View Full Version : Dejan Flasher Assenbler Sources availabe

24-07-2001, 05:30 PM
Send me pic sources and schematics of dejan flasher 1.04 and i will send Dejan Flasher sources.

Look some code snippets:

;include calc.a32
include log.a32
include indicator.a32
include phone_id.a32
include iso.a32
include filefind.a32
include inkey.a32
include fls_ppm.a32
include box.a32
include file.a32


prog_start: call kurzoroff
call flash


bit_count db 0
start_status db 0
stop_status db 0

data_reg db 0ffh

mbus_h: mov edx,378h
or byte ptr data_reg,10h
mov al,data_reg
out dx,al
mbus_l: mov edx,378h
and byte ptr data_reg, not 10h
mov al,data_reg
out dx,al

tx_h: mov edx,378h
or byte ptr data_reg,20h
mov al,data_reg
out dx,al
tx_l: mov edx,378h
and byte ptr data_reg, not 20h
mov al,data_reg
out dx,al

time_: push ecx
mov ecx,time_const
loop $
pop ecx

time_const dd 800

boot db 'c:\nk_files\boot.bin',0
boot_size dd 0
boot_baf dd 0

flash_boot db 'c:\nk_files\*.fl',0
flash_boot_count dd 0
flash_boot_baf dd 0
fl_boot_baf dd 0
fl_boot_size dd 0

get_phone_id: push eax
mov eax,500000
call set_work_time_const
pop eax

call box
call kurzoroff
call disp_main

call phone_on

_printm 7,0,1fh," Connect Phone to BOX, Turn ON phone and press Enter "
call tasterin

call phone_off

call disp_main

call send_init
jc bad_conn

; Get phone ID

lea esi,test_data
mov ecx,end_td-test_data
call tx_rx_data
jc bad_conn

lea esi,[edi+10]

lea edi,mcu_vb
call copy_asciiz

mov edi,esi
xor ecx,ecx

z1nex_pr1: inc ecx
cmp [edi],byte ptr 0
je z1end_pr1
inc edi
cmp [edi-1],byte ptr 0ah
jne z1nex_pr1
mov [edi-1],byte ptr ' '
jmp z1nex_pr1


lea edi,id_bafer
cmp ecx,60
jbe z1ok_szid
mov ecx,60
mov [id_bafer+4+ecx],byte ptr 0
z1ok_szid: mov eax,ecx
rep movsb

lea esi,id_bafer+4

_printm 1,0,1fh, 'MS SW:'

mov ax,108h
mov bl,1bh
call print



25-07-2001, 01:11 AM
Send me the source, I'll compile it and send you the bin and schematics.

25-07-2001, 01:14 AM
Sorry... misunderstood... I thought for a moment that was the source for the PIC and you needed to get it compiled /n/images/smiles/icon_smile.gif

Nevermind /n/images/smiles/icon_smile.gif I can send you the schematics... the source of the PIC I don't have /n/images/smiles/icon_frown.gif

25-07-2001, 09:12 PM
Have you checked from 'Dejan Flasher 1.04' source code, what purpose PIC12C508 has in Dejan Box?
If that uC is just a Dongle protection for software, it should be possible to modify Flasher source to "ignore" the protection.
No more: "Bad connection or bad BOX!" or phone update limit. Plus, we don't need HEX file for pic.

(I found cracked "Dejan Flasher 1.03", maybe FAKE. I'll try to attach it anyway.)
(If you try it, better to virus check executables before executing, you newer know)

About flasher box schematics...
I have schematic for PPM&MCU SW box, but I belive it is FAKE too. (I'll try to attach it anyway)
From source code we should be able to check what pins of LPT1 are used to transmit data.
If we knew which pins are for Fbus TX, Fbus RX, Btemp & Mbus, maybe it would be possible to "re-design" box schematics.
Or maybe we can use 'Dejan flasher cable' schematics with cracked software...

(I'm sorry about any errors in text, english is not my original language)

25-07-2001, 09:15 PM
PPM&MCU SW schematic, FAKE

25-07-2001, 11:02 PM
Hi, just some other info I picked up somewhere, is that the BOX is not used as a Dongle, but also to calculated the "FlashAuthorityID" of the phone, using the MSID & Checksum of flash parts. This is required to update the Eeprom area in order that the phone will find network.
If I look at the schematic above, I can believe it is close to what is required to perform this task, it is similar to original dejan flasker, but with the inclusion of the PIC for the above task and as the cracked version 1.03 does work on the original flasher of dejan (only reads the flash) I recon it got to be very similar to the original... But I guess the Pic used (if it is a Pic) will be code protected so we will never know!!!!
Also some other info I got was that a log file is produced, which is the sent away, to be calculated, and a authority is then generated and sent back to you to update only that phone. This may however be info relating to a different MCU/PPM Uploader, not that of Dejan ( I am not sure of this )

25-07-2001, 11:36 PM
.....you can do this routine only with two pc connected
....one for running software other to analize lpt port
.....and if you are good you might reverse engineer the box
.....i have seen a good hacker do this with powerful protected software
.....but then i was only a rooky to understand the process
.....the dejan shematic is not far from the true box
.....it does not make sense to build somthing complicated when all you
.....need is one ic that will do all......(pic12c508?) or (16c84=easy to crack)
.....this uses software protection and enables comunication to phone
.....two in one no other better way to do it......making it cheap to build
.....and quite profitable........if you see what i meen.

02-08-2001, 11:52 AM
hi all i've used the nokia unlock program release 3 with black box'+jethro 'dark flasher ver 1.4 ,for the nokia 3310 .
after using this program the 3310 will not work any more can any body advise me on any program out there to bring the nokia back

13-02-2003, 11:43 PM
reflash it.. with full flasher

Mr. Chuky
14-02-2003, 11:24 AM
Can you send me the schematics please???


14-02-2003, 11:41 AM
To ||Joe..

This is all I have, code schematics etc, hope it's usefull !!!!

14-02-2003, 01:37 PM
Originally posted by firecrac
reflash it.. with full flasher
i think after almost 2 years, its not really necessary to tell him that now..

05-04-2004, 02:20 AM
can you send me the source code, please?

my e-mail is : removed

thank you!

05-04-2004, 10:54 AM
NO send me posts, email removed

Please see rule 6 (I think) of the forum rules
do it again and you will earn yourself a small holiday outside nfree