GSM international news Postado Março 10, 2011 Compartilhar Postado Março 10, 2011 Hi, new firmware for Cyclonebox is Avaiable. - Added PM308 decryption for NEW phones (RAPU , RAP3Gv4, RAPIDO New ), that means you can: - Superdongle Key backup - CMLA Key backup - Correct Phone Security Analysis for this phones - Correct MCU/DSP timestamps analysis - Phone auhtorization without corrupting SD key, when SD key is correct - After local SX4 auth , phone STILL MIGHT BE authorized with ORIGINAL NOKIA SX4 CARD - Created RPL from RAPU/RAP4 phones are now 100% like delivered from Nokia! That means after full erase and writing back backed-up RPL, your phone STILL MIGHT BE AUTHORIZED WITH ORIGINAL SX4 CARD - no security issues ! - Created RPL from RAPU phones might also SAVE PHONE from DESTROYING by some other tools (Contact Service after upgrade to latest versions...) - Minor changes and bugfixes This is firmware-side update only, upgrade your box firmware to v1.57 and use latest installer v1.12 Created RPL with FULL NOKIA CONTENT (SD, CMLA, ...) Quote: RPL Creation started... Processing CMT Part... Storing Product Code... Storing PSN... Storing HWID... Trying to store Simlock... Reading Configuration Key... Hashing... Reading SHA1-RSA Signature... Reading SHA1-HMAC Signature... Storing Simlock... Trying to store WMDRM RPL... Reading Keys... Storing WMDRM PD... Reading Security Block... Security block OK and saved to "RM-469_355216039314532_2011-03-10_130535.SecurityBlock.PM" "1BB0020A296303443292389F545846C201100A5C.C0003160 " Exists, That is good... Storing Additional Data... Checking Superdongle Key... Encrypting Superdongle Key... Storing Superdongle Key... Checking CMLA Key... Storing CMLA Key... Booting CMT... CMT_SYSTEM_ASIC_ID: 000000030000022600010007600C192102011104 CMT_EM_ASIC_ID: 00001040 CMT_EM_ASIC_ID: 00001030 CMT_PUBLIC_ID: 1BB0020A296303443292389F545846C201100A5C CMT_ASIC_MODE_ID: 00 CMT_ROOT_KEY_HASH: 25B977A055BE9B5DEC0C38A2A279C695 CMT_BOOT_ROM_CRC: 3E273BF6 CMT_SECURE_ROM_CRC: 37BE26FA CMT Ready! Searching for BootCode: DualLine 32Bit RAPUv11_2nd.fg, Type: 2nd Boot Loader, Rev: 768.10.48.1, Algo: BB5 Flashbus Write baud set to 1.0Mbits Flashbus Read baud set to 98Kbits Using NEW BB5 FLASHING PROTOCOL Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit Box TX2 Data Pin set to: Service Pin 3 FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC FlashChip[0,CMT]: 0x0020004000000031, ST, NOR FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR FlashChip[0,CMT]: 0x0020004000000031, ST, ONENAND Requested Algorithm: XSR 1.6 (CMT) Searching for BootCode: DualLine 32Bit FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported RAPUv11_XSR17_alg.fg, Type: Algorithm, Rev: 768.10.48.1, Algo: XSR 1.6 Initializing TurboCache... TurboCache Loaded! Writing CMT PASUBTOC Certificate... Writing CMT ALG Certificate... CMT Algorithm Ready! Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit Box TX2 Data Pin set to: Service Pin 3 Adding FUR Client (CMT, State: Ready)... CMT FUR Ready! Box VPP disabled Internal CMT Phone VPP Enabled PAPUBKEYS Hash for CMT: 85F252E351E225CAFC4DFBC8041EABD2823E3500 APE Subsystem Not Found Flashbus Write baud set to 5.0Mbits Storing NPC... Storing CCC... Storing HWC... CMT VARIANT Not Found Restarting MCU... RPL Saved OK Example seccurity analysis, timestamp analysis, etc for RAPU Quote: Started Reading MCU & DSP Timestamps... MCU Version V ICPR82_09w46.8 MCU Date 30-03-10 Product RM-469 (Nokia E52) Manufacturer © Nokia IMEI 355216039314532 Mastercode 2637612627 Reading Security Block... Security block OK and saved to "RM-469_355216039314532_2011-03-10_130314.SecurityBlock.PM" "1BB0020A296303443292389F545846C201100A5C.C0003160 " Exists, That is good... Booting CMT... CMT_SYSTEM_ASIC_ID: 000000030000022600010007600C192102011104 CMT_EM_ASIC_ID: 00001040 CMT_EM_ASIC_ID: 00001030 CMT_PUBLIC_ID: 1BB0020A296303443292389F545846C201100A5C CMT_ASIC_MODE_ID: 00 CMT_ROOT_KEY_HASH: 25B977A055BE9B5DEC0C38A2A279C695 CMT_BOOT_ROM_CRC: 3E273BF6 CMT_SECURE_ROM_CRC: 37BE26FA CMT Ready! Searching for BootCode: DualLine 32Bit RAPUv11_2nd.fg, Type: 2nd Boot Loader, Rev: 768.10.48.1, Algo: BB5 Flashbus Write baud set to 1.0Mbits Flashbus Read baud set to 98Kbits Using NEW BB5 FLASHING PROTOCOL Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit Box TX2 Data Pin set to: Service Pin 3 FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC FlashChip[0,CMT]: 0x0020004000000031, ST, NOR FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR FlashChip[0,CMT]: 0x0020004000000031, ST, ONENAND Requested Algorithm: XSR 1.6 (CMT) Searching for BootCode: DualLine 32Bit FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported FlashChip 0x00200040 (ST), Size: 256MBytes, VPP: Not Supported RAPUv11_XSR17_alg.fg, Type: Algorithm, Rev: 768.10.48.1, Algo: XSR 1.6 Initializing TurboCache... TurboCache Loaded! Writing CMT PASUBTOC Certificate... Writing CMT ALG Certificate... CMT Algorithm Ready! Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit Box TX2 Data Pin set to: Service Pin 3 Adding FUR Client (CMT, State: Ready)... CMT FUR Ready! Box VPP disabled Internal CMT Phone VPP Enabled PAPUBKEYS Hash for CMT: 85F252E351E225CAFC4DFBC8041EABD2823E3500 APE Boot skipped on user request Flashbus Write baud set to 5.0Mbits Reading MCUSW... Reading DSP0... Restarting MCU... ------ SECURITY BLOCK TIMESTAMPS ------ Timestamp Slots Detected: 4 Timestamp[1] "AENO", 2010-02-19 11:11:38 Timestamp[1] Hash "0BCD489612D4A4968B4D42A5631FC85C5D7E0E81" Timestamp[1] Factory MCUSW Timestamp 1970-01-01 02:00:00 Timestamp[1] Dejan Hack Detected Timestamp[1] ValidAfter Factory MCUSW Test Passed OK! Timestamp[2] "CMCU", 2010-04-02 11:57:08 Timestamp[2] Hash "4CC50641D7C45E9DFE2967D4802C8710547BF54A" Timestamp[2] Factory MCUSW Timestamp 2009-09-02 15:18:02 Timestamp[2] ValidAfter Factory MCUSW Test Passed OK! Timestamp[3] "CDSP", 2010-04-02 11:57:07 Timestamp[3] Hash "D8C94BFA607710D856D8C78A9CE3EB411CD7AC4C" Timestamp[3] Factory MCUSW Timestamp 2009-09-02 15:18:02 Timestamp[3] ValidAfter Factory MCUSW Test Passed OK! Timestamp[4] "AMCU", 2010-04-02 11:57:09 Timestamp[4] Hash "BFC854388C2C26014F05B5084A8033CB30E472EB" Timestamp[4] Factory MCUSW Timestamp 2009-09-02 15:18:02 Timestamp[4] ValidAfter Factory MCUSW Test Passed OK! ------------------------------------- ------ ACTUAL FLASH TIMESTAMPS ------ MCUSW Timestamp 2010-04-02 11:57:08 Flash MCUSW Timestamp synchronized with Security Block MCUSW Timestamp OK! DSP Timestamp 2010-04-02 11:57:07 Flash DSP Timestamp synchronized with Security Block DSP Timestamp OK! ------------------------------------- Finished, MCU and DSP Timestamps looks good! Started Phone Security Analysis... MCU Version V ICPR82_09w46.8 MCU Date 30-03-10 Product RM-469 (Nokia E52) Manufacturer © Nokia IMEI 355216039314532 Mastercode 2637612627 Reading Security Block... Security block OK and saved to "RM-469_355216039314532_2011-03-10_130516.SecurityBlock.PM" Step 1 : Testing SIMLOCK SIMLOCK SEFLTEST PASSED OK! Step 2 : Testing SECURITY SECURITY SEFLTEST PASSED OK! Step 3 : Analyzing Security Block "1BB0020A296303443292389F545846C201100A5C.C0003160 " Exists, That is good... Checking SUPERDONGLE... SUPERDONGLE FOUND AND CHECKSUM OK! PASSED! Checking SIMLOCK... Failed to decode Security Section, Box Reported: Security Section Not Found (SL3 phone?) Checking MCU&DSP TIMESTAMPS... MCU&DSP TIMESTAMPS FOUND AND CHECKSUM OK! PASSED! Checking CMLA KEYS... CMLA KEYS FOUND AND CHECKSUM OK! PASSED! Checking ECC KEYS... ECC KEYS FOUND AND CHECKSUM OK! PASSED! Checking DIV KEYS... DIV KEYS FOUND AND CHECKSUM OK! PASSED! Analyze finished! Best Regards, Cyclone Team Clan GSM, the Best of Brazil Forum http://forum.clangsm.com.br GSM Hosting, the largest forum of the World http://forum.gsmhosting.com Union of the best and strongest. Citar Link para o comentário Compartilhar em outros sites More sharing options...
Posts Recomendados
Participe da conversa
Você pode postar agora e se cadastrar mais tarde. Se você tem uma conta, faça o login para postar com sua conta.
Nota: Sua postagem exigirá aprovação do moderador antes de ficar visível.