

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"

00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

Good job! For those who have done unlocking & suffer the loss of MAC, to hex edit the QCN file and restore is a good idea. But as John pointed out, there is potentially other loss of NV items, which could be hard to manually modify.

As to Channel1.nvm, I once noticed on a Chinese forum that, some guy working on another ZTE Android handset found IMEI and BT MAC in it, but no WLAN MAC.

I think the most exciting thing is that more and more bright people are joining to make the unlocking solution better and better.

[Guest tillaz]

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"

00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

[/code]


... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!


It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!


We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.


Summary: Hexedit needed, I think.



so have you managed to get rid off the pop up ?

[Guest glossywhite]

so have you managed to get rid off the pop up ?

############# MAC POPUP BANISHED!!!! MAC FIXED PERMANENTLY, ACROSS ROMS ETC!!!!! ####################

On Stock Orange, after I hex-edited my ORIGINAL MAC into the *.QCN backup of my NV_ITEMS, flashed my hex-edited *.QCN back to the phone using QPST in FTM mode, and rebooted, there was my ORIGINAL MAC (which I had inserted in place of the template 112233445566, using hexeditor). Restoring my BlueMonte Now, no reason to doubt it will be sitting there waiting for me :D

I'm not scared, it's just a phone! :P

[uPDATE]

That fixes it! There was my MAC, waiting for me! No more popup!

WooHoo! lol

The /etc/nv_4319, after restoration of my CWM backup, still says "11:22:33:44:55:66" in the un-commented line, but I have a feeling the HARDWARE flashed MAC overrides this.

Edited November 13, 2011 by glossywhite

[Guest xavk]

Really nice to see such rapid progress! Can someone please advise how I can get QPST to recognise my Skate? I cant seem to get it to enter Diagnostic mode.

Thanks!

[Guest tilal6991]

Great work. Will now include this in my tutorial. :)

[Guest Droid 007]

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

Is there a software/app that could be used fix the MAC address?

[Guest glossywhite]

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

Is there a software/app that could be used fix the MAC address?

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Will try and do screenshots sometime.

[Guest Droid 007]

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Will try and do screenshots sometime.

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

[Guest glossywhite]

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

I don't have time to do the whole QPST backup sequence. Hopefully someone else will. But I have made a video which shows the important part; how to edit your MAC address in the *.QCN backup of NVITEMS, and save it, ready for flashing:

[Guest BustaRhymes+]

I cant get QPST to recognise my skate....keep getting atlas server error HR=0x800702e4 and no phone connected message ?

Thanks

[Guest tilal6991]

I cant get QPST to recognise my skate....keep getting atlas server error HR=0x800702e4 and no phone connected message ?

Thanks

Have a look at my tut here

[Guest BustaRhymes+]

Cheers Tilal well I wasnt putting it into ftm mode but now I have I stil cant get it to recognise my phone...same error, I was tempted to just unlock it without saving my mac and other items but I guess that would be kinda stupid.

Im a bit of a rookie when it comes to things like this lol

[Guest tilal6991]

Cheers Tilal well I wasnt putting it into ftm mode but now I have I stil cant get it to recognise my phone...same error, I was tempted to just unlock it without saving my mac and other items but I guess that would be kinda stupid.

Im a bit of a rookie when it comes to things like this lol

You need drivers to be installed. Did you install drivers on the post?

[Guest glossywhite]

You need drivers to be installed. Did you install drivers on the post?

I remember, years and years ago, when a friend gave me an old laser printer. He said "you'll need the drivers"... I was SO confused LOL! "what on EARTH are 'drivers' " :D

[Guest tilal6991]

I remember, years and years ago, when a friend gave me an old laser printer. He said "you'll need the drivers"... I was SO confused LOL! "what on EARTH are 'drivers' " :D

Lol. :)

[Guest BustaRhymes+]

Drivers now installed but stil getting same error message :(

[Guest tilal6991]

Drivers now installed but stil getting same error message :(

I don't understand why it's not working :(. What is the exact message you get?