Friday, April 30, 2010
Thursday, April 29, 2010
JAFSetup_1.98.65_Crack Full
HERE IS JAF CRACK
- Not need PKEY, fully emulated using PKEY in software using (c) Virtual Pkey technology
- Removed TIME-BOMB firmware damage from original JAF exe.
- Works well with latest ORIGINAL update released by JAF Team (1.98.65)
Note for Windows Vista users:
MUST be run with ADMINISTRATOR privileges (Right click, Run as administrator), if not, will receive this error: "ERROR: Can not find Program Files Directory (1)"
- Not need PKEY, fully emulated using PKEY in software using (c) Virtual Pkey technology
- Removed TIME-BOMB firmware damage from original JAF exe.
- Works well with latest ORIGINAL update released by JAF Team (1.98.65)
Note for Windows Vista users:
MUST be run with ADMINISTRATOR privileges (Right click, Run as administrator), if not, will receive this error: "ERROR: Can not find Program Files Directory (1)"
Modify UFS to built in ufc resistor selector
ufs built in resistor selector. it not a new solution but some time we need things like this.it is just an idea to make or repair ufc resistor selector.
please check and correct if i make any mistake.
Here is original Check out
here my modified
i have got selector switch from old p3 mother bord.
please check and correct if i make any mistake.
Here is original Check out
here my modified
i have got selector switch from old p3 mother bord.
HOT - New Solution Repair box JAF without CUT and cable LPT
Step 1: follow the picture below
Step 2: Connect the USB for the JAF Box to use GND and 5V Voltage
Step 3: Download: soft + Firmware of JAF box
Click here to download
Step 4: Install PonyProg_V207c
Step 5: After installation is complete, we set up as shown below.
The steps to load and select the file you just need to conform to the video is 100% OK. The most important problem is the connection with JAF BOX LPT port only.
Step 2: Connect the USB for the JAF Box to use GND and 5V Voltage
Step 3: Download: soft + Firmware of JAF box
Click here to download
Step 4: Install PonyProg_V207c
Step 5: After installation is complete, we set up as shown below.
The steps to load and select the file you just need to conform to the video is 100% OK. The most important problem is the connection with JAF BOX LPT port only.
QC Mobile Analysis Tool V5.07 Beta6
What is it ?
It is a development and debugging tool for Qualcomm mobiles
Who may need it ?
Mobile engineers / reverse engineers / cryptoanalysts and forensic labs
Crypto Functions :
- Calculate CRC-30, CRC-32, SHA1, SHA2 (SHA224 + SHA256), MD4 and MD5 of any file
- Calculate AES, DES, TEA, RSA in several ways (ECD,CBC,CFB,OFB etc..)
- Bruteforce bytes to fit CRC-30 needed when qcsblhd_cfgdata.mbn was edited
- Extract Gzipped, LZW and LZMA data
- Generate AKey, FSC, SPC and SPC3 for several providers
- Decrypt and Encrypt any RSA-Message, including ASN-1 / SHA Signatures. (you can add publickeys to publickeys.xml)
- Generate RSA Private Key and create .pvk files
- Check firmware signature given Modulus and Exponent (for HTC and BQS mobiles)
- Extract information from .pvk files
- Search for algorithms in binary files (find cryptomethods + signatures) CRC8, CRC16, CRC32, MD4, MD5, SHARK, HAVAL, GZIP, ZIP, SHA1, ... and much more (you can add cryptosignatures to crypto.xml)
JTAG Interface :
(soon via Segger J-Link)
Functions for all mobiles with AT modes :
1. Send APDUs to SIM card
2. Read out all SMS with all headers
3. Send any AT command
Functions for QC mobiles :
1. Load binary files for :
Extraction of certificates
Extraction of BMPs,GIFs,PNGs, JPGs
2. Load Partition File to get overview about NAND/NOR structure
3. Send any String to a COM/USB Port and backup all your SMS !
4. Make usage of QCs Diag USB/COM Port Interface
(Useful for any QC mobile in the world)
Standard Features :
- Send standard diag commands or any hexadecimal command you want (database included)
- Read out all NVItems (range given)
(all that exist, more than QPST normally extracts)
- Backup and Restore all NVItems
- Read out and Dump Firmware in Memory (SRam)
- Read out complete EFS
- Switch to FTM Mode (or anything else you want)
- Get infos about phone ..... etc ..... a lot more functions
- Generate SimSecure Command to write to SimSecure using given file (may brick your phone when used without knowledge)- Full Feature EFS Browser
Bootloader / DownloadMode Features :
- Load any file to mobile at any address and execute (bootloader f.e.)
- Read out complete NAND Memory using bootloader (range given) with included MSM6250/A bootloader or any given bootloader
Usage : Take out battery, put in battery, press ON # to enter emergency mode, Execute Loader
or (with SL91,SF71 f.e.) enable FTM mode, Execute Loader
- Use any Download Mode or Bootloader Command to experiment
- Read application memory of newer Diag Ver 6 in Download Mode
- Show complete infos about used NAND after loading of Bootloader
Flasher Features :
Flash any QC mobile (OBL Multiboot) with given bootloader
- Flash PBL (dangerous), QCSBL, QCSBL Header and Config Bits, Partition, OEMSBL, OEMSBL Header, AMSS, AMSS Header and EFS
Functions for BQS only :
1. Load AMSS to extract files or useful infos
(EF81, E81C, EF91, SXG75, EF82, SF71, SL91 or similiar ones)
Features :
Extract Infos from AMSS : USBID, Product.Nr., SVN, SwBuild, Mobiletype
Extract internal filesystem (mif,bar,sig etc. files)
Extract AMSS signature bytes (if production key)
Show all file references used by mobile
2. Check Firmware validity (signature)
Functions for HTC only :
1. Check validity of HTC firmware (signature check)
2. Cut out signatures from .nbh file
3. Split radio.nb into qualcomm files for analysis
4. Find HTC Public keys using Cryptosearch
5. Generate Security passwords (SPL + radio) for newer HTC
6. Generate NBH Files (you can add any device into devlist.xml)
7. Dump Files from NBH (you can add any type into nbhtype.xml)
8. Fix radio.nb checksum9. Generic Bootloader / AT Command interface with logging functionsFunctions for Network Engineers
Network Calculators :TDMA (GSM/UMTS) :
--------------------
IMEI
GSM A5-1
GSM A5-2
GSM A5-3
3G ECSD
GEA3 - GPRS
3G SNOW
3G UEA2
3G UIA2
GSM A3/A8 COMP128 V1
GSM A3/A8 COMP128 V2
GSM A3/A8 COMP128 V3
3G Milenage
3G Milenage Resync
CDMA :
-------
CAVE
CAVE Authentication
CAVE CMEA
CAVE EMEA
CAVE EMEA_NF
CAVE Wireless Residential Extension
CAVE Datakey / Look Up Table / Mask
CAVE DTC / DCCH
CAVE KSG
CAVE Long Block
CAVE Short Block
CAVE Enhanced Message
CAVE Enhanced Voice Privacy
CAVE Enhanced Data Mask
and much more ....
Planned in future :
1. Bugfixes
2. EFS Restore to Zip File
3. QC Jtag interface using Segger J-Link ARM
4. LNBS HTC support to replace MTTY 5. CDMA Write Functions 6. Tooltips showing real addresses in graphical window
7. Read out / Write back Addressbook
8. Restore backupped SMS to phone
9. much much more
The software QMAT is in no way connected with the company Qualcomm or any other company.
It is a development and debugging tool for Qualcomm mobiles
Who may need it ?
Mobile engineers / reverse engineers / cryptoanalysts and forensic labs
Crypto Functions :
- Calculate CRC-30, CRC-32, SHA1, SHA2 (SHA224 + SHA256), MD4 and MD5 of any file
- Calculate AES, DES, TEA, RSA in several ways (ECD,CBC,CFB,OFB etc..)
- Bruteforce bytes to fit CRC-30 needed when qcsblhd_cfgdata.mbn was edited
- Extract Gzipped, LZW and LZMA data
- Generate AKey, FSC, SPC and SPC3 for several providers
- Decrypt and Encrypt any RSA-Message, including ASN-1 / SHA Signatures. (you can add publickeys to publickeys.xml)
- Generate RSA Private Key and create .pvk files
- Check firmware signature given Modulus and Exponent (for HTC and BQS mobiles)
- Extract information from .pvk files
- Search for algorithms in binary files (find cryptomethods + signatures) CRC8, CRC16, CRC32, MD4, MD5, SHARK, HAVAL, GZIP, ZIP, SHA1, ... and much more (you can add cryptosignatures to crypto.xml)
JTAG Interface :
(soon via Segger J-Link)
Functions for all mobiles with AT modes :
1. Send APDUs to SIM card
2. Read out all SMS with all headers
3. Send any AT command
Functions for QC mobiles :
1. Load binary files for :
Extraction of certificates
Extraction of BMPs,GIFs,PNGs, JPGs
2. Load Partition File to get overview about NAND/NOR structure
3. Send any String to a COM/USB Port and backup all your SMS !
4. Make usage of QCs Diag USB/COM Port Interface
(Useful for any QC mobile in the world)
Standard Features :
- Send standard diag commands or any hexadecimal command you want (database included)
- Read out all NVItems (range given)
(all that exist, more than QPST normally extracts)
- Backup and Restore all NVItems
- Read out and Dump Firmware in Memory (SRam)
- Read out complete EFS
- Switch to FTM Mode (or anything else you want)
- Get infos about phone ..... etc ..... a lot more functions
- Generate SimSecure Command to write to SimSecure using given file (may brick your phone when used without knowledge)- Full Feature EFS Browser
Bootloader / DownloadMode Features :
- Load any file to mobile at any address and execute (bootloader f.e.)
- Read out complete NAND Memory using bootloader (range given) with included MSM6250/A bootloader or any given bootloader
Usage : Take out battery, put in battery, press ON # to enter emergency mode, Execute Loader
or (with SL91,SF71 f.e.) enable FTM mode, Execute Loader
- Use any Download Mode or Bootloader Command to experiment
- Read application memory of newer Diag Ver 6 in Download Mode
- Show complete infos about used NAND after loading of Bootloader
Flasher Features :
Flash any QC mobile (OBL Multiboot) with given bootloader
- Flash PBL (dangerous), QCSBL, QCSBL Header and Config Bits, Partition, OEMSBL, OEMSBL Header, AMSS, AMSS Header and EFS
Functions for BQS only :
1. Load AMSS to extract files or useful infos
(EF81, E81C, EF91, SXG75, EF82, SF71, SL91 or similiar ones)
Features :
Extract Infos from AMSS : USBID, Product.Nr., SVN, SwBuild, Mobiletype
Extract internal filesystem (mif,bar,sig etc. files)
Extract AMSS signature bytes (if production key)
Show all file references used by mobile
2. Check Firmware validity (signature)
Functions for HTC only :
1. Check validity of HTC firmware (signature check)
2. Cut out signatures from .nbh file
3. Split radio.nb into qualcomm files for analysis
4. Find HTC Public keys using Cryptosearch
5. Generate Security passwords (SPL + radio) for newer HTC
6. Generate NBH Files (you can add any device into devlist.xml)
7. Dump Files from NBH (you can add any type into nbhtype.xml)
8. Fix radio.nb checksum9. Generic Bootloader / AT Command interface with logging functionsFunctions for Network Engineers
Network Calculators :TDMA (GSM/UMTS) :
--------------------
IMEI
GSM A5-1
GSM A5-2
GSM A5-3
3G ECSD
GEA3 - GPRS
3G SNOW
3G UEA2
3G UIA2
GSM A3/A8 COMP128 V1
GSM A3/A8 COMP128 V2
GSM A3/A8 COMP128 V3
3G Milenage
3G Milenage Resync
CDMA :
-------
CAVE
CAVE Authentication
CAVE CMEA
CAVE EMEA
CAVE EMEA_NF
CAVE Wireless Residential Extension
CAVE Datakey / Look Up Table / Mask
CAVE DTC / DCCH
CAVE KSG
CAVE Long Block
CAVE Short Block
CAVE Enhanced Message
CAVE Enhanced Voice Privacy
CAVE Enhanced Data Mask
and much more ....
Planned in future :
1. Bugfixes
2. EFS Restore to Zip File
3. QC Jtag interface using Segger J-Link ARM
4. LNBS HTC support to replace MTTY 5. CDMA Write Functions 6. Tooltips showing real addresses in graphical window
7. Read out / Write back Addressbook
8. Restore backupped SMS to phone
9. much much more
China models schematics
E200 Schematic +PCB
E200g schematic+PCB
E206 schematic +PCB
E207+Schmatic+and+PCB
E210 schematic +PCB
E217 schematics +PCB
E300+Schmatic+and+PCB
E303 schematics and PCB
E307+Schmatic+and+PCB
E308+Schmatic+and+PCB
E200g schematic+PCB
E206 schematic +PCB
E207+Schmatic+and+PCB
E210 schematic +PCB
E217 schematics +PCB
E300+Schmatic+and+PCB
E303 schematics and PCB
E307+Schmatic+and+PCB
E308+Schmatic+and+PCB
E308+Schmatic+and+PCB.rar
E320+Schmatic+and+PCB.rar
E355+Schmatic+and+PCB.rar
E368+Schmatic+and+PCB.rar
E369
Mt6217
MT6226+MT6205+Dual+sim+schematics
MT6227+schematics
E369
E320+Schmatic+and+PCB.rar
E355+Schmatic+and+PCB.rar
E368+Schmatic+and+PCB.rar
E369
Mt6217
MT6226+MT6205+Dual+sim+schematics
MT6227+schematics
E369
Subscribe to:
Posts (Atom)