Jump to content

How To De-cert Nextel I930?

Guest kolyan2k

By Guest kolyan2k
in Smartphone General Discussion

 Share

Recommended Posts

Guest ctitanic

Guest ctitanic

Posted
Posted
Do you think there is a registry entry that can disable the clock from synching with Nextel? I imagine it would be under /HKLM/... I bet that whole hive is locked from registry editing....  :evil:

<{POST_SNAPBACK}>

That's for sure. You wont be able to change the registry.

Link to comment
Share on other sites
  • Replies 135
  • Created
  • Last Reply

Popular Days

Popular Days

Posted Images

Guest ctitanic

Guest ctitanic

Posted
Posted
Ctitanic,

I was able to change the registry keys you told us we needed to decert the phone, I need to know what to do now! :twisted:

<{POST_SNAPBACK}>

turn off and on your phone and check those keys, are they still with those values?

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
Like I said before, I'm willing to share information...

Who ever change these registry keys will unlock the phone

HKLM\Security\Policies\Policies

00001001 from 2 to 1

00001006 to 1

00001005 to 16

00001017 to 16

Nothing else is needed.

These keys are protected and only an application signed by Motorola or Nextel or any other company with full privileges.

<{POST_SNAPBACK}>

I hope that you are talking about these registry keys.

Link to comment
Share on other sites
Guest Toasted Logic

Guest Toasted Logic

Posted
Posted

Yes, those are the keys I changed. I rebooted the phone and they are still set to the correct values! It's decertified!!!!

Thank you so much for your guidance on this topic, CTitanic. I have a lot of homework to get done this weekend but soon I will prepare a full tutorial on how this was accomplished, giving you special thanks.

Do you know if there is anything I can do to keep these registry settings after a hard-reset (format to factory specs)...? If the phone is decertified would I be able to re-flash the rom or is that totally different?

To all 930 users: We've done it. I'll post back with the method ASAP. :twisted:

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
Yes, those are the keys I changed. I rebooted the phone and they are still set to the correct values! It's decertified!!!!

Thank you so much for your guidance on this topic, CTitanic. I have a lot of homework to get done this weekend but soon I will prepare a full tutorial on how this was accomplished, giving you special thanks.

Do you know if there is anything I can do to keep these registry settings after a hard-reset (format to factory specs)...? If the phone is decertified would I be able to re-flash the rom or is that totally different?

To all 930 users: We've done it. I'll post back with the method ASAP. :twisted:

<{POST_SNAPBACK}>

Please, keep it me informed. The key is how to change those registry keys and you have done that. I'm dying to post that at my site.

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted

Very smart. But... I don't think that many owners will be able to follow all that. But... I believe that the best way is to create a backup copy of a hard reseted i930 with all these keys already changed and applied.

If anyone want to have their phone decertified all they need is restore that copy and start installing everything from 0. The contacts and calendar are not big deal because they will come back as soon as you sync your phone. :)

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted

Even, to make things easier you can create a back of just the system data using SpriteBackup and that, I believe, will contain just the registry :).

Just create the backup of the registry from your phone after a hard reset and with those keys changed and then, if anybody want to unlock the phone all they need to do is to buy spritebackup and restore your backup :D

Link to comment
Share on other sites
Guest j2chulo

Guest j2chulo

Posted
Posted
Even, to make things easier you can create a back of just the system data using SpriteBackup and that, I believe, will contain just the registry :).

Just create the backup of the registry from your phone after a hard reset and with those keys changed and then, if anybody want to unlock the phone all they need to do is to buy spritebackup and restore your backup :D

<{POST_SNAPBACK}>

Guy guys guys i cant wait to try this tomorrow. its 1:37am i just found out you guys did it if this work im gonna be in debt with your for the rest of my life. LOL well i will post me answer tomorrow if it work or not

Link to comment
Share on other sites
Guest j2chulo

Guest j2chulo

Posted
Posted
A friend gave me this link for to do the i930 Decertification Hack.

hope it helps

http://www.projectcaffeine.com/modules.php...=article&sid=37

<{POST_SNAPBACK}>

HHAHAH you funny Dedus but its ok. Do you know you are putting this link on the same threat Ctitanic Toasted logic and tzar did the decer. that it just a replica or copy of Toasted Logic original tutorial. ahhah

Link to comment
Share on other sites
Guest Toasted Logic

Guest Toasted Logic

Posted
Posted

Ctitanic,

A buddy who helped inspire this hack did just what you recommended.. he backed up only the system files on a clean formatted phone and hacked the reg to be decertified... It's available wherever the tutorial is...

:)

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
Ctitanic,

A buddy who helped inspire this hack did just what you recommended.. he backed up only the system files on a clean formatted phone and hacked the reg to be decertified... It's available wherever the tutorial is...

:)

<{POST_SNAPBACK}>

I saw it today in the morning, you are talking about decert.zip file?

I hosted at my site too, just in case!

Thanks guys, you did a wonderful job here fuc...ing Nextel.

Link to comment
Share on other sites
Guest tzarcone

Guest tzarcone

Posted
Posted
Even, to make things easier you can create a back of just the system data using SpriteBackup and that, I believe, will contain just the registry :).

Just create the backup of the registry from your phone after a hard reset and with those keys changed and then, if anybody want to unlock the phone all they need to do is to buy spritebackup and restore your backup :D

<{POST_SNAPBACK}>

Hi Ctitanic,

I was working with Toasted Logic on this mod. Seems we ran into alittle snag. The de-cert seems to work for everyone as long as they are not sync'ing with an exchange server. Now if they sync with an exchange server it is pretty much hit and miss some work and some do not.

The one thing I have noticed is there seems to be two differant versions of USR

USR: 11A.01.08

and

USR: 11A.01.07

That doesn't even help that much cause some with both versions are having issues as well. One fix that seemed to improve some was to change the value of the 00001017 from 16 to 156. I am not too sure what to try next.

A post from one of the people on hofo explaining why:

"Explaination: 00001017 is the 4119 security policy, that controls who has admin privilages (Grant Manager). Orig value is 140 (128 + 8 + 4) See Here You add up each of the numbers for the roles you want to have admin rights and put the total in this registry key. You changed that to 16 which gives admin right ONLY to the user, but takes it away from other important security roles (including whatever one activesync uses) what you should do is add 16 to the number 128 + 8 + 4 + 16 = 156"

I also have had someone that is having problems format his phone and than back it up and I modified his backup changing those keys. ( he was not working with the orginal decert and also the decert1 version with the 00001017 key changed.) Had him restore the clean backup that i modified that was both system and user data.

His reply from that fix:

"I formatted and installed the file you sent this morning. ActiveSync Echange Good, De-Cert good to Install unsigned apps. But when you go to run the app I get a message Access Denied The program cannot start because it is not digitally signed with a trusted certificate."

Could there be another key that needs to be changed or could 00001005 need to also be 156? I am not sure exactly which key does what so do not know what the values should be and figured I would ask your advice first.

Let me know if anyone has any ideas. There is enough people that want to get de-cert that are having issues so we have some testers to see if something can fix the problem while still working for the others as well.

Thanks,

Ted

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
Hi Ctitanic,

I was working with Toasted Logic on this mod. Seems we ran into alittle snag. The de-cert seems to work for everyone as long as they are not sync'ing with an exchange server. Now if they sync with an exchange server it is pretty much hit and miss some work and some do not.

The one thing I have noticed is there seems to be two differant versions of USR

USR: 11A.01.08

and

USR: 11A.01.07

That doesn't even help that much cause some with both versions are having issues as well. One fix that seemed to improve some was to change the value of the 00001017 from 16 to 156. I am not too sure what to try next.

A post from one of the people on hofo explaining why:

"Explaination: 00001017 is the 4119 security policy, that controls who has admin privilages (Grant Manager). Orig value is 140 (128 + 8 + 4) See Here You add up each of the numbers for the roles you want to have admin rights and put the total in this registry key. You changed that to 16 which gives admin right ONLY to the user, but takes it away from other important security roles (including whatever one activesync uses) what you should do is add 16 to the number 128 + 8 + 4 + 16 = 156"

I also have had someone that is having problems format his phone and than back it up and I modified his backup changing those keys. ( he was not working with the orginal decert and also the decert1 version with the 00001017 key changed.) Had him restore the clean backup that i modified that was both system and user data.

His reply from that fix:

"I formatted and installed the file you sent this morning. ActiveSync Echange Good, De-Cert good to Install unsigned apps. But when you go to run the app I get a message Access Denied The program cannot start because it is not digitally signed with a trusted certificate."

Could there be another key that needs to be changed or could 00001005 need to also be 156? I am not sure exactly which key does what so do not know what the values should be and figured I would ask your advice first.

Let me know if anyone has any ideas. There is enough people that want to get de-cert that are having issues so we have some testers to see if something can fix the problem while still working for the others as well.

Thanks,

Ted

<{POST_SNAPBACK}>

Ok, I do not use exchange so I can't tell you if my phone can or not sync with exchange. I do not believe that changing that key has anything to do with exchange because the same MS says that all you need to unlock a phone are the initial values that I posted here. But... let's compare what I have in my unlock phone and what you have in your.

From my phone

00001001 - 1

00001005 - 16

00001006 - 1

00001007 - 64

00001008 - 1

00001009 - 5

0000100b - 3716

0000100c - 2112

0000100d - 3136

0000100e - 64

0000100f - 3732

00001011 - 1

00001013 - 1

00001017 - 144

00001018 - 16

00001019 - 140

0000101a - 1

0000101b - 1

These values from my phone do not means that you are going to get with them FULL control of the phone but at least you are going to have the capability of installing what ever you want to install and to change at least 95 % of your registry. This is what I have in my phone and I have not look into change anything else there because I can do what ever I need with it so basically this setup should make happy the majority of you. Compare these values with yours and let me know what is different. Once we have what is different we can play with those settings. Remember what I said in howardforum. You don't need to do any thing with hex to change those values again. I believe that with just a cab file we can change it so if you want to test that theory I can create a cab for what ever value you want to change and let see if I'm right or no. If I'm right I can help you guys creating a little program in case we need to have different values for one key to satisfy all users (FREEWARE).

Link to comment
Share on other sites
Guest tzarcone

Guest tzarcone

Posted
Posted (edited)
Ok, I do not use exchange so I can't tell you if my phone can or not sync with exchange. I do not believe that changing that key has anything to do with exchange because the same MS says that all you need to unlock a phone are the initial values that I posted here. But... let's compare what I have in my unlock phone and what you have in your.

From my phone

00001001  - 1

00001005  - 16

00001006  - 1

00001007  - 64

00001008  - 1

00001009  - 5

0000100b  - 3716

0000100c  - 2112

0000100d  - 3136

0000100e  - 64

0000100f   - 3732

00001011  - 1

00001013  - 1

00001017  - 144

00001018  - 16

00001019  - 140

0000101a  - 1

0000101b  - 1

These values from my phone do not means that you are going to get with them FULL control of the phone but at least you are going to have the capability of installing what ever you want to install and to change at least 95 % of your registry. This is what I have in my phone and I have not look into change anything else there because I can do what ever I need with it so basically this setup should make happy the majority of you. Compare these values with yours and let me know what is different. Once we have what is different we can play with those settings. Remember what I said in howardforum. You don't need to do any thing with hex to change those values again. I believe that with just a cab file we can change it so if you want to test that theory I can create a cab for what ever value you want to change and let see if I'm right or no. If I'm right I can help you guys creating a little program in case we need to have different values for one key to satisfy all users (FREEWARE).

<{POST_SNAPBACK}>

Ok here are my settings on my phone (Exchange is sync'ing also)

00001001 - 1

00001005 - 16

00001006 - 1

00001007 - 64

00001008 - 1

00001009 - 3

0000100b - 132

0000100c - 0

0000100d - 0

0000100e - 64

0000100f - 132

00001011 - 1

00001013 - 1

00001017 - 16

00001018 - 16

00001019 - 140

0000101a - 0

0000101b - 1

Current decert1_ settings (exchange also works for me)

00001001 - 1

00001005 - 16

00001006 - 1

00001007 - 64

00001008 - 1

00001009 - 3

0000100b - 132

0000100c - 0

0000100d - 0

0000100e - 64

0000100f - 132

00001011 - 1

00001013 - 1

00001017 - 156

00001018 - 16

00001019 - 140

0000101a - 0

0000101b - 0

Thanks for your help on this, yes once we get all the settings corrected a cab would be a great idea. I can test it as well as the others that we tested with.

Thanks,

Ted

Edited by tzarcone
Link to comment
Share on other sites
Guest dervenez

Guest dervenez

Posted
Posted

There are alot of Beta's floating around that were completly de-certified. Would it help if

you could use the sprite back-up program on a beta and compare settings?

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
There are alot of Beta's floating around that were completly de-certified.  Would it help if 

you could use the sprite back-up program on a beta and compare settings?

<{POST_SNAPBACK}>

Is exchange working in those betas?

I'm really not to worry about the Exchange problem because I believe that the problem is more human than a bad setting :) and in another hand now we have full control of the phone already and the policies can be changed easier.

Link to comment
Share on other sites
Guest dmiddltn

Guest dmiddltn

Posted
Posted

I'd be more than happy to test.

I run Exchange Sync - and have just been backing up and restoring the rom images depending of it I need it unlocked or not.

If I want it decerted - I load the rom from the decert.zip

If I want to use exchange sync - I load a backup copy of my rom I made, and can be back up and running within a few mins.

Regardless - I'll help out any way I cant.

I also an the Exchange admin at my office, so we 100% control over that as well.

Link to comment
Share on other sites
Guest ctitanic

Guest ctitanic

Posted
Posted
I'd be more than happy to test.

I run Exchange Sync - and have just been backing up and restoring the rom images depending of it I need it unlocked or not.

If I want it decerted - I load the rom from the decert.zip

If I want to use exchange sync - I load a backup copy of my rom I made, and can be back up and running within a few mins.

Regardless - I'll help out any way I cant.

I also an the Exchange admin at my office, so we 100% control over that as well.

<{POST_SNAPBACK}>

well, then decert, run the cab and try to sync with exchange.

Link to comment
Share on other sites
Guest dmiddltn

Guest dmiddltn

Posted
Posted

No good... loaded the decert, then the cab suggested... here's what happens:

The sync screen shows connected - but it's actually not in sync.

The sync button reatcts the same way as before.

You are also unable to make changes to the settings - mailserver, sync schedule, etc.

Link to comment
Share on other sites
Guest dmiddltn

Guest dmiddltn

Posted
Posted
No good... loaded the decert, then the cab suggested... here's what happens:

The sync screen shows connected - but it's actually not in sync.

The sync button reatcts the same way as before.

You are also unable to make changes to the settings - mailserver, sync schedule, etc.

<{POST_SNAPBACK}>

One sec all... I didn't realize there was another revision of the decert patch.

Let me try the process again.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept