:COOL: GREAT NEWS FOR ALL s60v3 device users ... this is not my project it was all done by FCA00000 from sf and former modo in smo forum ... he deviced a way for users to access all the files on ur s60v3 phones like : n80 n73 etc.. including the sys folder and the private folder ... here it is in his own words ...


"""Good news: I managed to hack my Nokia-N80 using a software-only solution, and remove all permissions limitation.
I was able to browse c:\sys and private directories.
Now I need someone else to try.
So, if you have a Nokia with S60v3 , a connecting USB cable, and some time, please reply.
If you have CodeWarrior and MetroTRK up and running, much better.
Thanks


=========================================

Goodbye S60 Platform Security! Hack to override permissions?



As I have already said numerous times, there is no perfect protection, there are no perfect solutions and it is only a question of time when the 3rd Edition security will be hacked.

Actually it has been broken already by the firmware patching but it is the extremely dangerous procedure and also Nokia have fixed it by encoding that part of firmware with the latest updates.

I guess that everything about the "new" Symbian's platform security is very well known and already discussed numerous times here on SF, especially over at our forum section, so I’ll not repeat it again. This obnoxious concept was introduced by Nokia few years ago with its first S60 3 rd edition phone (N80) and it is based on the idea that nobody gets access to those data ca... ..

Read more: S60 3rd Ed platform security has been kacked - full story

Sincerely yours,
Teo"""

ps:this hack will only work for pre fp1 phones like [the n80 and the n73] and confirmed to be working only on n95 and 5700 and (n95-8gb by mr.papadocta) AND (the n82 by mr.nightshift).. still no news on other fp1 or fp2
pps: :D there are some issues on running this hack on vista so use xp for a sure result .. :devilish:

Unstuck - Dansco

here is what u need .. also a quote from mr.FCA00000 at SF forums ... i just wanted to share this great news with all ipmart users ...

i have attached a how to for dummies in this post for the less advanced members .. i advice u to read it before u ask

"" First of all: you can get the needed files from

http://fca00000.googlepages.com/hack_perms_s60v3.rar(i attached them here)


1) Current state:

In S60v3, Symbian implemented a security mechanism: applications need to be signed in order to access some services.
A developper can self-sign his own applications, but the most critical services need a powerful certificate, which not everyone can afford.
For example, you can not make a file browser able to access c:\sys . This is not very important, but some people feels that they should be able
to do anything they want.

2) The theory:

When a program is signed and you install it, its privileges are stored in a internal folder. When the program is executed and
tries to access a service, the privileges are checked. If they don't match, the service can not be executed, and gives an error.
In the PC emulator for Symbian, it is possible to overrride this, so that missing privileges give a warning, not an error.
This is controlled through a file called EPOC.INI that includes a line like
PlatSecEnforcement OFF
In the phone, this is not modifiable directly.
The routine controlling this is called
DProcess:: DoHasCapability(TCapability , char const)

In my Nokia N80, this is at F80478BC and says
....
F8047968 BL log_missing_capabilities (F80458D8)
....

Look at F80458D8:
....
F8045930 LDR R0, =pSuperPage
F8045934 LDR R0, [R0]
F8045938 LDR R0, [R0,#0x148]
F804593C TST R0, #2
F8045940 BEQ loc_F804597C
F8045944 ADR R1, aError
F8045948 MOV R0, R1
....


Basically, this looks at the data at [pSuperPage+0x148] and checks bit 2.
If it is set, any missing capability will give an error.
If not, it will log the problem, but the check will succeed.

So, all you need to do is to change this value.

In my mobile, pSuperPage has value 0x60000000, so the data is stored at 0x60000148

3) the hack:

The programming enviroment Carbide.c++ v1.2 includes a file called s60_3_0_app_trk_2_7.sisx
It also comes with CodeWarrior Pro for Symbian, although it is version S60_App_TRK_2_5.sisx
This file is a On-Device-Debugger, used to run programs inside the phone, and see the flow and data in the PC.
In my experience, CodeWarrior is easier to use for debugging.
It allows to look at the program registers, phone memory, processes, and change the data.
At memory address 0x60000148 the value stored is 0x0000001E , which means that
PlatSecEnforcement is ON
So, change it from 0x0000001E to 0x00000010 and you get all the permissions !

4) The tools:

You need a Nokia phone using Symbian 9 .
You also need some way to connect it to a PC, for example USB or bluetooth. Infrared is not valid.
Next step is the MetroTRK.
If you have CodeWarrior, it is the preferred solution. If not, I made a Python program to emulate it.
If you have IDA-disassembler a a ROM dump, then you can investigate in case it doesn't work.

5) The phone:

I have tested with Nokia-N80. I suppose it works with any phone using S60v3.
The changes I make are only in memory. This means that when the phone is switched-off, the hack dissapears.
You need to run it again after a restart. I know this is a limitation, but a permanent solution will come later.
On he other hand, this is good: there is (almost) no risk on permanently breaking your phone.
Of course, do it under your own risk. I take no responsability

6) The connection:

I use a USB cable labelled CA-42 which is a simple data cable; no fancy stuff.
Connect the phone to the PC.
The phone asks the mode you want to use: 'PC Suite'
My operating system is Windows-XP and my PC detects automatically the driver, installing
something called 'Nokia N80 USB modem'.
If not, drivers are available in many places, for example
http://www.nodevice.es/driver/CA-42/get37496.html
If you have PC-Suite, you probably have the driver already. But remember that you need to disable in the PC: stop the program.
At this point, you probably have a new serial port:
Control Panel->System->Hardware->Device Manager->Ports
should show
'Nokia N80 USB (COM6)'
It might happen that you have both COM6 and COM7 . You will need to try both.

7) The MetroTRK:

This is a debugger that installs in the phone. It has powerfull permissions and a strong certificate, which allows to read/write memory.
Transfer the file s60_3_0_app_trk_2_7.sisx into your mobile, and install it.
You should see a new application called 'TRK'.
Run it.
By default it tries to use BlueTooth, so it might give an error because no available ports.
Options->Settings->Connection=USB
Options->Settings->Port=1
Options->Settings->Baud Rate=115200
Options->Connect should tell:
Welcome to TRK for Symbian OS
Status: Connected
PDD: NONE
LDD: EUSBC
CSY: ECACM
Port Number: 1
Baud rate: 115200

This is the most difficult step.
If you get
'Failed to open port.Error Code: -21'
this means that your PC is not talking to the mobile. This is the case when the driver is not installed.

7.1) You need another program called HelloCarbide . It is a simple example. Install it in c:
You also need to transfer HelloCarbide.exe directly under c:\HelloCarbide.exe using any FileBrowser, ex: SExplorer

The hacker:
If you have CodeWarrior, go to 8.2 . If not, go to 8.1
8.1) I made a program called hack_perms_s60v3.py
It is written in pyhton, so you need Python25 from www.python.org
It uses the serial port, so you also need pyserial (http://sourceforge.net/projects/pyserial)
and probably pywin32 (http://sourceforge.net/projects/pywin32)
Download the binaries and execute them. As simple as that.

My program uses COM6 at line
ser = serial.Serial(5)
If you have another port, change this number. example: COM9= ser 8(so just see what ur com port # is and -1 is ur ser #) [see reply number 26 for tuto]

Run my program by typing
hack_perms_s60v3.py

It logs a lot of information. In case of problems, investigate. I _might_ try to help.

If you get
serial.serialutil.SerialException: could not open port: ... The system cannot find the file specified.
this means that the port doesn' exist.

If you get
serial.serialutil.SerialException: could not open port: ... The process cannot access the file because it is being used by another process.
this means that there is another program using the port. Most probably you are trying COM7 instead of COM6.

If it hangs after
sendFrame=00
sendFrame=FF
sendFrame=7E
this means that MetroTRK is not running in the mobile.

If everything goes OK, it takes 40 seconds and the last line are:
Close
End+Exit

Look at the trace: you should see 2 lines like:
Read Memory 60000148=1E 00 00 00
candidate!!!

This is good. It means that it found the correct address and patched it.

8.2) If you have CodeWarrior and know how to use it, it is better.
Load any program you have (HelloWorld.mmp is perfect) and start a mobile debugging session:
The target should be GCCE UDEB .
In its settings->Remote Debugging->Connection = Symbian Metro TRK
Same window->Edit Connection->Connection Type=Serial ; Port = COM6
Same window->Remote dowload path = c:\
settings->Remote Download-> Remove any file here
Remember that, because of security, applications can't be downloaded into c:\sys\bin , so they
need to be installed before. I do this manually.
See:
http://www.mobilenme.com/content/view/41/26/
http://mikie.iki.fi/wordpress/?p=33#comment-6299
http://www.newlc.com/topic-5398
http://discussion.forum.nokia.com/forum/showthread.php?t=72632
http://discussion.forum.nokia.com/forum/showthread.php?t=80807

Now, start debugging the program.
You should see the 'Metro TRK Communication Log' with lots of information.
Break the program.
Select the stack.
Menu->Data->View Memory . Ignore the error
Display 0x60000000
Look at 0x60000148. Probably has value 0x1E
Double-click, and type 0x10. Hit enter.
Run program.
Close Thread window. Resume.

9) Advanced: 9not for all users.. only hardcore people)

If you have IDA-disassembler and a ROM dump, you can see the actual code.
This is a heavy task, but the main file is ekern.exe
You can get a full Dump using this Symbian code:
RFs fileSession;
fileSession.Connect();

RFile file;
file.Replace(fileSession, _L("e:\\F8000000.bin"), EFileWrite);

TBuf8<0x200> buf;

TUint8 *p =(TUint8*)0xF8000000; // (TUint8*)0xF8000000;
TUint8 *pEnd = (TUint8*)0xFA000000; // (TUint8*)0xFA000000;
TUint8 iVal = 0;
for(;p < pEnd;p++)
{
iVal = *p;
buf.Append(iVal);

if(buf.Length() == buf.MaxLength())
{
file.Write(buf);
buf.Zero();
}
}

file.Close();
fileSession.Close();
And then extract files using ROMTools from Syminternals. If you can't get it, I can provide it.
To use IDA, get the Symbian SDK, and process through ROMTools . Name the routines and study the disassembled code.

10) Test:

Start any application which needs pivileges. I tried SExplorer and TrueExplorer, and I was able to
browse c:\sys , although:
10.1) SExplorer can not access Z:\sys

10.2) TrueExplorer can not find files under c:\sys\bin



It works in my Nokia-80, and I expect to work also in other models.

Did it work for you? Please post results."""

for fp1 devices(n95 etc .. u can try the fp1 attachment see if it works see reply #46 on page 2 for more details)
n82 users try the alternative trk instead....


Check this for more user friendly process : http://www.ipmart-forum.com/showpost.php?p=1903987&postcount=86

i have personally tried his method on my n80ie .. and it worked perfectly i opened the sys folders using xplore .

and also mr.NIGHTSHIFT made a colored oplogo for me .. that i copied to the private folder without any patching to the fw .. thanks alot to him and to FCA00000 for there great helps

ps: this method will work until u restart ur phone .. then u will have to do it all over again (takes like 10 secs)

apparently mr.FCA00000 has updated the py script .. so i attached the new one here instead of the old one (thanks go to daddyfatsax)
added nokia cable drivers old and newer version if the older doesnt work for u try th new one ... thanks to our members for the tip

GREAT NEWS UPDATE :thanks for mr.nightshift for the link . and to FCA00000 for all his efforts all credits go
to that great man ..

now u can use the hack on ur own phone with no need for the pc (except to apply the hack for

the first time only) here is what he said...


"" This is a way to apply the hack without need of a computer.
Don't get too excited: you NEED to hack it the first time, although not afterwards.

This initial post is only for people having a preFP1 phone: N80, E50, E61, N73, E60.
Doesn't work for FP1 models: N95, 5700, N81, N82

It works like this:
1) apply the python script to patch the phone and hack permissions. Look at the above post

2) download S60_3_0_Prof_v1_62.sisx from

http://tools.ext.nokia.com/agents/index.htm (attached here)
3) install it
4) now the hack:
4.1)go to my own folder->Profiler
4.2) menu Options->Profiler->Start. It says 'Status: initialising'
4.3) then it says 'Status: sampling'
4.4) Options->Profiler->Stop
4.5) it says 'Status: finished'
4.6) Exit
5) get http://FCA00000.googlepages.com/CProfDriver_SISX.ldd (attached here)
6) copy into your phone c:\sys\bin\CProfDriver_SISX.ldd (this is why you need the initial

hack)
7) it will ask to overwrite.choose yes ..... the old version had 6 Kb. The new one has 17

Kb. Please verify.

everytime you restart your phone, do step "4) "again. (only 4 dont do 5 or 6)

If you want to test, just reset your phone and do only step " 4) "


edit// I TRIED IT AND IT WORKS ON MY N80IE ... WOHOOOOO

editt//
for fp1 he posted this info maybe u can try see if it works too ...

for FP1:
Same as before, except:
2) download S60_3_1_Prof_v1_62.sisx
5) get http://FCA00000.googlepages.com/31_CProfDriver_SISX.ldd
5.1) rename as CProfDriver_SISX.ldd (the file in my attachment is already renamed .. dont

rename)

if 4.2) fails the first time, do
2) download S60_3_1_Prof_v1_62_SIZE.sisx
and don't do 5)

prefp1 devices are :n80 . n73 . 5700 ... etc
fp1 devices:n95 n95-8gb etc ...

EDIT:// there was a mix up with the files .. please anybody who downloaded the "fp1 hack on phone needed files" before 28th of march re-download the fixed one .. sorry for the inconvenience

UPDATE:now the silent hack by FCA00000 .. u can turn the hack on and off using the apps capsoff and caps on(attached) .. here is what he wrote ... ...
1) apply the hack using the script (or Profiler aplication) (as written above)
2)install CapsOn.sisx
3) install CapsOff.sisx

To hack the phone, run CapsOff. To revert to normal, run CapsOn
Program runs and exits inmediatly.
To test it, run any unprivileged application and see if it gets permissions.
For example, unpatched X-plorer should be able to access c:\sys\bin\

Remember: CapsOn is normal. CapsOff means hacked.

for a tuto on signing unsigned apps using this method by Mr.swankyleo please go here click me (http://www.ipmart-forum.com/showthread.php?t=240577)

I never understood why people have to sign their software.... I own a nokia E65 for a year now, (spanish vodafone), and I never ever had to sign a program. I just install it and it works...

ok i will give it a try

I never understood why people have to sign their software.... I own a nokia E65 for a year now, (spanish vodafone), and I never ever had to sign a program. I just install it and it works...

Someone needs it, some other one doesn't.....

Pretty nice post. I can confirm it working for N73.
That trick works for every pre FP1 device.

Pretty interesting post, bAsem!

lol thanks NS ma man ... it was ur idea to post it ,, so i just did it :D

hope more people try it and tell us if its workin on other devices and i can help them as much as i can

thanks again for the oplogo .. here is how it looks

I never understood why people have to sign their software.... I own a nokia E65 for a year now, (spanish vodafone), and I never ever had to sign a program. I just install it and it works...

maybe ur using open applications that need no signing .. but now i think if people cant sign something they could just unpack the sis and just copy it to the phone without the need to connect the phone to the pc in mass storage .. i mean in theory that is

this method can be very usefull for many things .. and i beleive i have the right to open every damn folder in my device with no restrictions :D

peace ,,

here i give u this file i get this thing from other sits
so check it out

Goodbye S60 Platform Security! Hack to override permissions?



As I have already said numerous times, there is no perfect protection, there are no perfect solutions and it is only a question of time when the 3rd Edition security will be hacked.

Actually it has been broken already by the firmware patching but it is the extremely dangerous procedure and also Nokia have fixed it by encoding that part of firmware with the latest updates.

I guess that everything about the "new" Symbian's platform security is very well known and already discussed numerous times . This obnoxious concept was introduced by Nokia few years ago with its first S60 3 rd edition phone (N80) and it is based on the idea that nobody gets access to those data ca..


1) Current state:
In S60v3, Symbian implemented a security mechanism: applications need to be signed in order to access some services.
A developper can self-sign his own applications, but the most critical services need a powerful certificate, which not everyone can afford.
For example, you can not make a file browser able to access c:\sys . This is not very important, but some people feels that they should be able
to do anything they want.

2) The theory:
When a program is signed and you install it, its privileges are stored in a internal folder. When the program is executed and
tries to access a service, the privileges are checked. If they don't match, the service can not be executed, and gives an error.
In the PC emulator for Symbian, it is possible to overrride this, so that missing privileges give a warning, not an error.
This is controlled through a file called EPOC.INI that includes a line like
PlatSecEnforcement OFF
In the phone, this is not modifiable directly.
The routine controlling this is called
DProcessHasCapability(TCapability , char const)

In my Nokia N80, this is at F80478BC and says
....
F8047968 BL log_missing_capabilities (F80458D8)
....

Look at F80458D8:
....
F8045930 LDR R0, =pSuperPage
F8045934 LDR R0, [R0]
F8045938 LDR R0, [R0,#0x148]
F804593C TST R0, #2
F8045940 BEQ loc_F804597C
F8045944 ADR R1, aError
F8045948 MOV R0, R1
....


Basically, this looks at the data at [pSuperPage+0x148] and checks bit 2.
If it is set, any missing capability will give an error.
If not, it will log the problem, but the check will succeed.

So, all you need to do is to change this value.

In my mobile, pSuperPage has value 0x60000000, so the data is stored at 0x60000148

3) the hack:
The programming enviroment Carbide.c++ v1.2 includes a file called s60_3_0_app_trk_2_7.sisx
It also comes with CodeWarrior Pro for Symbian, although it is version S60_App_TRK_2_5.sisx
This file is a On-Device-Debugger, used to run programs inside the phone, and see the flow and data in the PC.
In my experience, CodeWarrior is easier to use for debugging.
It allows to look at the program registers, phone memory, processes, and change the data.
At memory address 0x60000148 the value stored is 0x0000001E , which means that
PlatSecEnforcement is ON
So, change it from 0x0000001E to 0x00000010 and you get all the permissions !

4) The tools:
You need a Nokia phone using Symbian 9 .
You also need some way to connect it to a PC, for example USB or bluetooth. Infrared is not valid.
Next step is the MetroTRK.
If you have CodeWarrior, it is the preferred solution. If not, I made a Python program to emulate it.
If you have IDA-disassembler a a ROM dump, then you can investigate in case it doesn't work.

5) The phone:
I have tested with Nokia-N80. I suppose it works with any phone using S60v3.
The changes I make are only in memory. This means that when the phone is switched-off, the hack dissapears.
You need to run it again after a restart. I know this is a limitation, but a permanent solution will come later.
On he other hand, this is good: there is (almost) no risk on permanently breaking your phone.
Of course, do it under your own risk. I take no responsability

6) The connection:
I use a USB cable labelled CA-42 which is a simple data cable; no fancy stuff.
Connect the phone to the PC.
The phone asks the mode you want to use: 'PC Suite'
My operating system is Windows-XP and my PC detects automatically the driver, installing
something called 'Nokia N80 USB modem'.
If not, drivers are available in many places, for example
http://www.nodevice.es/driver/CA-42/get37496.html
If you have PC-Suite, you probably have the driver already. But remember that you need to disable in the PC: stop the program.
At this point, you probably have a new serial port:
Control Panel->System->Hardware->Device Manager->Ports
should show
'Nokia N80 USB (COM6)'
It might happen that you have both COM6 and COM7 . You will need to try both.

7) The MetroTRK:
This is a debugger that installs in the phone. It has powerfull permissions and a strong certificate, which allows to read/write memory.
Transfer the file s60_3_0_app_trk_2_7.sisx into your mobile, and install it.
You should see a new application called 'TRK'.
Run it.
By default it tries to use BlueTooth, so it might give an error because no available ports.
Options->Settings->Connection=USB
Options->Settings->Port=1
Options->Settings->Baud Rate=115200
Options->Connect should tell:
Welcome to TRK for Symbian OS
Status: Connected
PDD: NONE
LDD: EUSBC
CSY: ECACM
Port Number: 1
Baud rate: 115200

This is the most difficult step.
If you get
'Failed to open port.Error Code: -21'
this means that your PC is not talking to the mobile. This is the case when the driver is not installed.

7.1) You need another program called HelloCarbide . It is a simple example. Install it in c:
You also need to transfer HelloCarbide.exe directly under c:\HelloCarbide.exe using any FileBrowser, ex: SExplorer

The hacker:
If you have CodeWarrior, go to 8.2 . If not, go to 8.1
8.1) I made a program called hack_perms_s60v3.py
It is written in pyhton, so you need Python25 from www.python.org
It uses the serial port, so you also need pyserial (http://sourceforge.net/projects/pyserial)
and probably pywin32 (http://sourceforge.net/projects/pywin32)
Download the binaries and execute them. As simple as that.

My program uses COM6 at line
ser = serial.Serial(5)
If you have another port, change this number. COM6 = port 5

Run my program by typing
hack_perms_s60v3.py

It logs a lot of information. In case of problems, investigate. I _might_ try to help.

If you get
serial.serialutil.SerialException: could not open port: ... The system cannot find the file specified.
this means that the port doesn' exist.

If you get
serial.serialutil.SerialException: could not open port: ... The process cannot access the file because it is being used by another process.
this means that there is another program using the port. Most probably you are trying COM7 instead of COM6.

If it hangs after
sendFrame=00
sendFrame=FF
sendFrame=7E
this means that MetroTRK is not running in the mobile.

If everything goes OK, it takes 40 seconds and the last line are:
Close
End+Exit

Look at the trace: you should see 2 lines like:
Read Memory 60000148=1E 00 00 00
candidate!!!

This is good. It means that it found the correct address and patched it.

8.2) If you have CodeWarrior and know how to use it, it is better.
Load any program you have (HelloWorld.mmp is perfect) and start a mobile debugging session:
The target should be GCCE UDEB .
In its settings->Remote Debugging->Connection = Symbian Metro TRK
Same window->Edit Connection->Connection Type=Serial ; Port = COM6
Same window->Remote dowload path = c:\
settings->Remote Download-> Remove any file here
Remember that, because of security, applications can't be downloaded into c:\sys\bin , so they
need to be installed before. I do this manually.
See:
http://www.mobilenme.com/content/view/41/26/
http://mikie.iki.fi/wordpress/?p=33#comment-6299
http://www.newlc.com/topic-5398
http://discussion.forum.nokia.com/fo...ad.php?t=72632
http://discussion.forum.nokia.com/fo...ad.php?t=80807

Now, start debugging the program.
You should see the 'Metro TRK Communication Log' with lots of information.
Break the program.
Select the stack.
Menu->Data->View Memory . Ignore the error
Display 0x60000000
Look at 0x60000148. Probably has value 0x1E
Double-click, and type 0x10. Hit enter.
Run program.
Close Thread window. Resume.

9) Advanced:
If you have IDA-disassembler and a ROM dump, you can see the actual code.
This is a heavy task, but the main file is ekern.exe
You can get a full Dump using this Symbian code:
RFs fileSession;
fileSession.Connect();

RFile file;
file.Replace(fileSession, _L("e:\\F8000000.bin"), EFileWrite);

TBuf8<0x200> buf;

TUint8 *p =(TUint8*)0xF8000000; // (TUint8*)0xF8000000;
TUint8 *pEnd = (TUint8*)0xFA000000; // (TUint8*)0xFA000000;
TUint8 iVal = 0;
for(;p < pEnd;p++)
{
iVal = *p;
buf.Append(iVal);

if(buf.Length() == buf.MaxLength())
{
file.Write(buf);
buf.Zero();
}
}

file.Close();
fileSession.Close();
And then extract files using ROMTools from Syminternals. If you can't get it, I can provide it.
To use IDA, get the Symbian SDK, and process through ROMTools . Name the routines and study the disassembled code.

10) Test:
Start any application which needs pivileges. I tried SExplorer and TrueExplorer, and I was able to
browse c:\sys , although:
10.1) SExplorer can not access Z:\sys
10.2) TrueExplorer can not find files under c:\sys\bin



It works in Nokia-80, and I expect to work also in other models.

Threads merged ... The description with attachment will have the priority, too. So, no need to lock it. Just merged with the original thread... All the other off-topics deleted...

this is amazing... very interesting read - thanks for sharing.

isn't this a very dangerous process and might permanently damage my phone and wont be replaced by warranty?

no its not dangerous at all ... there is no fw patching involved

tho FCA00000 doesnt take any responsibility for anydamage it might make .. as he wrote

trust me its very easy and very safe

Nice trick ...but very complicated as well for new bees.

i have personally tried his method on my n80ie .. and it worked perfectly i opened the sys folders using xplore .

and also mr.NIGHTSHIFT made a colored oplogo for me .. that i copied to the private folder without any patching to the fw .. thanks alot to him and to FCA00000 for there great helps ...

ps: this method will work until u restart ur phone .. then u will have to do it all over again (takes like 10 secs) :D
pps:this method appears not to be working on fp1 and fp2 devices yet .. like (n95 , n82 ,etc....)

here are some pics from my n80

The coloured logo in ur post, is this a transparent coloured logo or is it specifically meant for this theme...

It grat news for everbody.
Thanks for giving it for us.
Make hack your phones!

i have personally tried his method on my n80ie .. and it worked perfectly i opened the sys folders using xplore .

and also mr.NIGHTSHIFT made a colored oplogo for me .. that i copied to the private folder without any patching to the fw .. thanks alot to him and to FCA00000 for there great helps ...

ps: this method will work until u restart ur phone .. then u will have to do it all over again (takes like 10 secs) :D
pps:this method appears not to be working on fp1 and fp2 devices yet .. like (n95 , n82 ,etc....)

here are some pics from my n80

Yo.. could u share on how to make the color oplogo? could you explain what is the content of /private etc...

regards,

Yo.. could u share on how to make the color oplogo? could you explain what is the content of /private etc...

regards,

:excited:
Yes! We want an instruction how make the color logo easily.
Please :ashamed:

I gave instructions some time ago:
Hi people!

Tired of the black and white operator logo?
So here is the long awaited solution to use a colored op logo on S60V3

http://i22.tinypic.com/mueter.jpg

the op logo lies in
C:\PRIVATE\10000850\Logo_262_3_OTA.mbm
the marked part is different for every provider u use. it's the MCC/NMC provider code.

-So all you have to do is create a *.mbm file.
The bitmap inside the mbm must be 128x32px!
U could use the mbmwizard or the mbmtool by the famous Z-Team!
-Name it just like above but check your provider code.

I didn't try other file types, yet. And I did not try to make a transparent op logo.

Try and post your results.

Have fun.

My old Thread is located here: http://www.ipmart-forum.com/showthread.php?t=200441

please,when you create a hacked firmware,share it on forum!!

It's absolutly not possible to create a hacked FW!
The aikon security policy is very strong.
Think of the certs.

Maybe one day they will go back to "not-that-strong-security" like it was in SX1-Times.

It's so sad, that we can't do with our purchased devices what we wanna do!
I wanna control everything on my device!

I'm sure nokia will see what they did when the first G-Phone is out.

mr nighshift made that logo for me and it is not transparent .. its on a black background

check his thread to know how to make them

Nice trick ...but very complicated as well for new bees.

not at all .. i just did it all in less than 20 minutes man ...

if there are any queries please ask maybe i can help ..

Yo Bob :P

You should add to your first post, that this trick only works for pre FP1 devices like N80 or N73 etc.

We must wait what will be with FP1 and FP2 devices like N82, N95 or N78

ok NS .. info added ;)

for people who want to change the com port settings (this tuto was made with com6 on mind)

here is what u do .. first open python select file>open>browse for the (hack_perms_s60v3.py) u have downloaded earlier ..

a new window will open for that module .. now in that new window press cntrl+f to open the find window and type (com6) .. it will direct u the part in the script where the com port settings is present .. (look at the pic attached)


now here is what u do ... if for example ur device is on com 4 then u change the number on the com(right arrow) to "4" .. AND then change the number between the brackets(left arrow) to "3" ..

if ur com was 7 then make com 7 and ser 6 etc .etc u get the idea .

cheers, hope this helps

and please no pms

SO, does it mean that I can now use Advance Device Lock on my n73 without signing It ??? somebody plz reply me. I am dieing to use this application on my n73ME, but cannot sign it!!

thnx.

Hmmm.... maybe.... you need to try it this way:

extract your unsigned sis (with sisware or unsis)
and then copy the extracted files to their place on your phone....

Just try and post results ;)

//EDIT:
I'm not sure about the hash file....
Didn't try anything like this....

With such behavior you open doors for viruses!

Yeeeeaaah :D it works great :D :ilove:

REP+ for u basem :) Really grate share :)

alrigt . . Some success stories finaly . Ur welcome mate thanks for the rep . And of course all respect goes to the creator FCA00000

thats bul*crap doesnt work with N95 8GB

It works only with OS 9.1... u should read topic more carefully. It works great on my N73


Edit. I dunno what happened, but it doesnt work for me anymore. I can no longer acces sys... :afraid: Is it because i've uninstalled those apps from my phone?


Edit2. I've patched by Python again, and it works for now... hope it'll work permanently if i won't uninstall those apps...

Edit3. Doesnt work again... I have no idea, what to do to make it work all time...

Actually I'm use the Symbaali way. It permit me to install unsigned Sises with unprotected range UIDs, but not the ones who began with 0x2xxxxxxx.
Is this method allow installing sis with protected UIDs ?
If no this suxx...

EDIT: I've tested it. It suxx. Like symbaali, cannot install sis files with protected UID. So not the solution to new SymbianSigned restrictions.

If it works for sisx file how about sis file?

the hack only work until u restart ur phone dude . Then u have to apply it again . And about that signed thing it was just a theory and u proved it wrong so thanks mate

So currently the only use of this seems to be able to change the operator logo without a firmware patch, which is pretty useless, considering the fact that you need to do this everytime you restart your phone.

Well, it's not that useless... for some people.
As far as I'm concerned I have an allfile filemanager working on my N73.
And that permanent.
That is really usefull.

thread moved to the correct section... i have tired that hack myself a few weeks ago and still no luck.... and i believe this has been posted here before...

http://www.ipmart-forum.com/showthread.php?t=234328

hi
try to do this and i get error when i try to run "hack_perms_s60v3.py"
Traceback (most recent call last):
File "D:\hack_perms_s60v3\hack_perms_s60v3.py", line 9, in <module>
import serial
ImportError: No module named serial

please help
thanks

So currently the only use of this seems to be able to change the operator logo without a firmware patch, which is pretty useless, considering the fact that you need to do this everytime you restart your phone.

whats useless to u .. might be usefull to someone else ..

and the oplogo stays after the restart ..

so please say something usefull or dont say anything at all


thanks

hi
try to do this and i get error when i try to run "hack_perms_s60v3.py"
Traceback (most recent call last):
File "D:\hack_perms_s60v3\hack_perms_s60v3.py", line 9, in <module>
import serial
ImportError: No module named serial

please help
thanks

make sure you have this installed http://sourceforge.net/projects/pyserial and you have specified the correct serial port

yes it seems like python cant talk with ur ports . Install the pyserial and follow the tuto . And read my reply about how to change the com settings in the module

What more interesting ideas except colored oplogo u've got about this trick? :]

well removing protection will allow in the future(near future i hope) ..

to mod ur firmware to add more capabillities or make a cutomized firmware with ur own apps .. u can remove the clutter apps .. u can do a million things ..

if u ever had a siemens sx1 u would understand what modding of fw can do .. it can turn ur phone into a whole new thing ..

and this man FCA00000 was one of the major programers in that process so i would think he knows what he is doing ..

so just sit tight and wait for it

cheers .. :)

Unlucky n73 is my 1st phone on symbian, so i lost a lot o nice things in history of symbian... but i hope there are many interesting things in the future, which will change appearance of our phones :)

Can i ask u, which part of wallpaper do i have to take for background of colored oplogo? 134x34 from 88,2 ? (u should know what i mean :P )

FCA00000 is trying to break in the fp1 devices .. am just updating u with the latest news

in reply #2 there is the new fp1 files ( the py module and the trk for fp1)
install that trk to ur phone and run it .. connect it and then apply the py module

let me know whats the results

ps: (this is only a trial ... if it doesnt work then maybe wait for a newer release) .. i hear someone had a success with an n95


cheers

FCA00000 is trying to break in the fp1 devices .. am just updating u with the latest news

in reply #2 there is the new fp1 files ( the py module and the trk for fp1)
install that trk to ur phone and run it .. connect it and then apply the py module

let me know whats the results

ps: (this is only a trial ... if it doesnt work then maybe wait for a newer release) .. i hear someone had a success with an n95


cheers

and he did it

Download
Code:
http://FCA00000.googlepages.com/hack_perms_s60v3.rar
http://FCA00000.googlepages.com/s60_3_1_app_trk_2_7.sisx
http://FCA00000.googlepages.com/hack_perms_s60v3_FP1.py
Follow instructions from hack_perms_s60v3.txt
but use s60_3_1_app_trk_2_7.sisx instead of s60_3_0_app_trk_2_7.sisx
and hack_perms_s60v3_FP1.py instead of hack_perms_s60v3.py

in hack_perms_s60v3_FP1.py , adjust
ser = serial.Serial(5)

Usually the most difficult step is connecting the PC to the phone, so follow steps 6) and 7) carefully.


confirmed and working on N73,N80,N95,5700 (n82 not yet at time posting this)

@Dansco: it is ok like this? be happy it's working now

@kays i already posted those files on my reply #2(even the updated 2.85 of trk ;) ) for easier access .. and thanks alot for ur kind confirm rep+ to u dude ..

and @wojtaliban sorry man i cant help u with that .. u can ask "Mr.Nightshift "
@ this thread http://www.ipmart-forum.com/showthread.php?t=200441

I just hack my N95 firmware v.20.0.015 and it's great to have permission to all folders LASTLY!!!:dance::dance::dance:
I must say, big thanx and rep. +++ to Kays & bAsem!!! :)

nice . . Now confirmed on n95 . . Great news . And rep to u mr.jarbamare for the screenies

not working on N95 8GB :(

Mm . Well maybe the n95 8gb is like the n82 (different coding) . Or maybe u missed a step or something . . Recheck ur steps and update us

i did all the steps correctly .... i have been testing that code since day one.. ;)

well then mr.papadocta . If there are any updates i will post here

thanks mr. bAsem :D

well then mr.papadocta . If there are any updates i will post here


Dear bAsem

Can u make tutorial about this how to do it with screen shot:dance2: ? I read it many time but not success do i miss s.th ? do i need to have c++ app in pc or not ? i wanna rock like u men :excited:

thanks u :friends:

Wow.. so it can be done on N95? great! Thanks for ur confirmation jarbamare.
Also to mr bAsem for sharing info here.

just wondering, new fw v21.0.0.16 for N95 is now available via NSU, is it possible to hack this fw also if i upgrade?

Good work, thanks.

finally got it working and it indeed woks in N95-2 (8GB)

the problem was with vista... i used windows xp and worked fine Wink

i have been trying all day with vista and no luck there was an error when i first tried to run in vista about indentation or something like that and when i fixed that error still got all -1 but when i switched to xp sp2 worked fine and i'm using trk ver 2.8.5.. so people with vista try xp and it will work ...
cheers

congratz to u mr.papadocta am happy for ya dude . And about that tuto maybe i will make one if i have time . Got exams till monday

شكرا bAsem
thanks bAsem if i have the time as well i will do a clean tutorial as well... it's very simple :D

omg u speak arabic :D

where r u from dude !!

finally got it working and it indeed woks in N95-2 (8GB) ........
Hehe, now we can enjoy in our phones without any limits or OS restrictions!
FExplorer S60v3 now can open "private" and "sys" folders like on screenshots:

very good news .. and it would seem like nightshift got it working on his n82 by using the old trk file .. mabe n82 users can try to use the trk in here : http://fca00000.googlepages.com/s60_3_1_app_trk_2_7.sisx

cheers

if we can only edit the swipolicy.ini then it would be great... cuz then you will be able to install any file without signing :D

But we have to "unlock" our phones every reboot? Is there something to make it work permanently?

wojtaliban not yet.. but something is better than nothing ;)

i have problem whit n82

i have uploaded image's error

http://img507.imageshack.us/img507/2897/46739646td3.th.png (http://img507.imageshack.us/my.php?image=46739646td3.png)
http://img507.imageshack.us/img507/5949/59966860ov8.th.jpg (http://img507.imageshack.us/my.php?image=59966860ov8.jpg)
http://img515.imageshack.us/img515/7889/99285194px4.th.jpg (http://img515.imageshack.us/my.php?image=99285194px4.jpg)


the com port is 6
i've have installed hello carbide
next i have copied hellocarbide.exe to C: on the phone
when i tipe the string appear this error:
http://img166.imageshack.us/img166/6473/93599349nk5.jpg

instead when i double click on the script receive the error on the three previous images

please help me

Did u set COM ports properly? (in script)

and u have to run TRK app in phone before u start script...

the com port is 6 and on the script i have set ser= serial.Serial (5)

right??

yes ur right . Well which trk did u use . Go back to my 2nd reply and download the proper one then install it and run it on the phone before applying the patch . Let us know

The proper COM port you can see in the Device Manager:

http://img229.imageshack.us/img229/8886/properportti3.jpg

as you can see on the picture, my PC use for USB cable COM port -> 15, so i just edit in the hack_perms_s60v3_FP1.py next string:
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::::::
# This is the port minus 1. If you have COM4, then use Serial(3)
ser = serial.Serial(14) # I have COM15
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::::::

>I hope, this will help to all you ... ;)

which os r u using .. ?? looks like a mac lol .. is it pimped out xp

for N95-2 and N82 use this FP1.zip file (bAsem why did you remove that attachment? ) and it should work without install carbide.sis or anything else.. just the trk.sis

edit

here i attached the file again... and this is for N95-2 and N82

Btw. what is the use of the HelloCarbide.sis? I install this app. on phone memory, and ...?!?
Beside that, there is one more usefull picture info for everybody:

i updated the files to have the carbides for easier access .... sorry reuploaded now

i think the carbide is used to collect the contents of the ekern folder or so .. like a dumping application

it does bAsem but if you read in the python script file
" History: 2008.03.12 v0.2 Doesn't need to run HelloCarbide.exe because now uses the ekern thread.
# Also includes an example to dump memory into a file
# Also tries to read memory using DS_MSG_MEMORY_PROTECTED+DS_MSG_MEMORY_SEGMENTED . With and without a process. Let's see if it works"

so it means we don't need HelloCarbide.exe :D but it won't harm if we have it there

Basem, thank you very much !!! reputation added !!!
and thank you also to all the other people testing this hack !!!


to resume, the hack only work until the next reboot, and it allows to install without signing, am I right ?
And changing operator logo will work permanently ???

thanks again.

waxzus yes the hack will work until you reboot then you have to do it again... (not a big deal) and no it won't allow you to install unsigned files.. but you can try and extract them and install them manually.. and as for the op logo it should be permanent ;)

well waxzus thanks for the rep .. and did it work for ya .. what kinda phone do u have ..

@papadocta .. lol dude ur fast u beat me to it

thanks !
I have a N95 8Gb, I will do the trick this week end !
PapaDocta, I don't understand "no it won't allow you to install unsigned files.. but you can try and extract them and install them manually.", what do you want to say by "install them manually" ?

Recently, I tried to modify the UID of a .sis application (changing a protected UID to an unprotected UID) by extracting the internal files and changing the UID in the files .exe or .dll, I managed to change the CRC, etc, and I managed to sign with Symbian Open Sign Online. Then, installing the application works perfectly but the application doesn't start :-(
Do you have some idea why it doesn't work ?

Hallo,
Where i can a download pythonwin?

Hallo,
Where i can a download pythonwin?

please read the posts carefully before posting

Here(all needed PC files):
- PythonWin from (hxxp://www.python.org)
- pyserial (hxxp://sourceforge.net/projects/pyserial)
- pywin32 (hxxp://sourceforge.net/projects/pywin32)

btw. this is writen on the page 1 of this thread and sevent33 don't be lazy to read FIRST PAGE for example!

thanks !
I have a N95 8Gb, I will do the trick this week end !
PapaDocta, I don't understand "no it won't allow you to install unsigned files.. but you can try and extract them and install them manually.", what do you want to say by "install them manually" ?

Recently, I tried to modify the UID of a .sis application (changing a protected UID to an unprotected UID) by extracting the internal files and changing the UID in the files .exe or .dll, I managed to change the CRC, etc, and I managed to sign with Symbian Open Sign Online. Then, installing the application works perfectly but the application doesn't start :-(
Do you have some idea why it doesn't work ?


You need to make hash and put it to C:/sys/hash. Hash consists of last four bytes of SHA1 hash, which you can get here:
http://beeblebrox.org/hashtab/

Test it first on something, where you have already made hash by system :)

This tutorial permits to see hidden folders on your s60 3rd Edition, it is not mine, i'm simply going to report here on ipmart as i searched for it but it was not posted, so if it has already been posted, please mods delete this thread and sorry:

Original tutorial posted here:
http://finestfones.blogspot.com/2008/03/symbian-92-has-been-hacked.htmlWHAT DOES THIS HACK ALLOW ME TO DO?

It will allow you to install UNSIGNED applications. It will allow you to give applications FULL permissions. Basically, it will give you FREEDOM.

OK, let's go, you need to download and install these files:

Download ActivePython http://downloads.activestate.com/ActivePython/windows/2.5/ActivePython-2.5.1.1-win32-x86.msi, install it.

Download and install PySerial from http://sourceforge.net/project/downloading.php?groupname=pyserial&filename=pyserial-2.2.win32.exe&use_mirror=dfn.

Download and install AppTRK (to your phone) http://fca00000.googlepages.com/s60_3_1_app_trk_2_7.sisxDownload Hack Perms http://fca00000.googlepages.com/hack_perms_s60v3_FP1.pyCLICK THE IMAGES FOR A LARGER SIZE!

Let's get to business:

Connect your phone to your PC via USB in PC Suite mode.

Go to Control Panel>System>Hardware>Device Manager>Ports OR in Windows Vista it's Control Panel>Hardware and Sound>Device Manager>Ports.
http://bp3.blogger.com/_RxgV15GN4wg/R-rmt0D0fpI/AAAAAAAAAEs/2piIZJUh2t8/s320/ports1.jpg (http://bp3.blogger.com/_RxgV15GN4wg/R-rmt0D0fpI/AAAAAAAAAEs/2piIZJUh2t8/s1600-h/ports1.jpg)
Once you're there, look for your phone, in my case it's called 'Nokia GSM Phone USB (COM3)'. Make a note of the number after COM, you'll need it later.

Open AppTRK on your phone and press cancel when it trys to connect via bluetooth. Go to options>settings>connection and change it to USB. Go back and press options then connect. This is what you should see:
http://farm4.static.flickr.com/3115/2364467779_18a5e760f5.jpg?v=0 (http://farm4.static.flickr.com/3115/2364467779_18a5e760f5.jpg?v=0)


Now open up the Hack Perm python file in notepad on your PC, press CTRL+F on your PC and search for "ser =" (Without quotation marks, of course). Once you're there change the 5 that's in the brackets to the 1 less than the number that followed COM in the step above.
http://bp0.blogger.com/_RxgV15GN4wg/R-rm5ED0fqI/AAAAAAAAAE0/WleUK3t5s8U/s320/ports2.jpg (http://bp0.blogger.com/_RxgV15GN4wg/R-rm5ED0fqI/AAAAAAAAAE0/WleUK3t5s8U/s1600-h/ports2.jpg)
For example, if your number was 7, you would change the number in the brackets to 6 and if your number was 5, you would change the number in the brackets to 4. Once you've done that, save the python file (JUST SAVE, NOT SAVE AS).

Once you have done this, just double click the Hack Perms file and wait for about 5 seconds, during this time, you should see this, notice the "!!!!!!!!!!!candidate!!!!!!!!!!!", this shows you've been successful:

http://bp1.blogger.com/_RxgV15GN4wg/R-rnLUD0frI/AAAAAAAAAE8/iV7_2gG9kyE/s320/port3.jpg (http://bp1.blogger.com/_RxgV15GN4wg/R-rnLUD0frI/AAAAAAAAAE8/iV7_2gG9kyE/s1600-h/port3.jpg)



DONE!

Things to note:

1)I will not be held responsible for anything happening to your phone. Nothing bad should happen anyway.

2)This hack is temporary, upon rebooting your phone, you will have to run the python script from yor computer again. FCA00000 says he's got something in the works that should make this hack permanent.

3)This hack has been confirmed on the N95, N95 8GB, N82 and some others. If you perform this hack, please tell me your phone model.



EDIT: mods can be made permanent for X-Plore thanks to Disable post :

And bonus from me:)
Install X-plore and Modo to C:\ drive, and replace files in sys folder with mine and you get full acces modo and self-acces x-plore after reboot:)

NOTE: all credits to FCA00000 and to the other guys that worked hard for make this easy to do for all people ;)

Hello... sorry for my bad english...

my cell is n82 and i have problem with script pyton.

>>> Traceback (most recent call last):
File "C:\Python25\Lib\site-packages\pythonwin\pywin\framework\scriptutils.py", line 310, in RunScript
exec codeObject in __main__.__dict__
File "K:\n82\n82 hack\hack_perms_s60v3_FP1.py", line 19, in <module>
import serial
ImportError: No module named serial
>>>

Use PythonWin 2.5.2 and set correctly my port
# This is the port minus 1. If you have COM4, then use Serial(3)
ser = serial.Serial(10) # I have COM11
ser.timeout = 1 #required so that the reader thread can exit

I used:
s60_3_1_app_trk_2_7
s60_3_1_app_trk_2_7 Alternative for n82
s60_3_1_app_trk_2_8_5

but it responds always:
File "K:\n82\n82 hack\hack_perms_s60v3_FP1.py", line 19, in <module>
import serial
ImportError: No module named serial

If I cut line 19 it responds:
>>> Traceback (most recent call last):
File "C:\Python25\Lib\site-packages\pythonwin\pywin\framework\scriptutils.py", line 310, in RunScript
exec codeObject in __main__.__dict__
File "K:\n82\n82 hack\hack_perms_s60v3_FP1.py", line 324, in <module>
ser = serial.Serial(10) # I have COM11
NameError: name 'serial' is not defined
>>>

Can Someone help me??

Thk in advanced

P.S. all version of TRK apparently work right on my cell

this tutorial is only for FP1?

And bonus from me:)
Install X-plore and Modo to C:\ drive, and replace files in sys folder with mine and you get full acces modo and self-acces x-plore after reboot:)

great Disabled thanks!!! :D

@xone: i tested it on n95 8gb and n81, i read about people using it on n80, so not only fp1 i think :)

great tuttorial pasco thanks for this :)

Thx for Info and share. Rep added to P@sco and Disabled.

did you install pyserial (hxxp://sourceforge.net/projects/pyserial)?

great Disabled thanks!!! :D

@xone: i tested it on n95 8gb and n81, i read about people using it on n80, so not only fp1 i think :)

awesome :)

and if you already tested it can you copy N95 8GB original themes? :)

tested on n91 the apptrck doesnt connect :(

Yes i've install pyserial 2.2...

I'll try to download again

Thk for your help

Also working on N95 v21.

Thanks a lot mate! Working great on N95-1. :)

THANKS :LoL:!!!

Also working on N95 v21.
It's great to know that. Now i can update my phone and take this method ... Thanx for info, rep +++!;)

jarbamare jus press the report button if have any issues.. mod team will look into the matter...
Thanx mate, i have just did!;)
I don't like people who take other members credits, because that i'm angry!

These instructions looks much more clearer to me. :dance:

Connect your phone to your PC via USB in PC Suite mode.

Go to Control Panel>System>Hardware>Device Manager>Ports OR in Windows Vista it's Control Panel>Hardware and Sound>Device Manager>Ports.
http://bp3.blogger.com/_RxgV15GN4wg/R-rmt0D0fpI/AAAAAAAAAEs/2piIZJUh2t8/s320/ports1.jpg (http://bp3.blogger.com/_RxgV15GN4wg/R-rmt0D0fpI/AAAAAAAAAEs/2piIZJUh2t8/s1600-h/ports1.jpg)
Once you're there, look for your phone, in my case it's called 'Nokia GSM Phone USB (COM3)'. Make a note of the number after COM, you'll need it later.


If there is NO any number, and just Nokia N95 8GB USB, just right click it, Properties / Port Settings / Advanced - and there is the number of your Com port :)

THIS TUTORIAL IS MUCH BETTER, than the first one, please DON'T delete it!

anyone is able to copy original themes from N85-2, please?

can sum1 hack the latest y-browser to use with this hack after we reboot? Thanx

Gret tutorial p@sco. So repute you

And bonus from me:)
Install X-plore and Modo to C:\ drive, and replace files in sys folder with mine and you get full acces modo and self-acces x-plore after reboot:)

How I can replace files on my pc I can't :( I need acces to sys but how ?? help plz!

working like hell on my N95 8GB, after reboot, unsigned apps cant be installed. after doing this again, i can again install unsigned apps :) YAY NO OPENSIGNED ANYMORE!!!

Thanx mate, i have just did!;)
I don't like people who take other members credits, because that i'm angry!

i'm really sorry mate, i searched for the AppTRK but there was no result on the search box, so i posted it here... :(

btw, the old tutorial was for expert people, and i'm not, i think this one with just few steps is simpler... :)

best regards

amazing! and very easy to follow!... I cant wait when the permanent solution comes out :D

can i do this to my n73?

I've reinstalled pyserial... all OK

It work on N82 with:
hack_perms_s60v3_FP1 and s60_3_1_app_trk_2_8_5

You are great

P.S. I can't see on N82 Logo_XXX_X_OTA.mbm
my folder C:\PRIVATE\10000850\ is empty :confused:
so i can't change my logo operator
:ilove:

Best regards

that was a great tutorial.can you elaborate a bit more about the outcome?rep added+++









***rep added to JARBAMARE ,too.+++

How can I replace this sys files to my phone ?? any solution
and I can't install unsigned apps :( help please!

working like hell on my N95 8GB, after reboot, unsigned apps cant be installed. after doing this again, i can again install unsigned apps :) YAY NO OPENSIGNED ANYMORE!!!So you are able to install unsigned applications without doing any additional things? Just hack and install unsigned app, is it correct?

thread moved to the correct section

I don't think that he can install unsigned apps. I "hacked" my phone and I have permisson to sys folder, but only that.

I confirm it works on N95 firmware 21 that was released yesterday.

i have access to system folders on c but i cant install unsigned apps.see the screenshots from my N95.

i ll try the trick with xplore in a while..

thanks for that.

bummer :(
so this means that we are still unable to sign apps without the cert? *SIGH*

cheers mate rep added to both to you

I wonder if you're able to get the n95 8gb themes to share with us. If yes then that would be great.

Also i wonder if this will be the beginning of hacking n-gage games as some unknown files are installed to the system folder on the phone memory. Interesting if we could

Can I do this trick for my N73 ME ?
Thx b4

working like hell on my N95 8GB, after reboot, unsigned apps cant be installed. after doing this again, i can again install unsigned apps :) YAY NO OPENSIGNED ANYMORE!!!

You mean you make the trick two times ?

it doesn't work in N73 ME

@ALL:
This hack still WON'T allow u to install unsigned apps!!
BUT.. u can extract the unsigned sis file then u can copy it one by one to the respective folder in ur phone or card. It shud work.. 90% chance.
Try and post here the result! :D

Will it lose my warranty by doing this? Something like changing the product code...? Will the people from Nokia Service Point know? And one more thing which is i heard from somewhere that if the c drive had been hack,N-Gage's COTD cannot be play,is that true?

no u just create an oplogo and copy it to that folder then restart ur phone

it will be there after u restart

And bonus from me:)
Install X-plore and Modo to C:\ drive, and replace files in sys folder with mine and you get full acces modo and self-acces x-plore after reboot:)


what do you mean with "self -acces" with x-plore?

no u just create an oplogo and copy it to that folder then restart ur phone

it will be there after u restart

:prayer::prayer::prayer:

I'm ashamed for my english

thanks a lot

has anyone ran the following test.

1. install an app without cert. with temporary superuser access, reboot ? does the app still run?

2. if 1 is good, then install the full manuf. capab. version of active file while having the temporary su access, when you reboot can you still see the entire C drive?

thanks..

a little more on what modo does. would be appreciated. thanks

It works on my N95 8GB!!!
This is awesome!
Reminds me of the old s60v1/2 days when you could look at whatever folders or files you wished no matter where they were on your phone.
Now all we need is FCA00000 to make this solution permanent for our phones :)

Can't Rep+ you p@sco but u deserve it for showing us this awesome trick!

@ALL:
This hack still WON'T allow u to install unsigned apps!!
BUT.. u can extract the unsigned sis file then u can copy it one by one to the respective folder in ur phone or card. It shud work.. 90% chance.
Try and post here the result! :D

still doesnt work!
its already discussed from these morning on symbianfreak, reading seems that you have to build a right hash file. Well thats what i've understood,but i suggest you to take a look at the latest 5-6 pages of that discussion

Yes Thompson, Im reading it.. ;)
We wud also need to edit the hash n bin file using petran apps.. get it here: hxxp://www.woodmann.com/collaborative/tools/index~php/PETRAN

:prayer::prayer::prayer:

I'm ashamed for my english

thanks a lot

lol .. np and ur english is very good :)

Works on the E51 ;)

Doesn't allow to install unsigned apps but x-plore has access to the sys and private catalogs ;)


rep added


br

blesio

xplore hasnt access after restart to be.i did all said on post 3.this worked with you?

After deep consideration we decided tis thread shud b merged with previous thread by BaSem bcos basically tis is same method..

Sorry for inconvenience. Thread merged and stucked until further notice.. Thank you.. :)

xplore hasnt access after restart to be.i did all said on post 3.this worked with you?

Try Disabled's X-plore and Modo on page 9 before resetting,it worked for me{i used Pascoes tutorial}

After deep consideration we decided tis thread shud b merged with previous thread by BaSem bcos basically tis is same method..

Sorry for inconvenience. Thread merged and stucked until further notice.. Thank you.. :)

thank you mate, i'm sorry for the mistake, i searched for the AppTRK but i had no response from the search :(

Thanks all for appreciation, but all credits are for developers and creators of the app :)

ps:this hack will only work for pre fp1 phones like [the n80 and the n73] and confirmed to be working only on n95 and 5700 and (n95-8gb by mr.papadocta) AND (the n82 by mr.nightshift).. still no news on other fp1 or fp2
pps: there are some issues on running this hack on vista so use xp for a sure result ..
it is said that this hack wont work on nokia 5700...is thera any other solution for that?

X-Plore works fine after restart and has access to the sys and private folders ;)

You need to make hash and put it to C:/sys/hash. Hash consists of last four bytes of SHA1 hash, which you can get here:
http://beeblebrox.org/hashtab/

Test it first on something, where you have already made hash by system :)

can you be more precise please ?

Regarding the hardware hack, once it is done, is there something to do to be able to install unsigned applications ?
Moreover, what about the method consisting in changing a protected uid to an unprotected UID ? does it also work ???

Thanks in advance, and I would like to understand before playing with the firmware ! lol

Just for info, I already have a certificat for my phone, but I want to test the hack just for fun ! :D

the "Great News >> Now U Can Hack On Ur Own Phone" tuto is moved to the first page for better access ..


cheers

After deep consideration we decided tis thread shud b merged with previous thread by BaSem bcos basically tis is same method..

Sorry for inconvenience. Thread merged and stucked until further notice.. Thank you.. :)

no problem any help is appreciated .. tho it is a bit confusing now ..

all credits go to FCA00000 we are all only mesengers

cheers

hi

maybe you could write a howto - how to create the hash file ?! - i would like to add allfiles also for python itself !

ciao

And bonus from me:)
Install X-plore and Modo to C:\ drive, and replace files in sys folder with mine and you get full acces modo and self-acces x-plore after reboot:)

hi

maybe you could write a howto - how to create the hash file ?! - i would like to add allfiles also for python itself !

ciao

dude have u read my post .. there is no need for all that nooow .. read my previous post :O:O:O

hi

just for interest - i would like to know the hash thing ! tx for your effort - appreciate it ! works great on e90 7.40 !

with on-device hack - phone froze after try to copy ldd file to c: ! (xplorer - selected ldd - push 1 for copy and then some sec and freeze ! - reset via battery change ) (after i closed profiler)

after restart - i can not overwrite ldd file ! (did not start the profiler though ! ( i forgot to do the via-pc trick !) now it is ok !

ciao

Did u apply the pc patch before doing the phone one . Coz i used xplore and it didnt freeze mine . Just try again and let me know

If it's possible (sorry for the off top) for ppl with N82 or the N95 8GB to post here the z:\private\10207218 folder (with it's contents) and also z:\resource\skins folder with it's contents.

I can do the same with the E51 for original themes ;)

br

blesio

I have a tryed with n95 with this software
1 app trk
2 pythonwin
3 hack_perms_s60v3_FP1.py
4 pyserial-2.2.win32.exe
I get this message:
PythonWin 2.5.2 (r252:60911, Feb 21 2008, 13:11:45) [MSC v.1310 32 bit (Intel)] on win32.
Portions Copyright 1994-2006 Mark Hammond - see 'Help/About PythonWin' for further copyright information.
>>> Using port:
\\.\COM15
>Ping
sending message number 00
<kDSReplyACK
received message number 00
kDSReplyNoError
>Connect
sending message number 01
<kDSReplyACK
received message number 01
kDSReplyNoError
>Create Item
sending message number 02
<kDSReplyACK
received message number 02
kDSReplyOsError
ProcessID=-1-1 ThreadID=-1-1
>Read Memory 0x60000100
Read Memory at 60000100=60 00 01 00
sending message number 03
<kDSReplyNAK !!!!!!!!!!!!!!!!!!
received message number 03
kDSReplyPacketSizeError
Read Memory 60000100=-1 -1 -1 -1
Read Memory 60000104=-1 -1 -1 -1
Read Memory 60000108=-1 -1 -1 -1
Read Memory 6000010C=-1 -1 -1 -1
Read Memory 60000110=-1 -1 -1 -1
Read Memory 60000114=-1 -1 -1 -1
Read Memory 60000118=-1 -1 -1 -1
Read Memory 6000011C=-1 -1 -1 -1
Read Memory 60000120=-1 -1 -1 -1
Read Memory 60000124=-1 -1 -1 -1
Read Memory 60000128=-1 -1 -1 -1
Read Memory 6000012C=-1 -1 -1 -1
Read Memory 60000130=-1 -1 -1 -1
Read Memory 60000134=-1 -1 -1 -1
Read Memory 60000138=-1 -1 -1 -1
Read Memory 6000013C=-1 -1 -1 -1
Read Memory 60000140=-1 -1 -1 -1
Read Memory 60000144=-1 -1 -1 -1
Read Memory 60000148=-1 -1 -1 -1
Read Memory 6000014C=-1 -1 -1 -1
Read Memory 60000150=-1 -1 -1 -1
Read Memory 60000154=-1 -1 -1 -1
Read Memory 60000158=-1 -1 -1 -1
Read Memory 6000015C=-1 -1 -1 -1
Read Memory 60000160=-1 -1 -1 -1
Read Memory 60000164=-1 -1 -1 -1
Read Memory 60000168=-1 -1 -1 -1
Read Memory 6000016C=-1 -1 -1 -1
Read Memory 60000170=-1 -1 -1 -1
Read Memory 60000174=-1 -1 -1 -1
Read Memory 60000178=-1 -1 -1 -1
Read Memory 6000017C=-1 -1 -1 -1
Read Memory 60000180=-1 -1 -1 -1
Read Memory 60000184=-1 -1 -1 -1
Read Memory 60000188=-1 -1 -1 -1
Read Memory 6000018C=-1 -1 -1 -1
Read Memory 60000190=-1 -1 -1 -1
Read Memory 60000194=-1 -1 -1 -1
Read Memory 60000198=-1 -1 -1 -1
Read Memory 6000019C=-1 -1 -1 -1
Read Memory 600001A0=-1 -1 -1 -1
Read Memory 600001A4=-1 -1 -1 -1
Read Memory 600001A8=-1 -1 -1 -1
Read Memory 600001AC=-1 -1 -1 -1
Read Memory 600001B0=-1 -1 -1 -1
Read Memory 600001B4=-1 -1 -1 -1
Read Memory 600001B8=-1 -1 -1 -1
Read Memory 600001BC=-1 -1 -1 -1
Read Memory 600001C0=-1 -1 -1 -1
Read Memory 600001C4=-1 -1 -1 -1
Read Memory 600001C8=-1 -1 -1 -1
Read Memory 600001CC=-1 -1 -1 -1
Read Memory 600001D0=-1 -1 -1 -1
Read Memory 600001D4=-1 -1 -1 -1
Read Memory 600001D8=-1 -1 -1 -1
Read Memory 600001DC=-1 -1 -1 -1
Read Memory 600001E0=-1 -1 -1 -1
Read Memory 600001E4=-1 -1 -1 -1
Read Memory 600001E8=-1 -1 -1 -1
Read Memory 600001EC=-1 -1 -1 -1
Read Memory 600001F0=-1 -1 -1 -1
Read Memory 600001F4=-1 -1 -1 -1
Read Memory 600001F8=-1 -1 -1 -1
Read Memory 600001FC=-1 -1 -1 -1
>Stop
sending message number 04
<kDSReplyNAK !!!!!!!!!!!!!!!!!!
received message number 04
kDSReplyPacketSizeError
>Ack Notify Stopped
sending message number 02
>Disconnect
sending message number 05
<kDSReplyACK
received message number 05
kDSReplyNoError
>Close
>End+Exit
What i did wrong?

app track will not install on my n81 fw 11.0.0.45

first I set the clock back a yr. due to cert issues

then when I try to install it says cannot install install base package first..

this is the file I am trying to install

Directory of C:\zn81\hack

03/27/2008 08:52 AM 39,828 s60_3_1_app_trk_2_7.sisx

thanks in advance

never mind I was a douceback and installing wrong file..
I was trying to install aftrack.v1.1.s60v3.patch.cracked-xraipda.sis

will let you know if it works on a n81 in a few

looks good on an n81

ie

received message number 03
kDSReplyNoError
Read Memory C0000148=1E 00 00 00
!!!!!!!!!!!!!!!!!!!!!!!!!!!candidate!!!!!!!!!!!!!! !!!
>Write Memory C0000148
write Memory at C0000148=C0 00 01 48
sending message number 04
<kDSReplyACK
received message number 04
kDSReplyNoError
>Disconnect
sending message number 05
<kDSReplyACK
received message number 05
kDSReplyNoError
>Close
>End+Exit

fexplorer can see sys in c drive and I copied x-plore.exe in the has there but explore still will not see the sys folder do I have to register it first or something? Ok found it have to set configuration for it.. do we have a registration code for it??? on reboot success I can see all files even in sys on c: without reapplying hack with x-plore??? awesome... so N81 is a GO!!!!

:excited:

I have a tryed with n95 with this software
1 app trk
2 pythonwin
3 hack_perms_s60v3_FP1.py
4 pyserial-2.2.win32.exe
I get this message:
PythonWin 2.5.2 (r252:60911, Feb 21 2008, 13:11:45) [MSC v.1310 32 bit (Intel)] on win32.
Portions Copyright 1994-2006 Mark Hammond - see 'Help/About PythonWin' for further copyright information.
>>> Using port:
\\.\COM15
>Ping
sending message number 00
<kDSReplyACK
received message number 00
kDSReplyNoError
>Connect
sending message number 01
<kDSReplyACK
received message number 01
kDSReplyNoError
>Create Item
sending message number 02
<kDSReplyACK
received message number 02
kDSReplyOsError
ProcessID=-1-1 ThreadID=-1-1
>Read Memory 0x60000100
Read Memory at 60000100=60 00 01 00
sending message number 03
<kDSReplyNAK !!!!!!!!!!!!!!!!!!
received message number 03
kDSReplyPacketSizeError
Read Memory 60000100=-1 -1 -1 -1
Read Memory 60000104=-1 -1 -1 -1
Read Memory 60000108=-1 -1 -1 -1
Read Memory 6000010C=-1 -1 -1 -1
Read Memory 60000110=-1 -1 -1 -1
Read Memory 60000114=-1 -1 -1 -1
Read Memory 60000118=-1 -1 -1 -1
Read Memory 6000011C=-1 -1 -1 -1
Read Memory 60000120=-1 -1 -1 -1
Read Memory 60000124=-1 -1 -1 -1
Read Memory 60000128=-1 -1 -1 -1
Read Memory 6000012C=-1 -1 -1 -1
Read Memory 60000130=-1 -1 -1 -1
Read Memory 60000134=-1 -1 -1 -1
Read Memory 60000138=-1 -1 -1 -1
Read Memory 6000013C=-1 -1 -1 -1
Read Memory 60000140=-1 -1 -1 -1
Read Memory 60000144=-1 -1 -1 -1
Read Memory 60000148=-1 -1 -1 -1
Read Memory 6000014C=-1 -1 -1 -1
Read Memory 60000150=-1 -1 -1 -1
Read Memory 60000154=-1 -1 -1 -1
Read Memory 60000158=-1 -1 -1 -1
Read Memory 6000015C=-1 -1 -1 -1
Read Memory 60000160=-1 -1 -1 -1
Read Memory 60000164=-1 -1 -1 -1
Read Memory 60000168=-1 -1 -1 -1
Read Memory 6000016C=-1 -1 -1 -1
Read Memory 60000170=-1 -1 -1 -1
Read Memory 60000174=-1 -1 -1 -1
Read Memory 60000178=-1 -1 -1 -1
Read Memory 6000017C=-1 -1 -1 -1
Read Memory 60000180=-1 -1 -1 -1
Read Memory 60000184=-1 -1 -1 -1
Read Memory 60000188=-1 -1 -1 -1
Read Memory 6000018C=-1 -1 -1 -1
Read Memory 60000190=-1 -1 -1 -1
Read Memory 60000194=-1 -1 -1 -1
Read Memory 60000198=-1 -1 -1 -1
Read Memory 6000019C=-1 -1 -1 -1
Read Memory 600001A0=-1 -1 -1 -1
Read Memory 600001A4=-1 -1 -1 -1
Read Memory 600001A8=-1 -1 -1 -1
Read Memory 600001AC=-1 -1 -1 -1
Read Memory 600001B0=-1 -1 -1 -1
Read Memory 600001B4=-1 -1 -1 -1
Read Memory 600001B8=-1 -1 -1 -1
Read Memory 600001BC=-1 -1 -1 -1
Read Memory 600001C0=-1 -1 -1 -1
Read Memory 600001C4=-1 -1 -1 -1
Read Memory 600001C8=-1 -1 -1 -1
Read Memory 600001CC=-1 -1 -1 -1
Read Memory 600001D0=-1 -1 -1 -1
Read Memory 600001D4=-1 -1 -1 -1
Read Memory 600001D8=-1 -1 -1 -1
Read Memory 600001DC=-1 -1 -1 -1
Read Memory 600001E0=-1 -1 -1 -1
Read Memory 600001E4=-1 -1 -1 -1
Read Memory 600001E8=-1 -1 -1 -1
Read Memory 600001EC=-1 -1 -1 -1
Read Memory 600001F0=-1 -1 -1 -1
Read Memory 600001F4=-1 -1 -1 -1
Read Memory 600001F8=-1 -1 -1 -1
Read Memory 600001FC=-1 -1 -1 -1
>Stop
sending message number 04
<kDSReplyNAK !!!!!!!!!!!!!!!!!!
received message number 04
kDSReplyPacketSizeError
>Ack Notify Stopped
sending message number 02
>Disconnect
sending message number 05
<kDSReplyACK
received message number 05
kDSReplyNoError
>Close
>End+Exit
What i did wrong?

did u change the com and ser numbers in the py script . Read the posts carefully and try again :)

thanks for mr.nightshift for the link . and to FCA00000 for all his efforts all credits go to that great man ..

editt//
for fp1 he posted this info maybe u can try see if it works too ...

I've used S60_3_1_Prof_v1_62 normal file and SIZE but doesn't work on my N82 FP1 model

Thk for your work

If it's possible (sorry for the off top) for ppl with N82 to post here the z:\private\10207218 folder (with it's contents)

On my N82 there are:
AKNMEMORYCARDUI.R01
AKNMEMORYCARDUI.R02
AKNMEMORYCARDUI.R03
AKNMEMORYCARDUI.R05
AKNMEMORYCARDUI.R014
AKNMEMORYCARDUI.R018
backup_registration.xml

If it's possible (sorry for the off top) for ppl with N82 to post here the z:\resource\skins folder with it's contents.

There are some folders:
101f84b9
2000a62a
2000a62b
2000a62c
2000a62d
2000a62e

On my N82 there are:
AKNMEMORYCARDUI.R01
AKNMEMORYCARDUI.R02
AKNMEMORYCARDUI.R03
AKNMEMORYCARDUI.R05
AKNMEMORYCARDUI.R014
AKNMEMORYCARDUI.R018
backup_registration.xml



There are some folders:
101f84b9
2000a62a
2000a62b
2000a62c
2000a62d
2000a62e

The skins folder is ok, about the first one it should be 10207114, my BAD ;)

could you extract them and post them here please? Can you upload the two folders here? The Skins and 10207114 folders with all their contents ;)

br

blesio

.......................
6) copy into your phone c:\sys\bin\CProfDriver_SISX.ldd (this is why you

for FP1:
Same as before, except:
2) download S60_3_1_Prof_v1_62.sisx
5) get http://FCA00000.googlepages.com/31_CProfDriver_SISX.ldd
5.1) rename as CProfDriver_SISX.ldd (the file in my attachment is already renamed .. dont rename)

if 4.2) fails the first time, do
2) download S60_3_1_Prof_v1_62_SIZE.sisx
and don't do 5)

prefp1 devices are :n80 . n73 . 5700 ... etc
fp1 devices:n95 n95-8gb etc ...
Great info, but on FP1 devices like Nokia N95 etc. CProfDriver_SISX.ldd is located at the C:\sys\hash\CProfDriver_SISX.ldd not in C:\sys\bin\..........

Not working ... btw. of-course, first i made backup of the original file "CProfDriver_SISX.ldd", and than i try this copy/paste method.
It must be some solution for FP1 devices ....

hehe now I know how to change sms content and sender phone number :)

Apptrk dont connect on N73 ME; what zup ? :(

could you extract them and post them here please

Here resource skin and private folder on n82
In : private\10207114 there's a folder import

Ciauz

lucasat blesio needs c: private\10207114 too

Argh, it worked too good for me... Now i have problem when patching:


Traceback (most recent call last):
File "C:\Python25\hack_perms_s60v3.py", line 312, in <module>
ser = serial.Serial(4) # COM5
File "C:\Python25\serial\serialutil.py", line 156, in __init__
self.open()
File "C:\Python25\serial\serialwin32.py", line 55, in open
raise SerialException("could not open port: %s" % msg)
serial.serialutil.SerialException: could not open port: (2, 'CreateFile', 'Nie m
o\xbfna odnale\x9f\xe6 okre\x9clonego pliku.')




Edit. Problem solved - i had problems with ports

I don't speak english. I'm sorry... :|
bAsem, go to: click (http://forum.pasjagsm.pl/tematy87/s60v3-zlamane-finalnie-vt16443.htm#110223)
I had the similar problem, it was successful him to solve to me.
I'm sorry for my engilsh :/

can someone post the sys/.exe and hash/.exe for the following files

thanks

so that I can put extended capabilities on after installing basic version'

activefile_s60_9.1_man_cap_unsigned.sis

and

activefile_s60_9.2_man_cap_unsigned.sis

you can get them in the following thread

http://www.ipmart-forum.com/showthread.php?t=239312&page=2

I wondering Route66 v8. Could someone post all content C, E, and Z from 6110 Navigator with working maps ?

here is the thread to get the keygen for x-plore so once you have it installed it removes the annoying nags..

http://www.ipmart-forum.com/showthread.php?t=222042&highlight=xplore+keygen

also this fix is permanent if you install the x-plore file provided here either in phone memory or on memory card and then overwrite the sys/bin/x-plore.exe (in either c: or e: dependiing on where you installed it) and then overwrite the sys/hash/x-plore.exe with the one provided in the zip here.. then even if you don't redo the hack xplore will be installed will full system priviledges that survive upon reboot.. not sure if this was clear as many people are asking to make it permanent and this in effect does..

get the correct x-plore version on page 9 of this post.. this zip has the two files you need to replace on your phone after install then you will have full priviledges

lgkahn After reboot you’ve got RO only, and for full access you need run script again. But when you install Carbide Profile, and patch it you’ve got access every time after running it.

yep you are correct I can read everything on the c drive but not write to the .sys directory how does the carbide patch work with fp1 phones?

http://finestfones.blogspot.com/2008/03/symbian-92-has-been-hacked.html...
hi friends i saw this article and i tried it on my e 51.....i have been able to install core player...i didnt try other applications...so anyone try this and post your results......also see this...

http://www.engadgetmobile.com/2008/03/27/symbian-9-2-hacked-to-bypass-app-certification/

Great info, but on FP1 devices like Nokia N95 etc. CProfDriver_SISX.ldd is located at the C:\sys\hash\CProfDriver_SISX.ldd not in C:\sys\bin\..........

Not working ... btw. of-course, first i made backup of the original file "CProfDriver_SISX.ldd", and than i try this copy/paste method.
It must be some solution for FP1 devices ....

This is working for me. Hash-folder has just hash file there. ;)

Just follow the instructions given.

Working perfect for me.....now able to see all files in sys and private folders. Thankyou guys.:D

hehe now I know how to change sms content and sender phone number :)

Can u tell in brief.....how do u change them? I mean which files to change for this.

after i run pprofiler again after restart but n95 sticks and restarts.i dont see system files then

It would be great if there is a way to edit and save swipolicy.ini z:\system\data.

If it's possible (sorry for the off top) for ppl with N82 or the N95 8GB to post here the z:\private\10207218 folder (with it's contents) and also z:\resource\skins folder with it's contents.

I can do the same with the E51 for original themes ;)

br

blesio

please mr.blesio lets keep the thread clutter free .. u can ask people to post to some upload site and send u a link to ur pm ..

sorry

Working perfect for me.....now able to see all files in sys and private folders. Thankyou guys.:D

nice .. so we have some success and some failure ..

for people who cant do it. just do the xplore permanent hack .. its working perfect for me

no need for all the hastle ;)

just install xplore 1.21 then copy the hacked files posted before to sys\bin and hash folders and thats it :D

Can I do this trick for my N73 ME ?
Thx b4

yes of course u can .. just use the prefp1 files i attached to my post and follow the instructions ..

its very easy

yaay we made sticky .. thanks for the modos and the admins .. :D :D
w00t w00t

Can u tell in brief.....how do u change them? I mean which files to change for this.
Check files in:
c:\private\1000484b
But I don't know why when I change phone number in message still displaying old one ? Perhaps something is written on sim card ?
When you inbox and you choose detailed you will see both numbers.

LoL.. sticky already from last nite bro :LoL:
didnt u realize? :weedman:

btw nice thread & the trick works on 6120c latest firmware v4.21..
:excited::excited::excited:

LoL.. sticky already from last nite bro :LoL:
didnt u realize? :weedman:

btw nice thread & the trick works on 6120c latest firmware v4.21..
:excited::excited::excited:

:excited: no i didnt .. thanks alot mate .. and glad to see it working for ya :excited:

I have noticed. on n95-1 v21 the hack is permanent. Even after reboor i can still see the hidden files and folders without additional modification. Jus the patch with perl.

I have noticed. on n95-1 v21 the hack is permanent. Even after reboor i can still see the hidden files and folders without additional modification. Jus the patch with perl.

well thats weird .. r u sure u didnt use the xplore and modo hacked files ...

I have noticed. on n95-1 v21 the hack is permanent. Even after reboor i can still see the hidden files and folders without additional modification. Jus the patch with perl.

Without Carbide Profile you have read only. Just make sure :)

well thats weird .. r u sure u didnt use the xplore and modo hacked files ...

No xplore and modo hack applied.

:afraid:

I m very sorry to ask u a very stupid Question that.

I have Nokia N73 and Plz tell me how to connect my phone through PC SUITE.

PLZ PLZ.



As whenever I connect it to the PC, it give me nothing.



PLZPLZPLZ

Without Carbide Profile you have read only. Just make sure :)

You mean with Carbide i can edit and save swipolicy.ini in z:\system\data?

it doesn't work in N73 ME, if anybody have done it then tell me how?

You mean with Carbide i can edit and save swipolicy.ini in z:\system\data?
Would be cool, but we can't change ROM files.
Unfortunately only for C: drive
Perhaps it be working when somebody discover how redirect reading swpolicy.ini to c:\data instead Z:\data

the carbide hack will NOT work on an n81 as far as I can tell as there is no

CProfDriver_SISX.ldd

in c:\sys\bin

?????

any suggestions

ok I installed to e drive instead of c so it is in e:\sys\bin..

this is promising that means on phones like mine where you have a memory card access to the e drive you don't need the hack to replace the CProfDriver_SISX.ldd

any comments.


Ive tried both the standard S60_3_1_Prof_v1_62.sisx
and the S60_3_1_Prof_v1_62_SIZE.sisx

on my n81 no go.. both hang for like two minutes on initializing and when done i dont have write access to c drive or e:\sys
etc.

Quote:
Originally Posted by jarbamare
Great info, but on FP1 devices like Nokia N95 etc. CProfDriver_SISX.ldd is located at the C:\sys\hash\CProfDriver_SISX.ldd not in C:\sys\bin\..........

Not working ... btw. of-course, first i made backup of the original file "CProfDriver_SISX.ldd", and than i try this copy/paste method.
It must be some solution for FP1 devices ....

This is working for me. Hash-folder has just hash file there.

Just follow the instructions given.

I've rejected on my N82 and after restart I've lost my backup original file CProfDriver_SISX.ldd :(
No happy, my cell has lost file CProfDriverxxxx.exe that i remember was into folder :( :(
Result... after i've deleted installation Profiler. Now i can't reinstall Caribe Profiler...
At half installation the application exit with install error...

I only hack succeed my cell with PytonWin.

Can someone help me, like bAsem :good2::good2: as always

Ciauz

P.S. In post #155 on page 16 and i see there are:
CProfApp_SISX.exe
CProfDriver_SISX.ldd
CProfUI_SISX.exe
But i lost everything after reboot

http://www.ipmart-forum.com/attachment.php?attachmentid=378229&stc=1&d=1206657957

that doesnt make sense the .ldd in the hash is not the executable just the 4 hex sha1 has for it.. the notes say to replace the 6k executable with the 17kb one

ie

5) get http://FCA00000.googlepages.com/CProfDriver_SISX.ldd
6) copy into your phone c:\sys\bin\CProfDriver_SISX.ldd (this is why you need the initial hack)
7) the old version had 6 Kb. The new one has 17 Kb. Please verify.
everytime you restart your phone, do 4) again.

anyway I have followed the directions carefully other than installing on e instead of c but that shouldnt make any difference and it doesnt work for my n81 same as you only full access after running the python script.

that doesnt make sense the .ldd in the hash

In N82 or N95 models those file are locate into sys\HASH

However i don't know what files processing end if are essential for good operation my cell