62 replies to this topic

[John W]

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Edited by John W, 13 November 2011 - 01:25 AM.

[glossywhite]

 John W, on 13 November 2011 - 01:24 AM, said:

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Doesn't Channel1.nvm contain this info?

[John W]

 glossywhite, on 13 November 2011 - 01:45 AM, said:

Doesn't Channel1.nvm contain this info?

I thought it did, BUT when I try doing an A/B comparison between restoring Channel1.nvm and the QCN file, QCN works, Channel1.nvm doesn't. The QCN file is much bigger than Channel1.nvm and I suspect contains more than it (rather than just being in a less efficient format).

[xiaoyaoswim]

 John W, on 13 November 2011 - 01:24 AM, said:

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Well done John, that's really a brilliant finding! Hope this could finally make a perfect  solution.
Could someone pls try and confirm this?

[glossywhite]

Wish I had known this before unlocking, LOL!

[kevwales]

 xiaoyaoswim, on 13 November 2011 - 01:49 AM, said:

Well done John, that's really a brilliant finding! Hope this could finally make a perfect  solution.
Could someone pls try and confirm this?

Confirmed.

About re-locking, I flashed the files: GB_P743FV1.0.0B05 and OUK_P743TV1.0.0B18 from hecatae. Using FTM flash tools.

Results were: still unlocked, I think the xcsp_eclib.dll file is guilty! So i was thinking of using QPST to flash the above files.
But i have had a few to many drinks to do tonight  

[xiaoyaoswim]

 kevwales, on 13 November 2011 - 02:20 AM, said:

Confirmed.

About re-locking, I flashed the files: GB_P743FV1.0.0B05 and OUK_P743TV1.0.0B18 from hecatae. Using FTM flash tools.

Results were: still unlocked, I think the xcsp_eclib.dll file is guilty! So i was thinking of using QPST to flash the above files.
But i have had a few to many drinks to do tonight  

Exciting news!
Saturday night = drinking night

[glossywhite]

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"
00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

Edited by glossywhite, 13 November 2011 - 03:18 AM.

[xiaoyaoswim]

 glossywhite, on 13 November 2011 - 03:15 AM, said:

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"
00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

Good job! For those who have done unlocking & suffer the loss of MAC, to hex edit the QCN file and restore is a good idea. But as John pointed out, there is potentially other loss of NV items, which could be hard to manually modify.

As to Channel1.nvm, I once noticed on a Chinese forum that, some guy working on another ZTE Android handset  found IMEI and BT MAC in it, but no WLAN MAC.  

I think the most exciting thing is that more and more bright people are joining to make the unlocking solution better and better.

[tillaz]

 glossywhite, on 13 November 2011 - 03:15 AM, said:

It seems the WiFi MAC address resides in NV_ITEMS.

I TPT'd my OMC back to Stock Orange UK, entered FTM mode, then switched to Windows and fired up QPST. Next, I took a *.QCN backup of my NV_ITEMS, went back to Ubuntu, looked at it in a hex editor ("hexdump -c <somefilename.qcn>")...

matt@matt-Aspire-X3950:~/Desktop/NOV_OMC_QPST_NVITEMS$ hexdump -C NVITEMS_OMC_MY_NOV_2011.qcn | grep "11 22"
00001e00  88 00 01 00 83 00 00 00  11 22 33 44 55 66 00 00  |........."3DUf..|

... and whaddaYaKnow! There's that default, placeholder "11:22:33:44:55:66" MAC address!

It seems that the nv_4319 which holds our ORIGINAL, pre-unlocked, factory MAC, conflicts with the one held in NV_ITEMS, hence the popup!

We need to hexedit the NV_ITEMS *QCN backup, so that it holds our WiFi MAC address. Also, I did a hexedit of the "Channel1.nvm" which the new unlock method backs up for you when you flash the unlock, and ONLY THE BLUETOOTH MAC WAS IN THERE.

Summary: Hexedit needed, I think.

so have you managed to get rid off the pop up ?

[glossywhite]

 tillaz, on 13 November 2011 - 03:40 AM, said:

so have you managed to get rid off the pop up ?

############# MAC POPUP BANISHED!!!! MAC FIXED PERMANENTLY, ACROSS ROMS ETC!!!!! ####################

On Stock Orange, after I hex-edited my ORIGINAL MAC into the *.QCN backup of my NV_ITEMS,  flashed my hex-edited *.QCN back to the phone using QPST in FTM mode, and rebooted, there was my ORIGINAL MAC (which I had inserted in place of the template 112233445566, using hexeditor). Restoring my BlueMonte Now, no reason to doubt it will be sitting there waiting for me


I'm not scared, it's just a phone!

[UPDATE]

That fixes it! There was my MAC, waiting for me! No more popup!

WooHoo! lol

The /etc/nv_4319, after restoration of my CWM backup, still says "11:22:33:44:55:66" in the un-commented line, but I have a feeling the HARDWARE flashed MAC overrides this.

Edited by glossywhite, 13 November 2011 - 04:08 AM.

[xavk]

Really nice to see such rapid progress!  Can someone please advise how I can get QPST to recognise my Skate?  I cant seem to get it to enter Diagnostic mode.

Thanks!

[tilal6991]

Great work. Will now include this in my tutorial.

[Droid 007]

 John W, on 13 November 2011 - 01:24 AM, said:

Quick heads up,

If you want to prevent the loss of your WIFI mac address and probably other NV items that we don't yet know about then there's a working method. This isn't a tutorial just a heads up to those writing the tutorials that they can incorporate.

If you can locate a copy of QPST v2.7_366 via Google, and run the included utility "Software download", use the BACKUP tab with the default options to save your phone's non volatile memory state into a QCN file (with all default options), then run the Unlock process according to existing tutorials, then go back into "Software download" and use the Restore tab to restore the saved QCN file, you will find that you have avoided losing your MAC address (Losing the MAC address is probably no big issue, though to me it seems incredibly unlikely statistically that that is all we've lost from the existing unlocking process, and my concern is there are most likely other items that we may discover have been lost later on such as radio calibration data etc)

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

Is there a software/app that could be used fix the MAC address?

[glossywhite]

 Droid 007, on 13 November 2011 - 01:43 PM, said:

Unfortunately these instructions were not available when I unlocked. So, I do not have QCN file to start with. Now my phone is unlocked. I have written down the MAC address for it, but trying out various forum suggestions to update it on the phone, but no success.

Is there a software/app that could be used fix the MAC address?

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Will try and do screenshots sometime.

[Droid 007]

 glossywhite, on 13 November 2011 - 01:47 PM, said:

Yes. You download a backup of the .QCN using QPST tool, hex-edit your MAC into it (search for 11 22 33 44 55 66 and replace with your mac, using the same format), then flash it back in, using QPST. If you're unsure DO NOT ATTEMPT, as you'll brick the OMC, quite possibly.

Will try and do screenshots sometime.

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

[glossywhite]

 Droid 007, on 13 November 2011 - 02:00 PM, said:

I cannot afford to brick. I will wait until you have step by step instructions with screenshots.

I don't have time to do the whole QPST backup sequence. Hopefully someone else will. But I have made a video which shows the important part; how to edit your MAC address in the *.QCN backup of NVITEMS, and save it, ready for flashing:

[BustaRhymes+]

I cant get QPST to recognise my skate....keep getting atlas server error HR=0x800702e4 and no phone connected message ?

Thanks

[tilal6991]

 BustaRhymes+, on 13 November 2011 - 02:27 PM, said:

I cant get QPST to recognise my skate....keep getting atlas server error HR=0x800702e4 and no phone connected message ?

Thanks

Have a look at my tut here

[BustaRhymes+]

Cheers Tilal well I wasnt putting it into ftm mode but now I have I stil cant get it to recognise my phone...same error, I was tempted to just unlock it without saving my mac and other items but I guess that would be kinda stupid.

Im a bit of a rookie when it comes to things like this lol