Jump to content

Serial Cable Arrived

Guest PaulOBrien

By Guest PaulOBrien
in Smartphone General Discussion

 Share

Recommended Posts

  • Replies 126
  • Created
  • Last Reply

Popular Days

Popular Days

Guest plink212

Guest plink212

Posted
Posted

hmm this is what i thought but what other modes are there?

Normal

Canary pv (the one with the 3 colors)

Canary diag (the one for the hard reset)

I am lucky that I haven't got much hair if I did I wouldn't

Tim

Link to comment
Share on other sites
Guest aGeS

Guest aGeS

Posted
Posted

Firaas got it - press ? and and it'll give you this list of commands.

Maybe I'll setup something where only this serial cable and the commands can be discussed if it's needed... ?

Link to comment
Share on other sites
Guest aGeS

Guest aGeS

Posted
Posted

When at the 3 color Canary screen you plug in the serial cable. Fire up your terminal program and connect to the SPV using 115200, 8N1, Xon/Xoff. That works here.

Link to comment
Share on other sites
Guest Shuflie

Guest Shuflie

Posted
Posted

You thinking of reverse engineering the update code by any chance? :wink: If you could just manage to pull the microsoft USB driver for smartphones out of it and map to a com port that should do the trick.

Link to comment
Share on other sites
Guest plink212

Guest plink212

Posted
Posted

USE: rbmc [Filename StartAddr Len]

Read back the memory content from the specified address to the host

and save the data to specified file name.

FileName : Full file path for saving data of memory.

StartAddr : Start address of memory.

Len : How many bytes will be read.

could we use this to dump the contents of the eeprom to a file and then read it from there?

Link to comment
Share on other sites
Guest Firaas

Guest Firaas

Posted
Posted

Are you sure it's still the same?

It may have reverted to a default code to avoid asking you again upon every startup (after a hard reset) - eg, the phone may have written over your code with "12345678", and the relevant program launching SIMLock.exe may look to see whether or not the code is 12345678...

Link to comment
Share on other sites
Guest plink212

Guest plink212

Posted
Posted

okay still can't work out the path thing but have managed to get it to do a screen dump and then did a capture file in hyperterm.

Just need to know where to look

Link to comment
Share on other sites
Guest plink212

Guest plink212

Posted
Posted

Any one made any progress?

I tried to do

rbmc dump 2000000 100000

which i think is 32mb from beginning for 1mb

but it is either thinking for 5mins or has hung

Tim

Link to comment
Share on other sites
Guest aGeS

Guest aGeS

Posted
Posted

plink212: I'm working some together with Firaas on this and our approch is by looking at logs from the boot of the phone.

I think that its good that we work in different directions and give some status here as we might stumble into something the other can use.

We're playing with the ATCMD and trying to analyze the logs from booting. We might have found the AT CMD the controls the Network lock but we have to look more into this to be sure.

If we're right it seems like the booting sets the network lock on and off during different phases of the boot.

We'll keep you posted on the progress....

Link to comment
Share on other sites
Guest aGeS

Guest aGeS

Posted
Posted

plink212: Just read this on the XDA Manipulator:

Ctrl-R dumps the 4MB radio ROM to c:RS-x-xx.bin.

(this takes half an hour or so: blame the serial port and the fact that

we need to use AT commands to ask for 4 MB, 64 bytes at a time, in

hex)

If it takes about ½ hour to dump 4MB on the XDA it must take alot more time to dump 32MB on our SPV.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept