Develop Bugs

error when i try to dump my rom i780

hello, itry to dump my rom of my samsung i780 and i use this :
here the copy past of my operation
C:\itsutils>pdocread -l
253.13M (0xfd20000) DSK1:
| 1.12M (0x11f000) Part00
| 2.25M (0x240000) Part01
| 83.50M (0x5380000) Part02
| 166.00M (0xa600000) Part03
1.90G (0x79b00000) DSK2:
| 1.90G (0x79ae1200) Part00
STRG handles:
handle a7652f02 1.90G (0x79ae1200)
handle 677e5386166.00M (0xa600000)
handle 6785675a 83.50M (0x5380000)
handle c7856736 2.25M (0x240000)
handle c78566ee 1.12M (0x11f000)
disk a7652f02
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk 677e5386
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk 6785675a
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk c7856736
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
disk c78566ee
0 partitions, 0 binary partitions
customerid=00000000 uniqueid= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
and here the lof of my itsutils.log:
ERROR: DeviceIoControl(FL_IOCTL_NUMBER_OF_PARTITIONS) - Paramètre incorrect.
ERROR: DeviceIoControl(FL_IOCTL_BDK_OPERATION, BDK_GET_INFO) - Paramètre incorrect.
ERROR: DeviceIoControl(FL_IOCTL_CUSTOMER_ID) - Paramètre incorrect.
ERROR: DeviceIoControl(FL_IOCTL_UNIQUE_ID) - Paramètre incorrect.
i have the sam lof with :
pdocread.exe -l
and this :
C:\itsutils>pdocread -d storename -p partitionname StartValue LengthValue file.r
aw
ERROR: ITTFFSGetInfo - The device is not ready for use.
WARNING: using default 512 bytes for sectorsize
CopyTFFSToFile(0x0, 0x0, file.raw)
Thanks for your help

no help ?
thanks to everybody can help me

[FIX/UNLOCK] Bell (Canada) I747M SIM Lock/Unlock USB / ESM NVRAM Comparison/Analysis

Hi Folks,
Just thought I'd throw this out here, I spent a good portion of my day digging through forums, ussd/mmi codes, tools, and hex editors trying to find a way to SIM Unlock my Bell S3 (I747M). I eventually 'gave in' and paid an eBay seller $8.00 to unlock my phone through a remote control application and USB network redirector (Successfully, although I never did get the actual SPC code from him even though I asked several times).
For security and isolation reasons I used a clean Windows 7 VM in VMware Workstation 8 with just the Samsung Drivers (from mskip's S3 toolkit (Qualcomm version) -- THANK YOU!!), the remote control tool, and the usb redirector to allow the remote 'tech' to do his work.
I ran a USB Logger tool (from the same vendor that makes the redirector) outside the VM on my host PC and had it capture the complete unlocking process from initial USB plug-in to post-unlock power-off.
I also grabbed images of the EFS partition (using dd) and the NVRAM (with QPST Tools) before and after the unlocking process.
I would expect the most 'useful' to furthering the secret of this unlock would be the delta of the NVRAM images, but alas while I have carefully looked it over a couples times, I don't see anything that looks to be the 'smoking gun'. I will follow-up this post with the relevant snippets as I'm sure there are many of you that may have more experience digging through this than I. Perhaps if someone else can send/post a similar delta, seeing the 'mutual' differences may again shed light on which areas to focus on in further detail.
Analyzing the USB communications may also give us a better understanding of if there are commands or processes we can use in making our own tool to remove this SIM lock.
FWIW, I'm using wxHexEditor for the dump comparisons.

NVRAM Hex Diff #1
Here's the first block with a few changes:
Before:
Code:
000608 00 00 00 00 00 00 00 00 00 00 00 00 B0 24 47 D3 .............$G.
000624 82 CD CD 01 0A 00 00 00 00 82 00 00 00 00 00 00 ................
000640 46 00 69 00 6C 00 65 00 5F 00 56 00 65 00 72 00 F.i.l.e._.V.e.r.
000656 73 00 69 00 6F 00 6E 00 00 00 00 00 00 00 00 00 s.i.o.n.........
000672 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000704 1A 00 02 01 02 00 00 00 FF FF FF FF FF FF FF FF ................
000720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000736 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000752 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 ................
000768 30 00 30 00 30 00 30 00 34 00 30 00 36 00 39 00 0.0.0.0.4.0.6.9.
000784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000832 12 00 01 00 FF FF FF FF FF FF FF FF 03 00 00 00 ................
000848 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000864 00 00 00 00 D0 B2 9E A0 82 CD CD 01 40 13 46 D3 [email protected]
000880 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
000896 64 00 65 00 66 00 61 00 75 00 6C 00 74 00 00 00 d.e.f.a.u.l.t...
000912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000928 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000960 10 00 01 01 FF FF FF FF FF FF FF FF 04 00 00 00 ................
000976 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000992 00 00 00 00 D0 B2 9E A0 82 CD CD 01 B0 B3 44 D3 ..............D.
001008 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
001024 06 .
After:
Code:
000608 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"]00 A6 22 2A[/COLOR] ............[COLOR="red"].."*[/COLOR]
000624 [COLOR="red"]DE[/COLOR] CD CD 01 0A 00 00 00 00 82 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
000640 46 00 69 00 6C 00 65 00 5F 00 56 00 65 00 72 00 F.i.l.e._.V.e.r.
000656 73 00 69 00 6F 00 6E 00 00 00 00 00 00 00 00 00 s.i.o.n.........
000672 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000704 1A 00 02 01 02 00 00 00 FF FF FF FF FF FF FF FF ................
000720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000736 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000752 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 ................
000768 30 00 30 00 30 00 30 00 34 00 30 00 36 00 39 00 0.0.0.0.4.0.6.9.
000784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000832 12 00 01 00 FF FF FF FF FF FF FF FF 03 00 00 00 ................
000848 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000864 00 00 00 00 [COLOR="red"]30 8F 77 FD DD[/COLOR] CD CD 01 [COLOR="red"]80 6D 21 2A[/COLOR] ....[COLOR="red"]0.w..[/COLOR]...[COLOR="red"].m!*[/COLOR]
000880 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
000896 64 00 65 00 66 00 61 00 75 00 6C 00 74 00 00 00 d.e.f.a.u.l.t...
000912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000928 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000960 10 00 01 01 FF FF FF FF FF FF FF FF 04 00 00 00 ................
000976 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
000992 00 00 00 00 [COLOR="Red"]30 8F 77 FD DD[/COLOR] CD CD 01 [COLOR="red"]00 35 20 2A[/COLOR] ....[COLOR="red"]0.w..[/COLOR]...[COLOR="red"].5 *[/COLOR]
001008 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
001024 06 .
http: //secure.eix.ca/s3/nvram1.png

Here's the second block:
Before:
Code:
001536 52 00 6F 00 6F 00 74 00 20 00 45 00 6E 00 74 00 R.o.o.t. .E.n.t.
001552 72 00 79 00 00 00 00 00 00 00 00 00 00 00 00 00 r.y.............
001568 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001584 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001600 16 00 05 00 FF FF FF FF FF FF FF FF 01 00 00 00 ................
001616 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001632 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"][B]60 6C 91 A0[/B][/COLOR] ............[COLOR="Red"][B]`l..[/B][/COLOR]
001648 [COLOR="Red"][B]82[/B][/COLOR] CD CD 01 05 00 00 00 40 00 00 00 00 00 00 00 [COLOR="Red"][B].[/B][/COLOR][email protected]
After
Code:
001536 52 00 6F 00 6F 00 74 00 20 00 45 00 6E 00 74 00 R.o.o.t. .E.n.t.
001552 72 00 79 00 00 00 00 00 00 00 00 00 00 00 00 00 r.y.............
001568 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001584 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001600 16 00 05 00 FF FF FF FF FF FF FF FF 01 00 00 00 ................
001616 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
001632 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="Red"][B]50 E4 61 FD[/B][/COLOR] ............[COLOR="Red"][B]P.a.[/B][/COLOR]
001648 [COLOR="Red"][B]DD[/B][/COLOR] CD CD 01 05 00 00 00 40 00 00 00 00 00 00 00 [COLOR="Red"][B].[/B][/COLOR][email protected]

Wow.. What your doing must be impressive. I have no idea what you just said lol
Sent from my SGH-I747 using xda app-developers app

Here's the Third Block:
Before:
Code:
003584 4E 00 56 00 5F 00 4E 00 55 00 4D 00 42 00 45 00 N.V._.N.U.M.B.E.
003600 52 00 45 00 44 00 5F 00 49 00 54 00 45 00 4D 00 R.E.D._.I.T.E.M.
003616 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S...............
003632 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003648 24 00 01 01 07 00 00 00 05 00 00 00 10 00 00 00 $...............
003664 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003680 00 00 00 00 30 96 B5 A0 82 CD CD 01 50 B3 B2 CF ....0.......P...
003696 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
003712 4D 00 6F 00 62 00 69 00 6C 00 65 00 5F 00 50 00 M.o.b.i.l.e._.P.
003728 72 00 6F 00 70 00 65 00 72 00 74 00 79 00 5F 00 r.o.p.e.r.t.y._.
003744 49 00 6E 00 66 00 6F 00 00 00 00 00 00 00 00 00 I.n.f.o.........
003760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003776 2A 00 02 01 FF FF FF FF 09 00 00 00 FF FF FF FF *...............
003792 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003808 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003824 00 00 00 00 02 00 00 00 46 00 00 00 00 00 00 00 ........F.......
003840 46 00 65 00 61 00 74 00 75 00 72 00 65 00 5F 00 F.e.a.t.u.r.e._.
003856 4D 00 61 00 73 00 6B 00 00 00 00 00 00 00 00 00 M.a.s.k.........
003872 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003888 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003904 1A 00 02 00 FF FF FF FF FF FF FF FF FF FF FF FF ................
003920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003936 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003952 00 00 00 00 01 00 00 00 38 00 00 00 00 00 00 00 ........8.......
003968 45 00 46 00 53 00 5F 00 42 00 61 00 63 00 6B 00 E.F.S._.B.a.c.k.
003984 75 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 u.p.............
004000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004016 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004032 16 00 01 01 08 00 00 00 06 00 00 00 0E 00 00 00 ................
004048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004064 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
004080 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004096 4E 00 56 00 5F 00 49 00 74 00 65 00 6D 00 73 00 N.V._.I.t.e.m.s.
004112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004128 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004144 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004160 12 00 01 00 FF FF FF FF FF FF FF FF 0C 00 00 00 ................
004176 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004192 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004208 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004224 50 00 72 00 6F 00 76 00 69 00 73 00 69 00 6F 00 P.r.o.v.i.s.i.o.
004240 6E 00 69 00 6E 00 67 00 5F 00 49 00 74 00 65 00 n.i.n.g._.I.t.e.
004256 6D 00 5F 00 46 00 69 00 6C 00 65 00 73 00 00 00 m._.F.i.l.e.s...
004272 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004288 30 00 01 00 FF FF FF FF FF FF FF FF 0A 00 00 00 0...............
004304 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004320 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004336 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004352 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004416 10 00 01 01 FF FF FF FF 0B 00 00 00 42 01 00 00 ............B...
004432 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004448 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004464 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004480 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004528 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004544 12 00 01 00 FF FF FF FF FF FF FF FF 35 01 00 00 ............5...
004560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004576 00 00 00 00 80 38 DA CF 82 CD CD 01 80 15 48 D0 .....8........H.
004592 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004608 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004624 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004656 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004672 10 00 01 01 FF FF FF FF 0D 00 00 00 03 01 00 00 ................
004688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004704 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004720 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004736 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004752 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004768 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004800 12 00 01 00 FF FF FF FF FF FF FF FF B5 00 00 00 ................
004816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004832 00 00 00 00 50 52 D7 CF 82 CD CD 01 20 CE 11 D1 ....PR...... ...
004848 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004864 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004896 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004928 10 00 01 01 FF FF FF FF 0F 00 00 00 63 00 00 00 ............c...
004944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004960 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
004976 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004992 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
005008 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005024 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005056 12 00 01 00 FF FF FF FF FF FF FF FF 21 00 00 00 ............!...
005072 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005088 00 00 00 00 B0 F0 BA CF 82 CD CD 01 B0 42 42 D3 .............BB.
005104 82 CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
005120 FE FF FF FF FE FF FF FF 03 00 00 00 FE FF FF FF ................
After:
Code:
003584 4E 00 56 00 5F 00 4E 00 55 00 4D 00 42 00 45 00 N.V._.N.U.M.B.E.
003600 52 00 45 00 44 00 5F 00 49 00 54 00 45 00 4D 00 R.E.D._.I.T.E.M.
003616 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S...............
003632 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003648 24 00 01 01 07 00 00 00 05 00 00 00 10 00 00 00 $...............
003664 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003680 00 00 00 00 [COLOR="Red"]A0 4F C4 FD DD[/COLOR] CD CD 01 [COLOR="red"]20 3F 6D 26[/COLOR] ....[COLOR="red"].O...[/COLOR]...[COLOR="red"] ?m&[/COLOR]
003696 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 [COLOR="red"].[/COLOR]...............
003712 4D 00 6F 00 62 00 69 00 6C 00 65 00 5F 00 50 00 M.o.b.i.l.e._.P.
003728 72 00 6F 00 70 00 65 00 72 00 74 00 79 00 5F 00 r.o.p.e.r.t.y._.
003744 49 00 6E 00 66 00 6F 00 00 00 00 00 00 00 00 00 I.n.f.o.........
003760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003776 2A 00 02 01 FF FF FF FF 09 00 00 00 FF FF FF FF *...............
003792 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003808 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003824 00 00 00 00 02 00 00 00 46 00 00 00 00 00 00 00 ........F.......
003840 46 00 65 00 61 00 74 00 75 00 72 00 65 00 5F 00 F.e.a.t.u.r.e._.
003856 4D 00 61 00 73 00 6B 00 00 00 00 00 00 00 00 00 M.a.s.k.........
003872 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003888 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003904 1A 00 02 00 FF FF FF FF FF FF FF FF FF FF FF FF ................
003920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003936 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
003952 00 00 00 00 01 00 00 00 38 00 00 00 00 00 00 00 ........8.......
003968 45 00 46 00 53 00 5F 00 42 00 61 00 63 00 6B 00 E.F.S._.B.a.c.k.
003984 75 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 u.p.............
004000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004016 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004032 16 00 01 01 08 00 00 00 06 00 00 00 0E 00 00 00 ................
004048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004064 00 00 00 00 [COLOR="red"]C0 DC 7F 26 DE[/COLOR] CD CD 01 [COLOR="red"]00 C4 1D 2A[/COLOR] .......&.......*
004080 [COLOR="red"] DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004096 4E 00 56 00 5F 00 49 00 74 00 65 00 6D 00 73 00 N.V._.I.t.e.m.s.
004112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004128 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004144 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004160 12 00 01 00 FF FF FF FF FF FF FF FF 0C 00 00 00 ................
004176 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004192 00 00 00 00 [COLOR="red"]60 3E 9C 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 49 DD 27[/COLOR] ....`>.&.....I.'
004208 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004224 50 00 72 00 6F 00 76 00 69 00 73 00 69 00 6F 00 P.r.o.v.i.s.i.o.
004240 6E 00 69 00 6E 00 67 00 5F 00 49 00 74 00 65 00 n.i.n.g._.I.t.e.
004256 6D 00 5F 00 46 00 69 00 6C 00 65 00 73 00 00 00 m._.F.i.l.e.s...
004272 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004288 30 00 01 00 FF FF FF FF FF FF FF FF 0A 00 00 00 0...............
004304 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004320 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004336 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004352 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004416 10 00 01 01 FF FF FF FF 0B 00 00 00 42 01 00 00 ............B...
004432 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004448 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004464 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004480 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004528 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004544 12 00 01 00 FF FF FF FF FF FF FF FF 35 01 00 00 ............5...
004560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004576 00 00 00 00 [COLOR="red"]A0 4B 9F 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 1E FF 26[/COLOR] .....K.&.......&
004592 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004608 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004624 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004656 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004672 10 00 01 01 FF FF FF FF 0D 00 00 00 03 01 00 00 ................
004688 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004704 00 00 00 00 [COLOR="red"]60 3E 9C 26 DE[/COLOR] CD CD 01 [COLOR="red"]E0 49 DD 27[/COLOR] ....`>.&.....I.'
004720 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004736 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
004752 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004768 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004784 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004800 12 00 01 00 FF FF FF FF FF FF FF FF B5 00 00 00 ................
004816 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004832 00 00 00 00 [COLOR="red"]70 65 9C 26 DE[/COLOR] CD CD 01[COLOR="red"] E0 49 DD 27[/COLOR] ....pe.&.....I.'
004848 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004864 45 00 46 00 53 00 5F 00 44 00 69 00 72 00 00 00 E.F.S._.D.i.r...
004880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004896 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004912 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004928 10 00 01 01 FF FF FF FF 0F 00 00 00 63 00 00 00 ............c...
004944 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
004960 00 00 00 00 [COLOR="red"]C0 DC 7F 26 DE[/COLOR] CD CD 01 [COLOR="red"]00 C4 1D 2A[/COLOR] .......&.......*
004976 [COLOR="red"]DE[/COLOR] CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
004992 45 00 46 00 53 00 5F 00 44 00 61 00 74 00 61 00 E.F.S._.D.a.t.a.
005008 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005024 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005056 12 00 01 00 FF FF FF FF FF FF FF FF 21 00 00 00 ............!...
005072 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
005088 00 00 00 00 C0 DC 7F 26 DE CD CD 01 00 C4 1D 2A .......&.......*
005104 DE CD CD 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
005120 FE FF FF FF FE FF FF FF 03 00 00 00 FE FF FF FF ................

Deoxlar said:
Wow.. What your doing must be impressive. I have no idea what you just said lol
Sent from my SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
Thanks, although I don't think it's that impressive, or I would have figured this out by now.
I'll post the last 4 sections tomorrow, it's getting really late here.

This could possibly lead to a genuine unlock for everyone. I'll unlock my device soon as I'll be traveling next month. I'll upload some hex values later.

This guy here has an app to unlock samsung phones. It doesn't support our model yet he eventually wants to add support for it. Maybe get in contact with him and try to speed things along he might be able to make more sense odd what you've got posted here
http://forum.xda-developers.com/showthread.php?t=1846451
Sent from my SGH-I747M using xda premium

Here's the 4th block:
Before:
Code:
008624 00 00 00 00 00 00 00 00 88 00 01 00 59 07 00 00 ............Y...
008640 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008656 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008672 00 80 E5 16 C5 14 CD 11 B3 0E 1D 0C 11 0A 49 07 ..............I.
008688 [COLOR="DeepSkyBlue"]43[/COLOR] 04 CF 03 [COLOR="DeepSkyBlue"]49[/COLOR] 03 8B 02 CF 01 3F 01 [COLOR="DeepSkyBlue"]A3[/COLOR] 00 [COLOR="DeepSkyBlue"]09[/COLOR] 00 [COLOR="DeepSkyBlue"]C[/COLOR]...[COLOR="DeepSkyBlue"]I[/COLOR].....?.[COLOR="DeepSkyBlue"].[/COLOR].[COLOR="DeepSkyBlue"].[/COLOR].
008704 [COLOR="DeepSkyBlue"]6D[/COLOR] FF [COLOR="DeepSkyBlue"]C7[/COLOR] FE 2D FE 8B FD DD FC 65 FC EF FB 3B FB [COLOR="DeepSkyBlue"]m[/COLOR].[COLOR="DeepSkyBlue"].[/COLOR].-.....e...;.
008720 83 FA 01 FA 7F F9 03 F9 81 F8 3D F5 05 F3 75 F0 ..........=...u.
008736 8B ED EB EB 61 EA 00 80 00 80 00 80 00 80 00 80 ....a...........
008752 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008768 88 00 01 00 5B 07 00 00 7B 01 00 00 00 00 00 00 ....[...{.......
After
Code:
008624 00 00 00 00 00 00 00 00 88 00 01 00 59 07 00 00 ............Y...
008640 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008656 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008672 00 80 E5 16 C5 14 CD 11 B3 0E 1D 0C 11 0A 49 07 ..............I.
008688 [B][COLOR="Red"]45[/COLOR][/B] 04 CF 03 [COLOR="red"][B]47[/B][/COLOR] 03 8B 02 CF 01 3F 01 [COLOR="red"][B]A5[/B][/COLOR] 00 [COLOR="red"][B]0B[/B][/COLOR] 00 [COLOR="red"][B]E[/B][/COLOR]...[COLOR="red"][B]G[/B][/COLOR].....?.[B][COLOR="red"].[/COLOR][/B].[COLOR="red"][B].[/B][/COLOR].
008704 [COLOR="Red"][B]6F[/B][/COLOR] FF [COLOR="red"][B]CB[/B][/COLOR] FE 2D FE 8B FD DD FC 65 FC EF FB 3B FB [COLOR="red"][B]o[/B][/COLOR].[COLOR="red"][B].[/B][/COLOR].-.....e...;.
008720 83 FA 01 FA 7F F9 03 F9 81 F8 3D F5 05 F3 75 F0 ..........=...u.
008736 8B ED EB EB 61 EA 00 80 00 80 00 80 00 80 00 80 ....a...........
008752 00 80 00 80 00 80 00 80 00 80 00 80 00 80 00 80 ................
008768 88 00 01 00 5B 07 00 00 7B 01 00 00 00 00 00 00 ....[...{.......
---------------------------------------------------------------------------------------------------------
and 5th Block:
Before:
Code:
043984 00 00 00 00 00 00 00 00 88 00 01 00 D2 02 00 00 ................
044000 03 00 00 00 09 00 00 00 00 04 03 02 06 01 00 07 ................
044016 05 09 08 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044032 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044064 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044096 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044128 88 00 01 00 D3 02 00 00 03 00 02 03 08 08 00 26 ...............&
044144 04 00 00 10 00 00 00 00 00 00 00 63 2F BA 04 A0 ...........c/...
044160 17 00 00 C1 00 00 00 03 00 02 03 08 08 00 3F 04 ..............?.
044176 00 00 10 00 00 00 00 00 00 00 8B 52 BA 04 90 17 ...........R....
044192 00 00 00 00 00 00 03 01 00 03 04 01 00 4B 02 00 .............K..
044208 00 01 00 00 00 00 00 00 00 09 00 00 00 30 0A 00 .............0..
044224 00 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ."..............
044240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044256 00 00 00 00 00 00 00 00 88 00 01 00 E1 02 00 00 ................
044272 03 01 00 03 04 01 00 53 11 00 00 10 00 00 00 00 .......S........
044288 00 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 .......0..."....
044304 01 00 03 04 01 00 64 02 00 00 01 00 00 00 00 00 ......d.........
044320 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 00 ......0...".....
044336 02 03 08 08 00 32 02 00 00 01 00 00 00 00 00 00 .....2..........
044352 00 AB 6A BA 04 10 0C 00 00 00 00 00 00 00 00 00 ..j.............
044368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044400 88 00 01 00 E2 02 00 00 03 01 00 03 04 01 00 1E ................
044416 11 00 00 10 00 00 00 00 00 00 00 C6 15 9D 06 30 ...............0
044432 0A 00 00 0B 00 00 00 03 00 02 03 08 08 00 19 02 ................
044448 00 00 01 00 00 00 00 00 00 00 43 5E BA 04 90 17 ..........C^....
044464 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044528 00 00 00 00 00 00 00 00 88 00 01 00 E3 02 00 00 ................
044544 03 00 02 03 08 08 00 00 02 00 00 01 00 00 00 00 ................
044560 00 00 00 92 43 BA 04 10 0E 00 00 00 00 00 00 03 ....C...........
044576 00 02 03 08 08 00 4B 02 00 00 01 00 00 00 00 00 ......K.........
044592 00 00 E3 37 BA 04 10 0C 00 00 00 00 00 00 00 00 ...7............
044608 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
After
Code:
043984 00 00 00 00 00 00 00 00 88 00 01 00 D2 02 00 00 ................
044000 [COLOR="Red"][B]09[/B][/COLOR] 00 00 00 09 00 00 00 00 [COLOR="red"][B]02 09 05 07 08[/B][/COLOR] 00 [COLOR="red"][B]04[/B][/COLOR] ................
044016 [B][COLOR="red"]03 06 01[/COLOR][/B] 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044032 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044064 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044096 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044112 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044128 88 00 01 00 D3 02 00 00 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]02 06[/B][/COLOR] 00 [COLOR="red"][B]7D[/B][/COLOR] ...............}
044144 [COLOR="red"][B]02[/B][/COLOR] 00 00 [COLOR="red"][B]01[/B][/COLOR] 00 00 00 00 00 00 00 [COLOR="red"][B]09 00 00 00 80[/B][/COLOR] ................
044160 [COLOR="red"][B]07[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 03 00 02 03 08 08 00 3F 04 ..."..........?.
044176 00 00 10 00 00 00 00 00 00 00 8B 52 BA 04 90 17 ...........R....
044192 00 00 00 00 00 00 03 01 00 03 04 01 00 4B 02 00 .............K..
044208 00 01 00 00 00 00 00 00 00 [COLOR="Red"][B]ED 09 D4 0D 00 1B[/B][/COLOR] 00 ................
044224 00 [COLOR="red"][B]00[/B][/COLOR] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044256 00 00 00 00 00 00 00 00 88 00 01 00 E1 02 00 00 ................
044272 03 01 00 03 04 01 00 53 11 00 00 10 00 00 00 00 .......S........
044288 00 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 .......0..."....
044304 01 00 03 04 01 00 64 02 00 00 01 00 00 00 00 00 ......d.........
044320 00 00 09 00 00 00 30 0A 00 00 22 00 00 00 03 01 ......0...".....
044336 [COLOR="red"][B] 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]1F 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 00 00 ................
044352 00 [COLOR="red"][B]39 50 D4 0D 00 1B[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 00 00 00 .9P......"......
044368 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044384 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044400 88 00 01 00 E2 02 00 00 03 01 00 03 04 01 00 1E ................
044416 11 00 00 10 00 00 00 00 00 00 00 C6 15 9D 06 30 ...............0
044432 0A 00 00 0B 00 00 00 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]6A 11[/B][/COLOR] ..............j.
044448 00 00 [COLOR="red"][B]10 [/B][/COLOR]00 00 00 00 00 00 00 [COLOR="red"][B]09 00 00 00 80 1B[/B][/COLOR] ................
044464 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 00 00 00 00 00 00 00 00 00 00 ..".............
044480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044496 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044512 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
044528 00 00 00 00 00 00 00 00 88 00 01 00 E3 02 00 00 ................
044544 03 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]51 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 .......Q........
044560 00 00 00 [COLOR="red"][B]09 00 00 00 00 1B[/B][/COLOR] 00 00 [COLOR="red"][B]22[/B][/COLOR] 00 00 00 03 ..........."....
044576 [COLOR="red"][B]01 00[/B][/COLOR] 03 [COLOR="red"][B]04 01[/B][/COLOR] 00 [COLOR="red"][B]06 11[/B][/COLOR] 00 00 [COLOR="red"][B]10[/B][/COLOR] 00 00 00 00 00 ................
044592 00 00 [COLOR="red"][B]33 50 D4 0D 00 1B[/B][/COLOR] 00 00 00 00 00 00 00 00 ..3P............
044608 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Generated by wxHexEditor

Here's the 6th Block:
Before:
Code:
048352 7F 00 13 00 14 88 00 13 00 14 56 03 13 F0 62 86 ..........V...b.
048368 00 13 00 14 52 03 13 F0 62 8B 00 13 00 14 3D 00 ....R...b.....=.
048384 64 F0 00 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 d..A.d....d....d
048400 F0 00 78 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 ..x.d....d....d.
048416 10 46 00 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 .F.d....d..|.d..
048432 C0 01 64 F0 10 72 00 64 F0 10 D3 01 64 F0 10 06 ..d..r.d....d...
048448 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 10 48 00 .d....d....d..H.
048464 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 00 00 00 d....d....d.....
048480 88 00 01 00 D8 13 01 00 7F 00 13 00 14 88 00 13 ................
048496 00 14 56 03 13 F0 62 86 00 13 00 14 52 03 13 F0 ..V...b.....R...
048512 62 8B 00 13 00 14 3D 00 64 F0 00 41 00 64 F0 00 b.....=.d..A.d..
048528 D5 01 64 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 ..d....d..x.d...
048544 03 64 F0 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 .d....d..F.d....
048560 64 F0 10 7C 00 64 F0 10 C0 01 64 F0 10 72 00 64 d..|.d....d..r.d
048576 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 01 64 F0 ....d....d....d.
048592 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 64 F0 10 ...d..H.d....d..
048608 B6 01 64 F0 10 00 00 00 88 00 01 00 D9 13 00 00 ..d.............
048624 CB 01 64 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 [email protected]
048640 00 64 F0 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 .d....d....d....
048656 64 F0 10 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 d....d..z.d....d
048672 F0 10 D1 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 ....d....d..o.d.
048688 10 4B 00 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 .K.d..C.d..?.d..
048704 09 01 64 F0 00 0F 01 64 F0 00 44 00 64 F0 00 71 ..d....d..D.d..q
048720 00 64 F0 10 39 00 64 F0 00 BB 01 64 F0 10 FC 00 .d..9.d....d....
048736 64 F0 00 0E 01 64 F0 00 C7 01 64 F0 10 00 00 00 d....d....d.....
048752 88 00 01 00 D9 13 01 00 CB 01 64 F0 10 63 00 64 ..........d..c.d
048768 F0 10 76 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 [email protected]
048784 10 F9 00 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 ...d....d....d..
048800 7A 00 64 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 z.d....d....d...
048816 01 64 F0 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 .d..o.d..K.d..C.
048832 64 F0 00 3F 00 64 F0 00 09 01 64 F0 00 0F 01 64 d..?.d....d....d
048848 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 00 64 F0 ..D.d..q.d..9.d.
048864 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 64 F0 00 ...d....d....d..
048880 C7 01 64 F0 10 00 00 00 88 00 01 00 DA 13 00 00 ..d.............
048896 0C 01 64 F0 00 3B 00 64 F0 00 BA 01 64 F0 10 42 ..d..;.d....d..B
048912 00 64 F0 00 C2 01 64 F0 10 79 00 64 F0 10 74 00 .d....d..y.d..t.
048928 64 F0 10 6F 02 00 F1 10 95 02 00 F1 10 A1 02 03 d..o............
048944 02 27 7F 02 03 02 27 EC 00 03 02 27 5C 03 03 02 .'....'....'\...
048960 27 42 03 03 02 27 3D 00 64 F0 00 41 00 64 F0 00 'B...'=.d..A.d..
048976 D5 01 64 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 ..d....d..x.d...
048992 03 64 F0 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 .d....d..F.d....
049008 64 F0 10 7C 00 64 F0 10 C0 01 64 F0 10 00 00 00 d..|.d....d.....
049024 88 00 01 00 DA 13 01 00 0C 01 64 F0 00 3B 00 64 ..........d..;.d
049040 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049056 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049072 95 02 00 F1 10 A1 02 03 02 27 7F 02 03 02 27 EC .........'....'.
049088 00 03 02 27 5C 03 03 02 27 42 03 03 02 27 3D 00 ...'\...'B...'=.
049104 64 F0 00 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 d..A.d....d....d
049120 F0 00 78 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 ..x.d....d....d.
049136 10 46 00 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 .F.d....d..|.d..
049152 C0 01 64 F0 10 00 00 00 88 00 01 00 DB 13 00 00 ..d.............
049168 72 00 64 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 r.d....d....d...
049184 01 64 F0 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 .d....d..H.d....
049200 64 F0 10 B6 01 64 F0 10 CB 01 64 F0 10 63 00 64 d....d....d..c.d
049216 F0 10 76 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 [email protected]
049232 10 F9 00 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 ...d....d....d..
049248 7A 00 64 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 z.d....d....d...
049264 01 64 F0 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 .d..o.d..K.d..C.
049280 64 F0 00 3F 00 64 F0 00 09 01 64 F0 00 00 00 00 d..?.d....d.....
049296 88 00 01 00 DB 13 01 00 72 00 64 F0 10 D3 01 64 ........r.d....d
049312 F0 10 06 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 ....d....d....d.
049328 10 48 00 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 .H.d....d....d..
049344 CB 01 64 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 [email protected]
049360 00 64 F0 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 .d....d....d....
049376 64 F0 10 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 d....d..z.d....d
049392 F0 10 D1 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 ....d....d..o.d.
049408 10 4B 00 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 .K.d..C.d..?.d..
049424 09 01 64 F0 00 00 00 00 88 00 01 00 DC 13 00 00 ..d.............
049440 0F 01 64 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 ..d..D.d..q.d..9
049456 00 64 F0 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 .d....d....d....
049472 64 F0 00 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 d....d....d..;.d
049488 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049504 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049520 95 02 00 F1 10 FF FF FF FF FF FF FF FF FF FF FF ................
After: (color coding still in progress - manual process)
Code:
048352 [COLOR="Red"]70 02[/COLOR] 13 [COLOR="red"]F0 62 B3[/COLOR] 00 13 00 14 [COLOR="red"]B8 00 [/COLOR]13 [COLOR="red"]00 14 44[/COLOR] p...b..........D
048368 [COLOR="red"]03[/COLOR] 13 00 14 [COLOR="red"]40[/COLOR] 03 13 [COLOR="red"]00 14 B1[/COLOR] 00 13 00 14 [COLOR="red"]B5[/COLOR] 00 [email protected]
048384 [COLOR="red"]13 00 14 BC[/COLOR] 00 [COLOR="red"]13 00 14 75 02 13[/COLOR] F0 [COLOR="red"]62 72 02 13 [/COLOR] ........u...br..
048400 F0 [COLOR="red"]62[/COLOR] 78[COLOR="red"] 02 13 [/COLOR]F0 [COLOR="red"]62 B7 00 13 00 14 B9 00 13 00[/COLOR] .bx...b.........
048416 [COLOR="red"]14 B0[/COLOR] 00 [COLOR="red"]13 00 14 73 02 13[/COLOR] F0 [COLOR="red"]62 46 03 13 00 14[/COLOR] ......s...bF....
048432 3A 03 13 00 14 79 02 13 F0 62 BD 00 13 00 14 43 :....y...b.....C
048448 03 13 00 14 41 03 13 00 14 3F 03 13 00 14 3E 03 ....A....?....>.
048464 13 00 14 39 03 13 00 14 BA 00 13 00 14 00 00 00 ...9............
048480 88 00 01 00 D8 13 01 00 70 02 13 F0 62 B3 00 13 ........p...b...
048496 00 14 B8 00 13 00 14 44 03 13 00 14 40 03 13 00 [email protected]
048512 14 B1 00 13 00 14 B5 00 13 00 14 BC 00 13 00 14 ................
048528 75 02 13 F0 62 72 02 13 F0 62 78 02 13 F0 62 B7 u...br...bx...b.
048544 00 13 00 14 B9 00 13 00 14 B0 00 13 00 14 73 02 ..............s.
048560 13 F0 62 46 03 13 00 14 3A 03 13 00 14 79 02 13 ..bF....:....y..
048576 F0 62 BD 00 13 00 14 43 03 13 00 14 41 03 13 00 .b.....C....A...
048592 14 3F 03 13 00 14 3E 03 13 00 14 39 03 13 00 14 .?....>....9....
048608 BA 00 13 00 14 00 00 00 88 00 01 00 D9 13 00 00 ................
048624 B6 00 13 00 14 38 03 13 00 14 3C 03 13 00 14 B4 .....8....<.....
048640 00 13 00 14 7C 02 13 F0 62 AF 00 13 00 14 45 03 ....|...b.....E.
048656 13 00 14 7B 02 13 F0 62 74 02 13 F0 62 7F 00 13 ...{...bt...b...
048672 00 14 88 00 13 00 14 56 03 13 F0 62 86 00 13 00 .......V...b....
048688 14 52 03 13 F0 62 8B 00 13 00 14 3D 00 64 F0 00 .R...b.....=.d..
048704 41 00 64 F0 00 D5 01 64 F0 10 01 01 64 F0 00 78 A.d....d....d..x
048720 00 64 F0 10 B9 03 64 F0 02 C5 01 64 F0 10 46 00 .d....d....d..F.
048736 64 F0 00 CD 01 64 F0 10 7C 00 64 F0 10 00 00 00 d....d..|.d.....
048752 88 00 01 00 D9 13 01 00 B6 00 13 00 14 38 03 13 .............8..
048768 00 14 3C 03 13 00 14 B4 00 13 00 14 7C 02 13 F0 ..<.........|...
048784 62 AF 00 13 00 14 45 03 13 00 14 7B 02 13 F0 62 b.....E....{...b
048800 74 02 13 F0 62 7F 00 13 00 14 88 00 13 00 14 56 t...b..........V
048816 03 13 F0 62 86 00 13 00 14 52 03 13 F0 62 8B 00 ...b.....R...b..
048832 13 00 14 3D 00 64 F0 00 41 00 64 F0 00 D5 01 64 ...=.d..A.d....d
048848 F0 10 01 01 64 F0 00 78 00 64 F0 10 B9 03 64 F0 ....d..x.d....d.
048864 02 C5 01 64 F0 10 46 00 64 F0 00 CD 01 64 F0 10 ...d..F.d....d..
048880 7C 00 64 F0 10 00 00 00 88 00 01 00 DA 13 00 00 |.d.............
048896 C0 01 64 F0 10 72 00 64 F0 10 D3 01 64 F0 10 06 ..d..r.d....d...
048912 01 64 F0 00 08 01 64 F0 00 C3 01 64 F0 10 48 00 .d....d....d..H.
048928 64 F0 00 D7 01 64 F0 10 B6 01 64 F0 10 CB 01 64 d....d....d....d
048944 F0 10 63 00 64 F0 10 76 00 64 F0 10 40 00 64 F0 [email protected]
048960 00 CF 01 64 F0 10 F9 00 64 F0 00 BD 01 64 F0 10 ...d....d....d..
048976 D4 01 64 F0 10 7A 00 64 F0 10 D2 01 64 F0 10 D1 ..d..z.d....d...
048992 01 64 F0 10 D9 01 64 F0 10 6F 00 64 F0 10 4B 00 .d....d..o.d..K.
049008 64 F0 00 43 00 64 F0 00 3F 00 64 F0 00 00 00 00 d..C.d..?.d.....
049024 88 00 01 00 DA 13 01 00 C0 01 64 F0 10 72 00 64 ..........d..r.d
049040 F0 10 D3 01 64 F0 10 06 01 64 F0 00 08 01 64 F0 ....d....d....d.
049056 00 C3 01 64 F0 10 48 00 64 F0 00 D7 01 64 F0 10 ...d..H.d....d..
049072 B6 01 64 F0 10 CB 01 64 F0 10 63 00 64 F0 10 76 ..d....d..c.d..v
049088 00 64 F0 10 40 00 64 F0 00 CF 01 64 F0 10 F9 00 [email protected]
049104 64 F0 00 BD 01 64 F0 10 D4 01 64 F0 10 7A 00 64 d....d....d..z.d
049120 F0 10 D2 01 64 F0 10 D1 01 64 F0 10 D9 01 64 F0 ....d....d....d.
049136 10 6F 00 64 F0 10 4B 00 64 F0 00 43 00 64 F0 00 .o.d..K.d..C.d..
049152 3F 00 64 F0 00 00 00 00 88 00 01 00 DB 13 00 00 ?.d.............
049168 09 01 64 F0 00 0F 01 64 F0 00 44 00 64 F0 00 71 ..d....d..D.d..q
049184 00 64 F0 10 39 00 64 F0 00 BB 01 64 F0 10 FC 00 .d..9.d....d....
049200 64 F0 00 0E 01 64 F0 00 C7 01 64 F0 10 0C 01 64 d....d....d....d
049216 F0 00 3B 00 64 F0 00 BA 01 64 F0 10 42 00 64 F0 ..;.d....d..B.d.
049232 00 C2 01 64 F0 10 79 00 64 F0 10 74 00 64 F0 10 ...d..y.d..t.d..
049248 6F 02 00 F1 10 95 02 00 F1 10 A1 02 03 02 27 7F o.............'.
049264 02 03 02 27 EC 00 03 02 27 5C 03 03 02 27 42 03 ...'....'\...'B.
049280 03 02 27 3F 00 64 F0 00 09 01 64 F0 00 00 00 00 ..'?.d....d.....
049296 88 00 01 00 DB 13 01 00 09 01 64 F0 00 0F 01 64 ..........d....d
049312 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 00 64 F0 ..D.d..q.d..9.d.
049328 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 64 F0 00 ...d....d....d..
049344 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 F0 00 BA ..d....d..;.d...
049360 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 10 79 00 .d..B.d....d..y.
049376 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 95 02 00 d..t.d..o.......
049392 F1 10 A1 02 03 02 27 7F 02 03 02 27 EC 00 03 02 ......'....'....
049408 27 5C 03 03 02 27 42 03 03 02 27 3F 00 64 F0 00 '\...'B...'?.d..
049424 09 01 64 F0 00 00 00 00 88 00 01 00 DC 13 00 00 ..d.............
049440 0F 01 64 F0 00 44 00 64 F0 00 71 00 64 F0 10 39 ..d..D.d..q.d..9
049456 00 64 F0 00 BB 01 64 F0 10 FC 00 64 F0 00 0E 01 .d....d....d....
049472 64 F0 00 C7 01 64 F0 10 0C 01 64 F0 00 3B 00 64 d....d....d..;.d
049488 F0 00 BA 01 64 F0 10 42 00 64 F0 00 C2 01 64 F0 ....d..B.d....d.
049504 10 79 00 64 F0 10 74 00 64 F0 10 6F 02 00 F1 10 .y.d..t.d..o....
049520 95 02 00 F1 10 FF FF FF FF FF FF FF FF FF FF FF ................

OP I have been in contact with Spock12 on this thread he might be able to help out if he can find a US & Varients on ebay for cheep...
Hopeful he can get this work it would be Fantastic for us > US & Variants GS3 I747- I747M

Waiting that somebody posts it's nvram dump (or that I find a device), did you try to make another dump of your nvram and compare it once again with those you already have ? It might help to discriminate some areas found by the first diff.
Edit : Also I've seen a thread called "free SIM unlock n7105", seems that a hidden Samsung menu allows note 2 unlocking. As its really easy to use, perhaps somebody should ask them to make a nvram dump before/after so that we have more material to work on (assuming the simlock is located in the same place)

i have to ask. what is the point of unlocking a phone ? should i have mine unlocked ?

sedwards1969 said:
i have to ask. what is the point of unlocking a phone ? should i have mine unlocked ?
Click to expand...
Click to collapse
So that you can put another carrier SIM in your phone. Mine is locked to at&t so if I travel abroad I can't use another service. Further more, if I sell it, I can only offer to other at&t users which reduces it's value.
Sent from my SGH-T999 using Tapatalk 2

This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium

thatsupnow said:
This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Doesn't work.
Maybe it will work when we get JB update on Monday.
Sent from my SGH-I747M

thatsupnow said:
This method is confirmed working to unlock your phone from the samsung hidden menu
http://forum.xda-developers.com/showthread.php?t=2014982
Its for a note 2 but give it a shot sgs3 still has the same menu and all the same options
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Wanted to report in this thread that the above link sim unlocked my att i747. I tried numerous sims and was never prompted for the sim unlock code. I tried a verizon sim, tmobile sim, simple mobile sim. Great find !!! Thank you. I believe that it is important to follow instructions to the t. It says "wait 30 seconds" at one point and "wait one minute" at another. Just my two cents and confirmation.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2

yulet said:
Doesn't work.
Maybe it will work when we get JB update on Monday.
Sent from my SGH-I747M
Click to expand...
Click to collapse
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium

thatsupnow said:
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
I re-flashed TELUS ROM, didn't work. Then I tried stock AT&T ROM, same result.

thatsupnow said:
make sure your on bone stock rom, that's what alot of other users are saying
Sent from my SGH-I747M using xda premium
Click to expand...
Click to collapse
Yes. Im on stock LH9. Worked for me.
Sent from my SAMSUNG-SGH-I747 using Tapatalk 2
I tested before proccedure and got the "enter unlock code" then after...I had data and voice. I tried 2 sims. One tmobile and the other a simple mobile. I even stuck in a verizon sim and had 4 bars on unknown network but in service. This was in Yuma Az.

Goal: S-off HOX (TEGRA3)

Hey guys, as i said above, i want to get the HOX+ S-off'd (and maybe the HOX if it's not already, not checked) if anyone has idea's and so on, run through on this thread lets get this ball rolling!!
Moderator Warning
Keep discussions speisifc to the goal of getting S-off on the device. All other discussions will be deleted.

IHTC One X+ Infos will be adapted to this as soon as possible.
Names for the devices are:
Model ID: PM35110
Model Name: S728e
aka One X+
Model ID: PJ46100 aka
Model Name: S720e
aka One X​
So as the title says, we're facing the problem of not having S-OFF yet, although the One X (S720e) has been released nine months ago. The One X+ is newer but since it has the same processor family, it's accountable to this project. It's possible to unlock the bootloader via HTCdev but it doesn't gives us S-OFF. The Unlock via HTCdev gives us only partially control over Bootloader and Recovery. Since it's release date, some great Devs including Xmoo, Football, Mike1986 and more tried to disable the security check. Unfortunatly without a solution for the masses. Also the One X+ (S728e) is relatively new on the market, so THIS is maybe the first thread in the world regarding S-OFF on the S728e Unlike on other HTC phones, on which hardware solutions like the XTC-Clip, or software solutions like revolutionary or any similar software did the job, on the One X they're not going to work. At the moment the only known method is the official HTC's way.
Ways to set the devices S-OFF​
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
--------------DIAG + JAVCARD Route--------------​
Infos I could gather. At the moment these infos are only valid for the S720e:
monx® said:
Basically u need adb/android SDK before proceed.
[WITH ROOT ACCESS]
[+] Dump/copy boot.img
Code:
Command prompt :
> adb shell
> su
> dd if=/dev/block/mmcblk0p4 of=/sdcard/boot.img
More partition/img availabe to dump. Will update later.
[WITHOUT ROOT ACCESS]
Currently only /system is usable
1) Android SDK (just need adb)
2) Download busybox
3) Command prompt :
> adb push busybox /data/local/busybox
> adb shell
> cd /sdcard/
> chmod 755 /data/local/busybox
> /data/local/busybox tar cvf sysdump.tar /system
4) Ignore tar: error exit delayed from previous errors'. Is done correctly.
----------------------------------------------------------------------
Just finished dumped my semi-virgin One X system partition from SEA WWE stock ROM .
The file would be OneX_SEA_WWE_1.26.707.2_SYSTEM_DUMP.zip 558.3 MB
Click to expand...
Click to collapse
Radio (The Radiomodule on S720e is an Intel X-Gold 626 chip [XMM6260]) location (xmoo's post Radio) Documentation of the Radio chip and direct download:
xmoo; said:
Mike found out Radio is probably: \system\etc\QUO_6260.fls.clean
7.96MB
Commands located in QUO_6260.fls.clean
CALIB_NVM
DYNAMIC_NVM
STATIC_NVM
SEC_DATA
PSI_RAM
If I could believe the following:
Found the same commands in a datasheet: "MSM3000Qualcomm, Inc.MOBILE STATION MODEM"
http://www.datasheetarchive.com/MSM3000-datasheet.html
So guess we got the Radio located!
Click to expand...
Click to collapse
Possible Hboot location (blubber's post Hboot):
blubber; said:
xmoo; said:
How do you know this?
/EBT does not excist on my phone.
mmcblk0p2 -> /dev/block/platform/sdhci-tegra.3/by-name/WDM
mmcblk0p16 -> /dev/block/platform/sdhci-tegra.3/by-name/DUM
mmcblk0p17 -> /dev/block/platform/sdhci-tegra.3/by-name/MSC
mmcblk0p20 -> /dev/block/platform/sdhci-tegra.3/by-name/PDT
Click to expand...
Click to collapse
of course it does not exist as i have written a few times before!
it is not accessible with a stock kernel!
i know it is there:
Code:
130|[email protected]:/ # hexdump -C /dev/block/mmcblk0|grep EBT
000000e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
and the EBT partition does contain the bootloader!
Click to expand...
Click to collapse
CID Check needs to be bypassed (xmoo's post CID check)
xmoo said:
Guys, the diag files have "CIDNUM: 11111111" in it.
Can't change it cause the file gets corrupted.
So only way to boot it up is by passing the CID check.
This is were the Smartcard or Goldcard comes in.
We tried the one from http://psas.revskills.de/?q=goldcard with no success.
I remember for some devices you had to change 00 to 11, or something like that.
Maybe this has to be done for this device aswell. Also I remember something that SDHC cards were not supported, or they are... been a long time ago.
So your help is need.
Create a goldcard which works.
Remember to test it like this: http://forum.xda-developers.com/show....php?t=1714056
Thank you.
Click to expand...
Click to collapse
Partiton list (Football's post Partition list)
Football said:
After intensive digging in some stuff I have found this. This is whole partition list for One X with all addresses and lengths of partitions...
Code:
[partition]
name=BCT
id=2
start_location=0x00
size=0x400000
[partition]
name=PT
id=3
start_location=0x400000
size=0x200000
[partition]
name=EBT
id=4
type=bootloader
start_location=0x600000
size=0x400000
[partition]
name=DIA
id=5
type=bootloader
start_location=0xA00000
size=0x400000
[partition] (Board Information)
name=BIF
id=6
start_location=0xE00000
size=0x200000
[partition]
name=GP1
id=7
start_location=0x1000000
size=0x200000
### WLAN firmware ###
[partition]
name=WLN
id=8
start_location=0x1200000
size=0x600000
#filename=wlan.img
### WLAN Data + MFG Data ###
[partition]
name=WDM
id=9
start_location=0x1800000
size=0x200000
filename=WDM.img
### Radio Calibration Data ###
[partition]
name=RCA
id=10
filesystem_type=ext3
start_location=0x1A00000
size=0x600000
### Linux Kernel OS ###
[partition]
name=LNX
id=11
start_location=0x2000000
size=0x800000
filename=boot.img
### Recovery ###
[partition]
name=SOS
id=12
start_location=0x2800000
size=0x800000
filename=recovery.img
### PG1FS ###
[partition]
name=PG1
id=13
start_location=0x3000000
size=0x1000000
### PG2FS ###
[partition]
name=PG2
id=14
start_location=0x4000000
size=0x1000000
### PG3FS ###
[partition]
name=PG3
id=15
start_location=0x5000000
size=0x1000000
### Software Info ###
[partition]
name=SIF
id=16
start_location=0x6000000
size=0x400000
filename=SIF.img
### Splash1 ###
[partition]
name=SP1
id=17
start_location=0x6400000
size=0x400000
### Reserve1 ###
[partition]
name=RV1
id=18
start_location=0x6800000
size=0x1C00000
### System ###
[partition]
name=APP
id=19
filesystem_type=ext3
start_location=0x8400000
size=0x50000000
filename=system.img
### Cache ###
[partition]
name=CAC
id=20
filesystem_type=ext3
start_location=0x58400000
size=0x14000000
### Internal SD ###
[partition]
name=ISD
id=21
start_location=0x6C400000
size=0x650000000
### Userdata ###
[partition]
name=UDA
id=22
filesystem_type=ext3
start_location=0x6BC400000
size=0x89400000
filename=userdata.img
### Memory dump ###
[partition]
name=DUM
id=23
start_location=0x745800000
size=0x200000
### MISC Partition ###
[partition]
name=MSC
id=24
start_location=0x745A00000
size=0x200000
### Radio File System ###
[partition]
name=RFS
id=25
start_location=0x745C00000
size=0x600000
### Develop Log ###
[partition]
name=DLG
id=26
start_location=0x746200000
size=0x1600000
### PDATA for MASD ###
[partition]
name=PDT
id=27
start_location=0x747800000
size=0x200000
[partition]
name=GPT
id=28
type=GPT
start_location=0x747A00000
#size=0xFFFFFFFFFFFFFFFF
size=0x200000
Click to expand...
Click to collapse
Mike1986's Partition Info (mike1986's post One X Partition Info)
mike1986. said:
This thread's content might brick your device.
This is not a ROM thread, so I'm not going to answer again and again and again the same questions over and over and over again.
You can't read - quit this thread now. You can read but you can't understand more or less simple things - quit as well.
You can read and you understand things, but you are too lazy to read the whole thread before asking the question - watch this first. And quit.​
This is what we know so far:
Some conclusions:
1. It's very nice to see that finally someone separated "internal sd card" from userdata partition. So it's no longer linked to /data/media, as it used to be on Asus Transformer, Transformer Prime, Galaxy Nexus etc. but it's a separate partition now - mmcblk0p14. Basically the biggest benefit from that is that now formatting userdata partition will no longer erase virtual sd card content.
2. It seems that NFC and WLAN deep settings are stored on separate partitions: mmcblk0p1 (wlan) and ? (NFC).
3. There is a 5th PHYSICAL core, but it's invisible to the system. Android only sees the 4 main cores. The 5th companion core is not controlled by Android. Tegra 3 architecture itself handles the load balancing between the main cores and the companion core. (Thanks to Diamondback)
4. There is no radio.img in current RUUs.
Download firmware for HTC One X (PJ4610000)
Firmware from 1.28.401.9 RUU
--- MD5 checksum: 83375DF988C86E92417AA8949012A1C2 *PJ46IMG.zip ---
Supported devices:
--- CID's added by users requests are marked with green color ---
cidnum: HTC__001
cidnum: HTC__E11
cidnum: HTC__203
cidnum: HTC__Y13
cidnum: HTC__102
cidnum: HTC__405
cidnum: HTC__304
cidnum: HTC__032
cidnum: HTC__J15
cidnum: HTC__A07
cidnum: HTC__016
cidnum: HTC__M27​
Why it's better then full RUU:
1. It doesn't contain stock recovery
2. It doesn't contain stock, non rooted system
3. It doesn't contain secured boot.img
4. It wont wipe your data partition
5. It's much smaller
PJ46IMG.zip content: [UPDATE: 25.03.2012]
android-info.txt - updated [20.04.2012]
bct.img - updated [25.03.2012]
rcdata.img - updated [20.04.2012]
How to flash:
1. Check your CID using fastboot getvar cid and MID using fastboot getvar mid
2a. If your CID and MID are supported by default, navigate to point 3.
2b. If your CID or MID is not supported by default, do this: (you do it at your own risk)
2c. Open PJ46IMG.zip (don't extract it)
2d. Open android-info.txt in text editor
2e. Add your cidnum: or modelid: to the list, save file and close archive
3. Place PJ46IMG.zip on your SD card
4. Boot your device holding power button + vol down button
5. Follow instructions on the screen
Additional information:
1. Flash above firmware at your own risk!
2. It's recommended to flash it before flashing custom ROM based on proper RUU!
3. Unlocking via htcdev.com will change your CID number into "none".
4. RUU variants:
x.xx.61.x - Orange UK (United Kingdom)
x.xx.75.x - Orange ES (Spain)
x.xx.110.x - T-Mobile UK (United Kingdom)
x.xx.111.x - T-Mobile DE (Germany)
x.xx.112.x - T-Mobile AT (Austria)
x.xx.114.x - T-Mobile NL (Netherlands)
x.xx.118.x - T-Mobile PL (Poland)
x.xx.161.x - Vodafone UK (United Kingdom)
x.xx.166.x - Vodafone CH-DE (Switzerland - Germany)
x.xx.163.x - Vodafone FR (France)
x.xx.169.x - Vodafone AT (Austria)
x.xx.206.x - O2 UK (United Kingdom)
x.xx.207.x - O2 DE (Germany)
x.xx.401.x - World Wide English
x.xx.707.x - Asia WWE (World Wide English)
x.xx.720.x - Asia India
x.xx.771.x - Hutchison 3G UK (United Kingdom)
x.xx.862.x - Voda-Hutch AU (Australia)
x.xx.980.x - Optus AU (Australia)
x.xx.1400.x - HTC China
Please post here your findings, thoughts or experience with after flashing images listed above.
Click to expand...
Click to collapse
Mike1986's addition (mike1986's post Addition)
mike1986 said:
Something more:
/system/etc/Flash_Loader.conf
boot_port_name=/dev/ttyACMX0
fw_download_port_name=/dev/ttyACMX0
baudrate=921600
BootTimeOut=3000
CommTimeOut=1000
eep_normal_mode=m
file_name=/data/modem_work/QUO_6260.fls
#file_name=QUO_6260.fls
#file_name=XMM6260_SIC.fls
#log_fname=/dev/null
log_fname=/data/modem_work/Flash_Loader.log
Click to expand...
Click to collapse
also
\system\bin\poweron_modem_fls.sh
Line 55: /system/bin/InjectionTool -i ${backup_dir}/QUO_6260.fls.clean -o ${Injected_dir}/QUO_6260.fls -n ${work_dir} -s ${sec_dir}
Line 55: /system/bin/InjectionTool -i ${backup_dir}/QUO_6260.fls.clean -o ${Injected_dir}/QUO_6260.fls -n ${work_dir} -s ${sec_dir}
Click to expand...
Click to collapse
and
\system\bin\poweron_modem_hboot.sh
Line 50: /system/bin/InjectionTool -i ${backup_dir}/QUO_6260.fls.clean -o ${Injected_dir}/QUO_6260.fls -n ${work_dir} -s ${sec_dir}
Line 50: /system/bin/InjectionTool -i ${backup_dir}/QUO_6260.fls.clean -o ${Injected_dir}/QUO_6260.fls -n ${work_dir} -s ${sec_dir}
Click to expand...
Click to collapse
And from flash_loader.log
Start downloading item 'CODE:../HW/XMM6260_V2_USB-HSIC_FLASHLESS_EDE_1.0/MODEM_DEBUG/QUO_6260.fls'' from file '/data/modem_work/QUO_6260.fls
Click to expand...
Click to collapse
Click to expand...
Click to collapse
This is how HTC does it:
My attempt (tried also on locked bootloader with the same output)
Things you'll need for this trick:
- USB OTG-Y-Cable. You can also build your own with this guide : How to make external powered OTG Cable
- USB SD Cardreader
- MicroSD Javacard (if you can bypass cid check, the Javacard is not needed) Xmoo said this one is used by HTC: GO-Trust® Secure microSD Java. It costs 980 US Dollars together with the SDK. Also, even if you have the Javacard you have to build the Application environment.
- 5V+ Power supply (Standard wall charger)
- PJ46DIAG.zip= clean S58 Data program specificly for the S720E/S728e. The correct DIAG has tot have a size of 964kb or 941kb and must contain the string "clean s58..." which can be checked with hexedit or any similar hex editor.
The procedure:
1. Put PJ46DIAG.zip on the Secure MicroSD Javacard
2. Plug it into the USB SD Cardreader
3. Plug the Cardreader into the female end of USB OTG-Y-Cable
4. Plug the OTG-Y-Cable into the USB port of the phone
5. Plug the cable onto the power supply
6. Reboot into bootloader
7. Once in Bootloader the file will be load by the phone and you'll land in S58 Menu. Clean S58 Data and you've successfully set your device S-Off
And here's the problem with this method. 1. A Javacard is really hard to get. I've never saw one, no one I know has ever saw one 2. The Diag file can't be leaked. The ones I've attached here are useless as Xmoo said and maybe proved. I have attached them though. So anyone interested and willing to help can investigate them.
As we know, the Diag file's for the One X can't be leaked. They're spread to choosen HTC-Repair centres, so a leak will easily be traced back. This would bring the affected people in some serious trouble. But this is interesting. These guys over on pdacentre use the official method. It's suspicious, kind of. For now, this is the only know method. It cost's around 2000 rubel (65€ | 85$) + shipping depending on your location. Of course this isn't an appropriate solution. Another thing; Why do we need a Javacard? Well, because the DIAG files will only work on devices with SuperCID (11111111) not on normal CID (HTC__XXX). So another way is to bypass the CID check.
Rough diagram of a Javacard
Copyright © 2011 GOTrust Technology Inc., All rights reserved.
TOOLBOX
The DIAG files I've linke don't have any function except from superwipe. They're only meant to be used as a test file to check if we can load such DIAG files.:
Goal: S-off HOX+ and maybe the HOX (TEGRA3)
Obtaining HTC One X Diag File to Manage S-OFF!!
[S-OFF]Development
ENG Hboot 0.03
PJ46DIAG_4
DIAG files of older HTC devices
NVflashdrivers
Radio Documentation
TEGRA 3 Documentation. PM me for password.
Click to expand...
Click to collapse
How do I know that I have the correct DIAG file? ;
The clean DIAG has a size of 964kb or 941kb. Or look at the image above. If your DIAG is called like them it could be the correct one also. But to be really sure, do the following;
Download any HEXeditor you can get. Open the DIAG file with the HEXeditor and search for keywords like "clean", "s58", . If you find these two strings in the DIAG file, it could be the correct one. We'd appreciate it if you could upload the file.
"clean s58"
Known and working DIAG files for the One X
What's already been done:
xmoo; said:
13-04-2012 XDA.CN releases pictures showing someone succesfully has S-OFF'd his device. Tool is for sale here: http://item.taobao.com/item.htm?id=10824156715
17-04-2012 Thread made.
17-04-2012 We have found someone with a S-OFF device, and a newer HBOOT than the one from XDA.CN. Trying to get access to the HBOOT.
18-04-2012 OTA 1.28 brings HBOOT 0.94.
18-04-2012 New member with a S-OFF device is willing to help.
19-04-2012 HBOOT 0.43 S-OFF rfs.img received and uploaded.
19-04-2012 RFS.img is not the correct file, searching continues...
19-04-2012 Radio located, click here
26-04-2012 HBOOT probably located here
15-05-2012 NVFlash app + APX Drivers added
12-06-2012 Tegra 3 Manual added, see here!
16-06-2012 HBOOT 1.11 from the test-keys uploaded here!
16-06-2012 Huge development, read more about it!
18-06-2012 Need to find a way to by-pass CID check.
19-06-2012 Football Partition list for One X with all addresses and lengths of partitions which can be found here.
27-06-2012 Huhge thread clean-up and update.
04-07-2012 Had the chance to play with a S-OFF device, read more about it here! ENG HBOOT which is used in test, is located here.
09-07-2012 Javacard with DIAG will work, but won't be a good solution cause no one got a legit Javacard and the DIAG files can't be leaked!
14-07-2012 Video added which shows the Javacard with DIAG method. Video can be found here.
14-07-2012 The ENG HBOOT 0.03 that Football uploaded lost it's sign. I re-uploaded it and re-checked the file and it should be good now. You can find the new .zip here.
FAQ.
What is S-OFF?
S-OFF stands for Security-OFF
S-OFF means that the NAND portion of the device is unlocked and can be written to. The default setting for HTC’s devices is S-ON, which means that neither can you access certain areas of the system nor can you guarantee a permanent root. Furthermore, signature check for firmware images is also ensured by the S-ON flag.
What has already been done?
-Tried flashing DIAG file, but with no success. File needs SuperCID.
-Tried flashing ENG HBOOT as zip file, but with no success. File needs SuperCID.
-Tried flashing modified DIAG file, but with no success. File needs SuperCID.
-Tried flashing modified HBOOT as zip file, but with no success. Signature check failed.
-Tried creating a Goldcard, but won't work. The Goldcare is for Qualcomm devices.
-Root while phone is LOCKED, won't work. Only will work on the Qualcomm One X and One XL.
-Ask the Chineese guy with the S-OFF tool. Won't share, cause he needs his money.
-Tried flashing files over recovery, but with no success.
-Tried flashing TETS and MFG ROMs, but with no success. Phone needs S-OFF because the ROMS are not sighned.
-Tried changing CID, but won't work. Only will work on the Qualcomm One X and One XL.
-Tried commands over ADB, but with no success.
-Tried XTC clip, won't work.
How Do I Know If My Device Is S-ON Or S-OFF?
That is easy to verify. Simply boot into HBOOT (bootloader) on your device, and the text on top will show the flag status as either S-OFF or S-ON. A full root generally means S-OFF.
S-OFF – What And Why?
HTC have installed a sort of security check whose level is determined by S-OFF/S-ON. Essentially, this security level is a flag stored on the device’s radio that checks signature images for any firmware before it is allowed to be written to system memory. This hinders using any custom ROMs, splash images, recovery etc., and also restricts access to the NAND flash memory. However, when security level is set to S-OFF, the signature check is bypassed, allowing a user to upload custom firmware images, unsigned boot, recovery, splash and HBOOT images, as well as official firmware that has been modified, this enabling maximum customization of your HTC Android device.
Furthermore, S-OFF also reduces restrictions on accessing the NAND flash memory on the device, allowing all partitions (including /system) to be mounted in write mode while the operating system is booted.
Where is it located?
Don't know yet, here are the partitions.
How can I flash through SD?
Tutorial added here!
What HBOOT status have we seen so far?
ENDEAVORU PVT SHIP S-ON RL
ENDEAVORU PVT SHIP S-OFF RL
ENDEAVORU PVT ENG S-OFF RL
ENDEAVORU XE ENG S-OFF RH
ENDEAVORU PVT MFG RH
ENDEAVORU XE SHIP S-OFF RH
ENDEAVORU UNKNOWN ENG S-OFF RH
Partition list for One X with all addresses and lengths of partitions
Football share the full list which can be found here.
How does HTC do it?
They do it with a smartcard/javacard/goldcard (What ever you want to call it) in combination with the DIAG file. Proof is in the attachment.
Click to expand...
Click to collapse
--------------Alternative APX MODE Route--------------​
xmoo said:
Hey guys,
Please stop PM'ing me about APX Mode. I get like 10 PM's a day.
How to get in
Nobody really knows. The most common way has been pressing volume up and down together while device is off and then plugin USB while connected to a computer.
How to get out
When your device is in APX Mode, HTC fixes it in repair. Someone here on XDA PM'd me with this video and said it should work: http://www.youtube.com/watch?v=rsnl_LIgzt0
I have not tried it myself, so just give it a try and share with the rest.
All the other discussions about APX can be done here, please stop pm'ing me.
Thank you!
Click to expand...
Click to collapse
Alright Folks! TripNRaVer has made something rudimentary, awesome, fascinating...words can't describe....Work!! Here You go, APX DRIVERS FOR THE ONE X
TripNRaVeR said:
For those of you that are in APX Mode or want to mess with APX here is the modified driver for the One X.
Now you have acces to the device again through USB.
Todo:
- Plug the usb cable in hox
- Goto device manager
- Search for APX or Unknown device or whatever it is listed
- Choose update driver
- Choose manually select driver
- Select the folder where you extracted the zip file
- Install drivers
Use nvflash to gain acces to the device again.
Download:
http://tripndroid.bindroidroms.com/TripNDroid-HOX-APX-Driver.zip
Nvflash:
- Use nvflash binary to gain acces to the device
- Including flash.cfg for endeavoru to use with nvflash.exe
- Including a bct file
http://tripndroid.bindroidroms.com/tripndroid_nvflash.zip
Click to expand...
Click to collapse
PLEASE read on the threads I've linked, before you start discussion. People really did some great development.

My HOX Will be S-OFF soon, got acces to a Java white card to S-OFF in seconds..
Sent from my HTC One X using xda app-developers app

bobcoenen said:
My HOX Will be S-OFF soon, got acces to a Java white card to S-OFF in seconds..
Sent from my HTC One X using xda app-developers app
Click to expand...
Click to collapse
Well, do you have the correct diag file? And do you have HTC's private key to sign the Javacard? You have to be more specific otherwise your post isn't helping us in ANY way...I accidentally hit the thx button, don't be smug.

Yes my friend has the diag file, his HOX is already S-OFF. I will try to post a screenshot next week when mine is done. I'm not trying to be smug
Sent from my HTC One X using xda app-developers app
---------- Post added at 07:50 PM ---------- Previous post was at 07:46 PM ----------
The S-OFF process is done with a y-cable with a card reader an usb charger on the other end. For what i understood the java card is very rare.
Sent from my HTC One X using xda app-developers app

matt95 said:
well, i've been on HTC since i passed on Android and every HTC device has got S-OFFed 2 or 3 months later from the day one... i don't think this will happen unfortunately, i really believed in this but now is time to be realist.
Click to expand...
Click to collapse
You know that there's NO hard-, software which isn't vulnearable or which hasn't got an exploit, don't you? No need to be pessimistic or realistic if we keep staying constructive and productive, somehow this will be done call me a dreamer, but... let's just try to give our best, ok? This would be fine. I just think the One X hasn't got the attention it has actually deserved. Its release date was too close to the release of the gs3. HTC's great devs are mostly familiar with Qualcomm processors. Never before they've worked with a Tegra 3 processor. The available Tegra 3 devices (Asus TFXXX[T]) don't have the problem with S-Off/On, it's enough for them to be unlocked. So none of the devs who managed bootloader unlock on this Tegra devices faced this problem. This and many other avoidable reasons caused the lack of development and it's surely one of the reasons why we didn't got s-off yet.

I have just cleaned the thread up NO MORE off topic!
Sent from my HTC One X+ using xda app-developers app

After a free way so people dont need to send they're phones anywhere
Sent from my HTC One X+ using xda app-developers app

ppcd9220 said:
I've succeded in overwriting the CID. Just used count= parameter for DD command. (Block size=512b).
I've replaced my CID with another one. disconnected, connected, performed test readout. The CID string is changed.
Unfortunately it looks like it is back-uped somewhere and checked at start-up.
Because after rebooting my CID is back.
Tested 2 times. After changing - I can read it. After reboot it is back to original one.
Does anyone have any other ideas of changing CID and/or S-ON/OFF ?
Click to expand...
Click to collapse
Link to original Thread.
I posted him to ask him how he did it. It was a week ago and he didn't answered until now. My idea was to do this and try to load PJ46DIAG.zip without rebooting. As you know, if you have superCID you don't need a Javacard. Even if I don't have the correct DIAG, at least we'd have a way to load the DIAG until the correct one is out...somehow...

S-OFF via hboot upgrade
TRY AT YOUR OWN RISK. NOT VERIFIED.
I found is an article HERE for S-OFF via HBOOT upgrade. I don't have a CID HTC_621 (taiwan) so I can't try it. Neither I can verify its reliability.
I briefly translate it into english:
My One X (CID HTC_621, hboot 0.94 or 0.95 can't remember the exact version) hboot has to be upgraded to flash Android 4.1.1 so I did a manual upgrade of hboot to 1.31. At the end of the upgrade, I discovered by chance that my One X is now S-OFF. I did a trial by flashing new ROM without flashing boot.img and it works.
So, this S-OFF is done via manual hboot upgrade (for HTC_621) to 1.31. Do not attempt on other CID One X.
Below is the step-by-step procedures:
1. Download RUU for Asia_Taiwan (2.17.709.2 or 2.18.709.x) and Endeavoru_CustomRUU. Make sure One X is locked, go into fastboot and connect to USB. Unzip the Endeavoru_CustomRUU to somewhere. Rename the Official RUU zip to "rom.zip" and put inside the folder of the unzipped Endeavoru_CustomRUU. Run ARUWizard.exe.
2. Make sure the following is run in Windows XP. You will stuck under Windows 7. Make sure all HTC drivers are installed.
3. Download JBFW here and Asia_Taiwan 3.14 OTA here. Unzip the JBFW and the OTA package. Copy the firmware.zip (from OTA package) and the Unlock_code.bin (obtained from htcdev.com) into the JBFW folder.
4. Go into fastboot usb mode, run JBFWFlasher.bat. It will say to put the Unlock_code.bin and custom boot file into the folder (this was done in Step 3 above), and warn this is for certain CID only. I ignore this and click NEXT NEXT NEXT until it is done.
These are the steps I used to obtain (unexpectedly) S-OFF. This is what I want to share and hope you guys get S-OFF soon.
Click to expand...
Click to collapse
TRY AT YOUR OWN RISK. Neither the author or me will be responsible for your device.

singcheng said:
TRY AT YOUR OWN RISK. NOT VERIFIED.
I found is an article HERE for S-OFF via HBOOT upgrade. I don't have a CID HTC_621 (taiwan) so I can't try it. Neither I can verify its reliability.
I briefly translate it into english:
TRY AT YOUR OWN RISK. Neither the author or me will be responsible for your device.
Click to expand...
Click to collapse
Read somewhere that the diag file can't be leaked because it will be traced back to the guy who leaked it. Now can we get it and make our own diag file based on it?

Drefsab said:
Several people have tried this and not had it work.
Click to expand...
Click to collapse
your welcome to discuss the methods here, but PLEASE either show the reasons why or at least link it for me please? I've been looking into this and got a couple of ideas....

hboot
Hey Guys!
Dunno if its worth much but I downloaded the ENG HBoot File you linked in the first post and opened it in a hex editor and poked a little bit around. I found this:
Code:
Settings memory area 10B 00 01 00 Disable patches 0A 00 01 00 Settings memory area 2 Settings memory area 2 first Settings memory area 2 second Settings memory area 2 third 0B 00 01 01 Settings memory area 3 Flash Code memory area 0B 00 01 02
Patch Code memory area 0B 00 01 03 Enable patches 0A 00 01 01 Final Integrity check 0B 00 01 FF%d: SD init
%d: SD init fail !!!%d:SD FAT32 init OK Checking key-card...Checking key-card...
%d: Not key-card !!!%d: Key-card DMCID.dat Open '%s' file success !!!
hFile = 0x%x, file_size = 0x%x
Read '%s' (%d != %d B)
[email protected]=0: Change CID to '%s'4: Change CID to '%s'Alloc data buffer failOpen '%s' file fail###[ End CDMA Cust Mode ]###
It looks like thats the part where it checks for a "key-card". Probably this Java Card??

Thats well known. With an ENG Bootloader you can do whatever you want including CID Changes.
hexdump of EBT Partition, where Hboot is possibly located. As Footbal said, on a stock kernel this partition is somehow hidden. Even on hboot 1.36.
Code:
[email protected]:/ $ su
[email protected]:/ # hexdump -C /dev/block/mmcblk0|grep EBT
[COLOR="Red"]000000e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|[/COLOR]
000000f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000010e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000010f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000020e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000020f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000030e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000030f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000040e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000040f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000050e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000050f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000060e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000060f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000070e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000070f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000080e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000080f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000090e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000090f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0000f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0000f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000100e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000100f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000110e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000110f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000120e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000120f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000130e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000130f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000140e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000140f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000150e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000150f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000160e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000160f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000170e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000170f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000180e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000180f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000190e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000190f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0001f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0001f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000200e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000200f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000210e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000210f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000220e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000220f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000230e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000230f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000240e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000240f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000250e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000250f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000260e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000260f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000270e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000270f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000280e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000280f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000290e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000290f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0002f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0002f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000300e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000300f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000310e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000310f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000320e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000320f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000330e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000330f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000340e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000340f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000350e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000350f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000360e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000360f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000370e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000370f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000380e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000380f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000390e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000390f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0003f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0003f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000400e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000400f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000410e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000410f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000420e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000420f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000430e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000430f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000440e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000440f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000450e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000450f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000460e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000460f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000470e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000470f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000480e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000480f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000490e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000490f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0004f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0004f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000500e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000500f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000510e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000510f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000520e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000520f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000530e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000530f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000540e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000540f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000550e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000550f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000560e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000560f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000570e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000570f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000580e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000580f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000590e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000590f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0005f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0005f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000600e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000600f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000610e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000610f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000620e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000620f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000630e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000630f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000640e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000640f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000650e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000650f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000660e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000660f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000670e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000670f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000680e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000680f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
000690e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
000690f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0006a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0006b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0006c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0006d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0006e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0006f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
xxx....
blubbers said:
these are the partitions seen by the OS:
Code:
APP CAC DLG DUM ISD LNX MSC PDT PG1 PG2 PG3 RCA RFS RV1 SIF SOS SP1 UDA WDM WLN
none of these partitions contain the hboot!
these are the partition actually on the emmc:
Code:
APP BCT BIF CAC DIA DLG DUM EBT GP1 GPT ISD LNX MSC PDT PG1 PG2 PG3 PT RCA RFS RV1 SIF SOS SP1 UDA WDM WLN
so, you won't be able to access the hboot partition (on a s-off device neither) without a bit of work,
Click to expand...
Click to collapse

nitrous² said:
Thats well known. With an ENG Bootloader you can do whatever you want including CID Changes.
hexdump of EBT Partition, where Hboot is possibly located. As Footbal said, on a stock rom this partition is somehow hidden. Even on hboot 1.36.
Code:
0016b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0016c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0016c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0016d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0016d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0016e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0016e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0016f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0016f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001700e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001700f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001710e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001710f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001720e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001720f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001730e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001730f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001740e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001740f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001750e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001750f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001760e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001760f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001770e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001770f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001780e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001780f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001790e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001790f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0017f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0017f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001800e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001800f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001810e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001810f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001820e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001820f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001830e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001830f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001840e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001840f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001850e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001850f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001860e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001860f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001870e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001870f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001880e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001880f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001890e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001890f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0018f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0018f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001900e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001900f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001910e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001910f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001920e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001920f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001930e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001930f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001940e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001940f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001950e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001950f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001960e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001960f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001970e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001970f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001980e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001980f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001990e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001990f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019a0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019a0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019b0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019b0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019c0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019c0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019d0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019d0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019e0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019e0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
0019f0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
0019f0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001a90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001a90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001aa0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001aa0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ab0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ab0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ac0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ac0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ad0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ad0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ae0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ae0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001af0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001af0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001b90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001b90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ba0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ba0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001bb0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001bb0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001bc0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001bc0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001bd0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001bd0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001be0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001be0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001bf0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001bf0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001c90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001c90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ca0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ca0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001cb0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001cb0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001cc0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001cc0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001cd0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001cd0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ce0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ce0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001cf0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001cf0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001d90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001d90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001da0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001da0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001db0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001db0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001dc0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001dc0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001dd0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001dd0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001de0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001de0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001df0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001df0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001e90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001e90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ea0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ea0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001eb0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001eb0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ec0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ec0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ed0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ed0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ee0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ee0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ef0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ef0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f00e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f00f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f10e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f10f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f20e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f20f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f30e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f30f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f40e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f40f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f50e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f50f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f60e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f60f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f70e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f70f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f80e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f80f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001f90e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001f90f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001fa0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001fa0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001fb0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001fb0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001fc0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001fc0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001fd0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001fd0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001fe0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001fe0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|
001ff0e0 03 00 00 00 00 00 00 00 04 00 00 00 45 42 54 00 |............EBT.|
001ff0f0 12 00 00 00 03 00 00 00 00 00 00 00 45 42 54 00 |............EBT.|e
Click to expand...
Click to collapse
Will the new hboot 1.39 be the same as well
Sent from my Nexus 7 using xda premium

RohinZaraki said:
Will the new hboot 1.39 be the same as well
Sent from my Nexus 7 using xda premium
Click to expand...
Click to collapse
I'm not on hboot 1.39, but you could try it with following commands:
Code:
D:\fastboot>adb shell
[email protected]:/ # hexdump -C /dev/block/mmcblk0|grep EBT

nitrous² said:
I'm not on hboot 1.39, but you could try it with following commands:
Code:
D:\fastboot>adb shell
[email protected]:/ # hexdump -C /dev/block/mmcblk0|grep EBT
Click to expand...
Click to collapse
When my phone receives the JB update (stupid branding -.- ) I will root it and have a look, maybe I can find something

nitrous² said:
If there's someone with an s-off device, here's a command with that old htc devices can be set back to s-on. But there's no way I know how to set back to s-off as you may know
"fastboot oem writesecureflag 3"
You've been warned, only at your own risk!!!!
You've been warned, only at your own risk!!!!
You've been warned, only at your own risk!!!!
Click to expand...
Click to collapse
Is there a similar fastboot command we can try for S-Off ? I mean, there may be one.

RohinZaraki said:
Is there a similar fastboot command we can try for S-Off ? I mean, there may be one.
Click to expand...
Click to collapse
don't think so, they would have already tried it

i'm still poking and prodding my HOX+ for ideas plus doing research, not found anything that's not already been mentioned here...by the way people are welcome to make new threads in this section for development purposes....like porting FireFox OS and so on.

Bus pass?

Hi just wondering if there is anything I could do to make this card expiry date longer?
It expired on Tuesday. Anything I could do?
** TagInfo scan (version 2.00) 2014-04-13 14:07:30 **
-- INFO ------------------------------
# IC manufacturer:
NXP Semiconductors
# IC type:
MIFARE DESFire EV1 (MF3ICD41)
# DESFire Applications:
ITSO public transport application
Provision of citizen services #0
* UK National Smartcard Project
Provision of citizen services #1
* UK National Smartcard Project
Provision of citizen services #2
* UK National Smartcard Project
Provision of citizen services #3
* UK National Smartcard Project
Provision of citizen services #4
* UK National Smartcard Project
-- NDEF ------------------------------
# NFC data set storage not present:
Maximum NDEF storage size after format: 4094 bytes
-- EXTRA ------------------------------
# Memory information:
Size: 4 kB
Available: 2.2 kB
# IC detailed information:
Capacitance: 17 pF
# Version information:
Vendor ID: NXP
Hardware info:
* Type/subtype: 0x01/0x01
* Version: 1.0
* Storage size: 4096 bytes
* Protocol: ISO/IEC 14443-2 and -3
Software info:
* Type/subtype: 0x01/0x01
* Version: 1.4
* Storage size: 4096 bytes
* Protocol: ISO/IEC 14443-3 and -4
Batch no: 0xBA44D7C6C0
Production date: week 38, 2013
# Authentication information:
Default PICC master key
-- TECH ------------------------------
# Technologies supported:
ISO/IEC 7816-4 compatible
Native DESFire APDU framing
ISO/IEC 14443-4 (Type A) compatible
ISO/IEC 14443-3 (Type A) compatible
ISO/IEC 14443-2 (Type A) compatible
# Android technology information:
Tag description:
* TAG: Tech [android.nfc.tech.IsoDep, android.nfc.tech.NfcA, android.nfc.tech.NdefFormatable]
android.nfc.tech.NdefFormatable
android.nfc.tech.IsoDep
* Maximum transceive length: 261 bytes
* Default maximum transceive time-out: 6000 ms
* Extended length APDUs supported
android.nfc.tech.NfcA
* Maximum transceive length: 253 bytes
* Default maximum transceive time-out: 6000 ms
MIFARE Classic support present in Android
# Detailed protocol information:
ID: 04:81:68:7A:62:36:80
ATQA: 0x4403
SAK: 0x20
ATS: 0x067577810280
* Max. accepted frame size: 64 bytes (FSCI: 5)
* Supported receive rates:
- 106, 212, 424, 848 kbit/s (DR: 1, 2, 4, 8)
* Supported send rates:
- 106, 212, 424, 848 kbit/s (DS: 1, 2, 4, 8)
* Different send and receive rates supported
* SFGT: 604.1 us (SFGI: 1)
* FWT: 77.33 ms (FWI: 8)
* NAD not supported
* CID supported
* Historical bytes: 0x80 |.|
# Memory content:
PICC level (Application ID 0x000000)
* Default PICC master key
* PICC key configuration:
- PICC key changeable
- PICC key required for:
~ directory list access: no
~ create/delete applications: no
- Configuration changeable
- PICC key version: 0
Application ID 0xA00216 (ITSO public transport application)
* Default master key
* Key configuration:
- 2 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: no
- Configuration changeable
- Master key required for changing a key
* 16 files present
- File ID 0x00: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 21 7D 00 40 80 00 01 FE C3 58 A9 00 00 00 00 |.!}[email protected]|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 88 8A A2 62 42 8F 00 00 08 00 00 |........bB......|
[0030] 00 08 00 03 F8 2D 68 29 2A 9E 24 2C A3 3A BF 00 |.....-h)*.$,.:..|
- File ID 0x01: Backup data, 192 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 1C 01 00 F0 8A A2 62 00 00 00 10 00 FF 00 00 00 |......b.........|
[0010] 00 00 00 02 D1 00 00 1F FF F0 01 00 00 FF 02 72 |...............r|
[0020] BD 00 00 46 1C 2B 6D 39 E9 0E 19 4C 00 00 00 00 |...F.+m9...L....|
[0030] 1C 01 00 F0 8A 9E 7F 00 00 00 10 00 FF 00 00 00 |................|
[0040] 00 00 00 02 D1 00 00 1F FF F0 10 00 00 FF 02 71 |...............q|
[0050] 6F 00 00 5C 44 E0 F5 CF E5 28 41 4B 00 00 00 00 |o..\D....(AK....|
[0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x02: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x03: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x04: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x05: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x06: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x07: Backup data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 23 09 00 00 88 B4 2F 03 F8 29 C8 00 00 00 00 00 |#...../..)......|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 FA 00 31 A7 00 35 00 F7 87 A1 DB 89 65 EF AC |...1..5......e..|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x08: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x09: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0A: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0B: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0C: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0D: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 21 11 00 00 7F FE 40 02 62 6A CF 80 00 8A 8F 40 |[email protected]@|
[0010] 00 FF 00 00 00 00 04 1A 10 00 14 84 00 63 35 97 |.............c5.|
[0020] 00 03 F8 2D 69 00 00 07 32 E0 A5 26 84 E7 BE 4F |...-i...2..&...O|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0E: Standard data, 64 bytes
~ Communication: with MAC
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 18 01 FF 00 7F 00 00 00 00 00 00 00 00 00 00 00 |................|
[0010] 00 00 00 00 00 00 00 00 00 FA 00 31 A7 00 35 01 |...........1..5.|
[0020] 34 8F B7 B5 63 93 CE 08 00 00 00 00 00 00 00 00 |4...c...........|
[0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
- File ID 0x0F: Standard data, 32 bytes
~ Communication: plain
~ Read key: free access
~ Write key: key #1
~ Read/Write key: key #1
~ Change key: blocked
~ Contents:
[0000] 18 11 63 35 97 01 27 02 02 56 04 07 04 01 00 00 |..c5..'..V......|
[0010] 40 10 08 07 00 00 54 FD 00 00 00 00 00 00 00 00 |@.....T.........|
Application ID 0xF40110
* Default master key
* Key configuration:
- 3 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes
- Configuration changeable
- Master key required for changing a key
* No files present
Application ID 0xF40111
* Default master key
* Key configuration:
- 3 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes
- Configuration changeable
- Master key required for changing a key
* No files present
Application ID 0xF40112
* Default master key
* Key configuration:
- 3 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes
- Configuration changeable
- Master key required for changing a key
* No files present
Application ID 0xF40113
* Default master key
* Key configuration:
- 3 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes
- Configuration changeable
- Master key required for changing a key
* No files present
Application ID 0xF40114
* Default master key
* Key configuration:
- 3 (3)DES keys
- Master key changeable
- Master key required for:
~ directory list access: no
~ create/delete files: yes
- Configuration changeable
- Master key required for changing a key
* No files present
--------------------------------------
Click to expand...
Click to collapse
Thx
Sent from my C6833 using Tapatalk

This would be considered fraud which is not accepted here on XDA. You're on your own, mate, both in finding the solution to this and in the cell after you get caught.
Cheers!

Thats seriously illegal my friend.
Sent from my SAMSUNG-SGH-I337 using XDA Premium 4 mobile app

Thats seriously illegal my friend.
Click to expand...
Click to collapse
+1 to this .

Thank u
Sent from my SAMSUNG-SGH-I337 using XDA Premium 4 mobile app

How can i get this files from my bus card ? i have phone with nfc and rooted. whic program actually thx
GT-I9500 cihazımdan Tapatalk kullanılarak gönderildi

It is illegal, you know ? We can't help you, but let me give you some tips: you should find a timestamp on the ticket. Find it, find out how it's calculated, and you're on your way (as long as the part containing the timestamp isn't write-protected).
Once you find the problem, I highly suggest you to report the problem to those concerned by the vulnerability, so that they can fix the problem, and maybe reward you somehow
I have already worked in this very field, it is a rather fascinating one !
Edit:
How can i get this files from my bus card ? i have phone with nfc and rooted. whic program actually thx
Click to expand...
Click to collapse
@ahmetozgur I just published an app on here called UltraManager. If your bus card is a Mifare Ultralight tag, you can use my app for the purpose. Otherwise, there are some good apps on Google Play, just look for "NFC tag reader"

How did you get such a detailed information about that card?

Diogo Recharte said:
How did you get such a detailed information about that card?
Click to expand...
Click to collapse
omg so many people asking such simple questions
HEY OP
What card is that ??
im interested in people disposing of beatiful desfire cards xD
i wonder if i can wipe it..

Diogo Recharte said:
How did you get such a detailed information about that card?
Click to expand...
Click to collapse
The application used to capture this card information was TagInfo by NXP. It is available from the Play Store here: https://play.google.com/store/apps/details?id=com.nxp.taginfolite&hl=en

Hello . I live in Madrid (Spain), and I have a transportation voucher. I would like "hack" it, but I would like know for where I can start haha I saw _darkjoker_ said : "you should find a timestamp on the ticket" . How can I do it? I downloaded the program TagInfo by NXP but I need an app where I can change the information of the chip. Is there an app? Because when you buy another month the store clerk swipes the card through a machine NFC ...
If anyone knows anything about this, comment it
Thanks

Hello. Quick question about a ISO 14443-3A id card. Does it support GPS? In other words can it be tracked by GPS? May be a dumb question, but I am not familiar with how the technology works and I'm trying to figure out capabilities. Thanks in advance

GadgetMonger said:
Hello. Quick question about a ISO 14443-3A id card. Does it support GPS? In other words can it be tracked by GPS? May be a dumb question, but I am not familiar with how the technology works and I'm trying to figure out capabilities. Thanks in advance
Click to expand...
Click to collapse
nfc is near field communication, the way it works is there is an antenna/coil inside the tag/card that when next to a tag reader gets a charge from it, giving power to the ic on the card. so the card cannot be directly tracked by gps. BUT, it is possible to have gps enabled tag readers which could track you every time you get close enough to one.

Hello,
Most bus pass technology uses desfire cards with two logical addresses one is public for all the world to see and the other is private , the private sector is encrypted and is updated everytime you put money on it or use it. Also as a duel layer defence most implementations of this technology uses back to base system which means everytime you tap it the card is used to query a database to verify that there is money for the trip and to check if the card is currently being used for a trip.
In NSW Australia we have opal cards they work by storing the balance information and activity in public storage so you can check it through a NFC enabled device and then storing the cards sensitive information in private storage that only the readers at stations and in top up locations can use. Every time we tap on the balance on the card is checked with a database and updated locally when needed then at the end of the trip the cards balance is updated from the central database to the card.
So I don't believe you can simply add more time ( or money) to most bus pass cards.

MRCaratacus said:
Hello,
Most bus pass technology uses desfire cards with two logical addresses one is public for all the world to see and the other is private , the private sector is encrypted and is updated everytime you put money on it or use it. Also as a duel layer defence most implementations of this technology uses back to base system which means everytime you tap it the card is used to query a database to verify that there is money for the trip and to check if the card is currently being used for a trip.
In NSW Australia we have opal cards they work by storing the balance information and activity in public storage so you can check it through a NFC enabled device and then storing the cards sensitive information in private storage that only the readers at stations and in top up locations can use. Every time we tap on the balance on the card is checked with a database and updated locally when needed then at the end of the trip the cards balance is updated from the central database to the card.
So I don't believe you can simply add more time ( or money) to most bus pass cards.
Click to expand...
Click to collapse
Did you ever work out a way to add money to the card? Im in nsw too and i have a school opal card so i dont have to pay anyway but im interested.

Unfortunately no , unless you hack into the database and locate your cards identifier then add money from the central DB , there is no way you can "hack" more money on the card , and even if you could the moment you tapped on it would always take the databases values as correct and either adjust your cards balance or detect the fraud and lock the card down.

Might have a solution but...
buckofive said:
The application used to capture this card information was TagInfo by NXP. It is available from the Play Store here:]https://play.google.com/store/apps/details?id=com.nxp.taginfolite&hl=en
Click to expand...
Click to collapse
It's illegal and we cannot help you in doing what you want.
In theory if you use an app like Mifare classic tool, that has a tool to compare dumps, you can get what changed like time, money or whatever. But that must be done if its with testing nfc cards and just for getting knowledge, not money.

hello
i have nfc card which i use it in university restaurant to pay a lunch could i hack it and but more money
pls help me

can't he overwrite the hex for the date, e.g. Production date: week 38, 2013 -> Week 38, 2018 ?
abood.456 said:
hello
i have nfc card which i use it in university restaurant to pay a lunch could i hack it and but more money
pls help me
Click to expand...
Click to collapse
thats fraud.

[Instant Overheating] Tab Pro 12.2 boot loop

Edit: Narrowed it down to CPU temp going to 120C during boot.. See post #2 for details
I have a Galaxy Tab Pro 12.2 that started randomly reboot a while back (almost a year ago).
The random reboot problems got worse (every few hours) and I eventually removed the 2nd user account, but the reboots kept happening. I did a factory reset and .. to my surprise, the tablet went through the "Optimizing app. xxx of xxx" only to boot into my exact same profile I had before.. nothing had changed. And the reboots became even worse, happening within a few seconds of loading the screen with all my apps. Sometimes it would boot though and I could use it for a few hours, but then it would reboot again.
I've cleared caches and data on apps, wipe cache partition, factory wipe and flashing firmware, logging out of Google.. But currently it barely makes it half way through the "Samsung" spinning logo and then resets. Every once in a while it gets to the apps screen but then reboots if I try to use any apps. So its not bricked, but I can't use it.
I'm desperate here.. any suggestion that will fix it is welcomed.
Thanks

CPU overtemp
By looking at the /proc/last_ksmg log file, I think managed to trace the spontaneous reboots down to the CPU overheating. Within 10 seconds of starting to boot the CPU is over 120C so the kernel forces a shutdown...
[ 10.828495] [L0: kworker/0:2: 1429] thermal_sys: Critical temperature reached (122 C), shutting down
Click to expand...
Click to collapse
I don't know exactly what's normal, but when I sit idle in TWRP the temp is around 32-40C. The temp goes up really fast when I'm copying files. Also any graphics like scrolling or using the Swipe to Confirm > > > button makes it go up really fast. Inside TWRP, if the temp goes over 60C it will spontenously reboot.
The question is: what's causing the CPU to get so hot?
I pulled the cover off and the CPU has a small heatsink that looked to be coupled to the CPU by a thermal pad. The heat sink is soldered down to the motherboard so I can't take it apart and verify it's making good contact, but it clearly hasn't moved since it was manufactured.
Could file operations somehow cause the CPU to overheat? I copied the last_kmsg from the last time it booted. Is there any thing in the log file that points to some operation that is causing it to overheat?
[ 0.000000] [B0: swapper: 0] clkout: bad source 0
[ 0.000000] [B0: swapper: 0] s3c_register_clksrc: clock sclk_hsic_12m has no registers set
[ 0.000000] [B0: swapper: 0] clkout: bad source 0
[ 0.000000] [B0: swapper: 0] (sec_debug_set_upload_magic) 66262564
[ 0.000000] [B0: swapper: 0] (sec_debug_set_upload_cause) cafebabe
[ 0.112425] [B0: swapper/0: 1] gpio: GPZ has no PM function
[ 0.148116] [B0: swapper/0: 1] [exynos5_universal5420_fpga_init] initialization start!
[ 0.148205] [B0: swapper/0: 1] irda_device_init called!
[ 0.148262] [B0: swapper/0: 1] irda_device_init complete
[ 0.400681] [B0: swapper/0: 1] PM DOMAIN : platform_device has not platform bus
[ 0.406119] [B0: swapper/0: 1] Exynos5420 ASV : invalid IDS value
[ 1.337527] I[B0: swapper/0: 1] gps_host_wake_isr GPS pin level[Low]
[ 1.338084] [B0: swapper/0: 1] s3c-adc samsung-adc-v5: operating without regulator "vdd" .
[ 1.364274] [B0: swapper/0: 1] tima_uevent_init
[ 1.792949] [B0: swapper/0: 1] Atmel MXT1664S 0-004a: tsp_atmel/mXT1664S_v2.fw
[ 1.921347] [B0: swapper/0: 1] Atmel MXT1664S 0-004a: mxt_handle_T62_object: Setting T62 report disable.
[ 2.413970] [B0: swapper/0: 1] s5p-hdmi exynos5-hdmi: Set HDMI phy power off
[ 2.437943] [B0: swapper/0: 1] exynos5-jpeg-hx exynos5-jpeg-hx.0: jpeg-hx.0 registered successfully
[ 2.439650] [B0: swapper/0: 1] exynos5-jpeg-hx exynos5-jpeg-hx.1: jpeg-hx.1 registered successfully
[ 2.478408] [B0: swapper/0: 1] max77803_led_setup: leds-sec1, 0x3d
[ 2.483426] [B0: swapper/0: 1] max77803_led_setup: torch-sec1, 0x6
[ 2.506289] [B0: swapper/0: 1] power_supply sec-fuelgauge: driver failed to report `status' property: 4294967274
[ 2.506618] [B0: kworker/0:1: 435] power_supply sec-fuelgauge: driver failed to report `status' property: 4294967274
[ 2.535599] [B0: swapper/0: 1] max77803_get_health_state: Fail to get psy (battery)
[ 2.543454] [B0: kworker/0:1: 435] max77803_get_health_state: Fail to get psy (battery)
[ 2.937673] [B0: swapper/0: 1] wm5102-codec wm5102-codec: dapm: unknown pin RCV
[ 2.937932] [B0: swapper/0: 1] wm5102-codec wm5102-codec: dapm: unknown pin VPS
[ 2.938146] [B0: swapper/0: 1] wm5102-codec wm5102-codec: dapm: unknown pin SPK
[ 2.938356] [B0: swapper/0: 1] wm5102-codec wm5102-codec: dapm: unknown pin HP
[ 2.954595] [B0: swapper/0: 1] regulator get error : mif_sram
[ 3.097038] [B0: swapper/0: 1] sec_bat_check_batt_id: batt_type(SDI SDI), batt_id(719), cap(0x4a8e), type(SDI)
[ 3.098906] [B0: swapper/0: 1] sec_bat_is_lpm: lpcharge(0)
[ 3.100579] [B0: kworker/0:1: 435] sec_bat_is_lpm: lpcharge(0)
[ 3.195305] [B1: kworker/u:3: 1323] sec_bat_is_lpm: lpcharge(0)
[ 3.199922] [B1: kworker/1:1: 942] sec_bat_is_lpm: lpcharge(0)
[ 3.650018] [B1: init: 1] init: /init.rc: 953: setprop requires 2 arguments
[ 3.651043] [B1: init: 1] init: /init.universal5420.rc: 79: ignored duplicate definition of service 'dhcpcd_bt-pan'
[ 3.651207] [B1: init: 1] init: /init.universal5420.rc: 84: ignored duplicate definition of service 'iprenew_bt-pan'
[ 3.651811] [B1: init: 1] init: /init.universal5420.rc: 516: ignored duplicate definition of service 'mobicore'
[ 3.652578] [B1: init: 1] init: could not import file '/init.sec_debug.rc' from '/init.rc'
[ 3.652918] [B1: init: 1] init: /init.container.rc: 78: invalid option 'start'
[ 3.653104] [B1: init: 1] init: /init.rilcommon.rc: 13: ignored duplicate definition of service 'at_distributor'
[ 3.653262] [B1: init: 1] init: /init.rilcommon.rc: 18: ignored duplicate definition of service 'DR-daemon'
[ 3.653416] [B1: init: 1] init: /init.rilcommon.rc: 23: ignored duplicate definition of service 'BCS-daemon'
[ 4.111826] [B3: ueventd: 1438] sec_bat_is_lpm: lpcharge(0)
[ 4.296970] [B3: ueventd: 1438] power_supply sec-fuelgauge: driver failed to report `status' property: 4294967274
[ 4.322997] [B2: init: 1] init: /dev/hw_random not found
[ 4.402645] [B0: init: 1] init: using deprecated syntax for specifying property 'ro.serialno', use ${name} instead
[ 4.404309] [B0: init: 1] init: /dev/hw_random not found
[ 4.508031] [B1: kworker/u:3: 1323] sec_bat_is_lpm: lpcharge(0)
[ 4.515400] [B1: kworker/1:2: 1437] sec_bat_is_lpm: lpcharge(0)
[ 4.537858] [B0: init: 1] init: Running /dev/block/platform/dw_mmc.0/by-name/PERSDATA on ext4
[ 4.546813] [B0: init: 1] printing data of superblock-bh
[ 4.546904] [B0: init: 1] print_bh: bh dd103a80, bh->b_size 1024, bh->b_data c2191400
[ 4.547039] [B0: init: 1] As EXT4-fs error, printing data in hex
[ 4.547167] [B0: init: 1] [partition info] s_id : mmcblk0p16, start sector# : 237568
[ 4.547262] [B0: init: 1] dump block# : 1, start offset(byte) : 0
[ 4.547389] [B0: init: 1] length(byte) : 1024, data_to_dump 0xc2191400
[ 4.547516] [B0: init: 1] -------------------------------------------------
[ 4.547648] [B0: init: 1] 0x0000 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.547753] [B0: init: 1] 0x0010 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.547953] [B0: init: 1] 0x0020 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548097] [B0: init: 1] 0x0030 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548239] [B0: init: 1] 0x0040 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548382] [B0: init: 1] 0x0050 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548525] [B0: init: 1] 0x0060 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548666] [B0: init: 1] 0x0070 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548808] [B0: init: 1] 0x0080 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.548951] [B0: init: 1] 0x0090 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549093] [B0: init: 1] 0x00a0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549234] [B0: init: 1] 0x00b0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549377] [B0: init: 1] 0x00c0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549519] [B0: init: 1] 0x00d0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549661] [B0: init: 1] 0x00e0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549803] [B0: init: 1] 0x00f0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.549946] [B0: init: 1] 0x0100 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550088] [B0: init: 1] 0x0110 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550231] [B0: init: 1] 0x0120 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550373] [B0: init: 1] 0x0130 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550517] [B0: init: 1] 0x0140 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550660] [B0: init: 1] 0x0150 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550762] [B0: init: 1] 0x0160 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.550906] [B0: init: 1] 0x0170 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551048] [B0: init: 1] 0x0180 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551192] [B0: init: 1] 0x0190 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551334] [B0: init: 1] 0x01a0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551477] [B0: init: 1] 0x01b0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551620] [B0: init: 1] 0x01c0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551763] [B0: init: 1] 0x01d0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.551906] [B0: init: 1] 0x01e0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552047] [B0: init: 1] 0x01f0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552189] [B0: init: 1] 0x0200 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552354] [B0: init: 1] 0x0210 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552498] [B0: init: 1] 0x0220 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552641] [B0: init: 1] 0x0230 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.552785] [B0: init: 1] 0x0240 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553031] [B0: init: 1] 0x0250 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553176] [B0: init: 1] 0x0260 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553320] [B0: init: 1] 0x0270 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553464] [B0: init: 1] 0x0280 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553607] [B0: init: 1] 0x0290 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553752] [B0: init: 1] 0x02a0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.553895] [B0: init: 1] 0x02b0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554003] [B0: init: 1] 0x02c0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554153] [B0: init: 1] 0x02d0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554299] [B0: init: 1] 0x02e0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554450] [B0: init: 1] 0x02f0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554596] [B0: init: 1] 0x0300 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554748] [B0: init: 1] 0x0310 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.554892] [B0: init: 1] 0x0320 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555042] [B0: init: 1] 0x0330 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555187] [B0: init: 1] 0x0340 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555340] [B0: init: 1] 0x0350 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555483] [B0: init: 1] 0x0360 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555636] [B0: init: 1] 0x0370 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555780] [B0: init: 1] 0x0380 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.555934] [B0: init: 1] 0x0390 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556077] [B0: init: 1] 0x03a0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556232] [B0: init: 1] 0x03b0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556374] [B0: init: 1] 0x03c0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556528] [B0: init: 1] 0x03d0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556671] [B0: init: 1] 0x03e0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556825] [B0: init: 1] 0x03f0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
[ 4.556965] [B0: init: 1] ---------------------------------------------------
[ 4.557065] [B0: init: 1] EXT4-fs (mmcblk0p16): VFS: Can't find ext4 filesystem
[ 4.674116] [B0: init: 1] init: do_restorecon: Could not access /carrier
[ 4.712492] [B0: init: 1] init: cannot find '/system/bin/sysmon', disabling 'sysmon'
[ 4.730138] [B0: init: 1] init: using deprecated syntax for specifying property 'ro.product.manufacturer', use ${name} instead
[ 4.730418] [B0: init: 1] init: using deprecated syntax for specifying property 'ro.product.model', use ${name} instead
[ 4.730668] [B0: init: 1] init: using deprecated syntax for specifying property 'ro.serialno', use ${name} instead
[ 4.752414] [B1: init: 1] init: cannot find '/system/bin/debuggerd64', disabling 'debuggerd64'
[ 4.769036] [B2: init: 1] init: cannot find '/system/bin/sensorhubservice', disabling 'sensorhubservice'
[ 4.776491] [B2: init: 1] init: Warning! Service epmlogd needs a SELinux domain defined; please fix!
[ 4.778874] [B1: init: 2233] init: SELinux Warning! Service epmlogd runs as u:r:undefined_service:s0!!! Please fix!
[ 4.788989] [B2: init: 1] android_usb: already disabled
[ 4.818252] [B2: sh: 2190] mmc_force_presence_change: called for device exynos5_device_dwmci1
[ 4.958663] [B2: pkgld: 2269] sdcardfs: missing packages.list; retrying
[ 5.355399] [B2: sh: 2190] ice4_fpga: probe complete barcode_emul_probe
[ 5.546503] [B3: kworker/u:3: 1323] sec_bat_is_lpm: lpcharge(0)
[ 5.567394] [B3: kworker/3:1: 1164] sec_bat_is_lpm: lpcharge(0)
[ 5.721636] [B3: healthd: 2195] healthd: wakealarm_init: timerfd_create failed
[ 5.725834] [B3: healthd: 2195] sec_bat_is_lpm: lpcharge(0)
[ 6.602211] [B3: kworker/u:2: 1072] sec_bat_is_lpm: lpcharge(0)
[ 6.632229] [B0: kworker/u:2: 1072] sec_bat_is_lpm: lpcharge(0)
[ 6.632977] [B0: kworker/0:2: 1429] sec_bat_is_lpm: lpcharge(0)
[ 6.634537] [B1: healthd: 2195] sec_bat_is_lpm: lpcharge(0)
[ 6.962961] [B2: pkgld: 2269] sdcardfs: missing packages.list_end; retrying
[ 6.963530] [B2: pkgld: 2269] sdcardfs: missing packages.list; retrying
[ 8.786490] [B1: irq/533-arizona: 943] arizona spi2.0: Mixer dropped sample
[ 8.789510] [B1: irq/533-arizona: 943] arizona spi2.0: ASRC underclocked
[ 8.968000] [B1: pkgld: 2269] sdcardfs: missing packages.list_end; retrying
[ 8.968182] [B1: pkgld: 2269] sdcardfs: missing packages.list; retrying
[ 10.826634] [L0: kworker/0:2: 1429] Try S/W tripping, send uevent TMUSTATE=3
[ 10.828495] [L0: kworker/0:2: 1429] thermal_sys: Critical temperature reached (122 C), shutting down
No errors detected
Last reset was reset (RST_STAT=0x100)
Click to expand...
Click to collapse

thermal-engine.conf location?
i haven't had any suggestions here.. so maybe I should try a direct question...
Is there any chance that CPU throttling is broken? Where would I go to find the thermal-engine.conf file to check if i can make some modifications to control (or ignore?) the overheating?
Kinda pisses me off that the CPU isn't even warm to the touch and I'm still getting these overheating reboots within seconds of turning it on. Seems' like they're bogus messages. I've got an RMA to send it back to have Samsung replace the motherboard which is going to cost $250.. i figure i don't have much to lose at this point with experimenting on this thing.