Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 yeh as i said, it doesn't seem to want to accept any commands? Tim
Guest DJHope Posted February 1, 2003 Report Posted February 1, 2003 maybe you arnt talking to the phone in the right mode, and hence it wont let you enter commands!
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 hmm this is what i thought but what other modes are there? Normal Canary pv (the one with the 3 colors) Canary diag (the one for the hard reset) I am lucky that I haven't got much hair if I did I wouldn't Tim
Guest aGeS Posted February 1, 2003 Report Posted February 1, 2003 Firaas got it - press ? and and it'll give you this list of commands. Maybe I'll setup something where only this serial cable and the commands can be discussed if it's needed... ?
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 but what mode are you doing this in?
Guest aGeS Posted February 1, 2003 Report Posted February 1, 2003 When at the 3 color Canary screen you plug in the serial cable. Fire up your terminal program and connect to the SPV using 115200, 8N1, Xon/Xoff. That works here.
Guest Firaas Posted February 1, 2003 Report Posted February 1, 2003 Hm. It's possible to access the SPV via USB on the canary screen. Wonder if I can get anywhere...
Guest Shuflie Posted February 1, 2003 Report Posted February 1, 2003 You thinking of reverse engineering the update code by any chance? :wink: If you could just manage to pull the microsoft USB driver for smartphones out of it and map to a com port that should do the trick.
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 aha, problem was that i was inserting the serial cable prior to getting to the bootloader tim
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 USE: rbmc [Filename StartAddr Len] Read back the memory content from the specified address to the host and save the data to specified file name. FileName : Full file path for saving data of memory. StartAddr : Start address of memory. Len : How many bytes will be read. could we use this to dump the contents of the eeprom to a file and then read it from there?
Guest Paul [MVP] Posted February 1, 2003 Report Posted February 1, 2003 Ah ha! I think this could be a winner... ;) P
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 cheers but this is still a very small needle in a hex addressed 32mb+prom haystack Tim
Guest Paul [MVP] Posted February 1, 2003 Report Posted February 1, 2003 Yes, but I know my unlock code, so I know what to look for ;) P
Guest Firaas Posted February 1, 2003 Report Posted February 1, 2003 Are you sure it's still the same? It may have reverted to a default code to avoid asking you again upon every startup (after a hard reset) - eg, the phone may have written over your code with "12345678", and the relevant program launching SIMLock.exe may look to see whether or not the code is 12345678...
Guest Paul [MVP] Posted February 1, 2003 Report Posted February 1, 2003 I can enable and disable my SIM lock using the Bootloader menu, and yes, I definitely know the code ;) P
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 okay still can't work out the path thing but have managed to get it to do a screen dump and then did a capture file in hyperterm. Just need to know where to look
Guest Arisme Posted February 1, 2003 Report Posted February 1, 2003 if it can help you, the USB method has been discussed some time ago on Smartphony, you just a proper USB serial driver (which is easy to find on Linux :wink:) fire your favorite babelfish at http://www.9eek.org/forum/viewtopic.php?t=934 :wink:
Guest plink212 Posted February 1, 2003 Report Posted February 1, 2003 Any one made any progress? I tried to do rbmc dump 2000000 100000 which i think is 32mb from beginning for 1mb but it is either thinking for 5mins or has hung Tim
Guest aGeS Posted February 1, 2003 Report Posted February 1, 2003 plink212: I'm working some together with Firaas on this and our approch is by looking at logs from the boot of the phone. I think that its good that we work in different directions and give some status here as we might stumble into something the other can use. We're playing with the ATCMD and trying to analyze the logs from booting. We might have found the AT CMD the controls the Network lock but we have to look more into this to be sure. If we're right it seems like the booting sets the network lock on and off during different phases of the boot. We'll keep you posted on the progress....
Guest aGeS Posted February 1, 2003 Report Posted February 1, 2003 plink212: Just read this on the XDA Manipulator: Ctrl-R dumps the 4MB radio ROM to c:RS-x-xx.bin. (this takes half an hour or so: blame the serial port and the fact that we need to use AT commands to ask for 4 MB, 64 bytes at a time, in hex) If it takes about ½ hour to dump 4MB on the XDA it must take alot more time to dump 32MB on our SPV.
Guest aGeS Posted February 2, 2003 Report Posted February 2, 2003 For spacemonkey or other programmers: Is it possible to write a program that gives AT commands to the phone ?
Guest plink212 Posted February 2, 2003 Report Posted February 2, 2003 on that note it took about 30 mins to do a 17mb terminal dump but i still can't work out where is dumps this file :[ Still no closer Tim
Guest plink212 Posted February 2, 2003 Report Posted February 2, 2003 do you have any at command reference that is applicable ? The only reference i can find on the xda site is about the UREG one? Tim
Guest Paul [MVP] Posted February 2, 2003 Report Posted February 2, 2003 So the XDA Manipulator recognises your SPV? It doesn't mine! P
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now