PDA

View Full Version : Dejan Flasher Assenbler Sources availabe



||Joe
24-07-2001, 05:30 PM
Send me pic sources and schematics of dejan flasher 1.04 and i will send Dejan Flasher sources.

Main.a32
Look some code snippets:


;include calc.a32
include log.a32
include indicator.a32
include phone_id.a32
include iso.a32
include filefind.a32
include inkey.a32
include fls_ppm.a32
include box.a32
include file.a32



;****************************************************************************
;
;****************************************************************************


prog_start: call kurzoroff
call flash

ret


bit_count db 0
start_status db 0
stop_status db 0



data_reg db 0ffh


mbus_h: mov edx,378h
or byte ptr data_reg,10h
mov al,data_reg
out dx,al
ret
mbus_l: mov edx,378h
and byte ptr data_reg, not 10h
mov al,data_reg
out dx,al
ret

tx_h: mov edx,378h
or byte ptr data_reg,20h
mov al,data_reg
out dx,al
ret
tx_l: mov edx,378h
and byte ptr data_reg, not 20h
mov al,data_reg
out dx,al
ret

time_: push ecx
mov ecx,time_const
loop $
pop ecx
ret

time_const dd 800

boot db 'c:\nk_files\boot.bin',0
boot_size dd 0
boot_baf dd 0


flash_boot db 'c:\nk_files\*.fl',0
flash_boot_count dd 0
flash_boot_baf dd 0
fl_boot_baf dd 0
fl_boot_size dd 0
..........
........
....
..
--------------------


;================================================
get_phone_id: push eax
mov eax,500000
call set_work_time_const
pop eax

call box
call kurzoroff
call disp_main

call phone_on



_printm 7,0,1fh," Connect Phone to BOX, Turn ON phone and press Enter "
call tasterin

call phone_off

call disp_main

call send_init
jc bad_conn


;==========================================
; Get phone ID
;------------------------------------------

lea esi,test_data
mov ecx,end_td-test_data
call tx_rx_data
jc bad_conn

;---------------
lea esi,[edi+10]

pushad
lea edi,mcu_vb
call copy_asciiz
popad


mov edi,esi
xor ecx,ecx


z1nex_pr1: inc ecx
cmp [edi],byte ptr 0
je z1end_pr1
inc edi
cmp [edi-1],byte ptr 0ah
jne z1nex_pr1
mov [edi-1],byte ptr ' '
jmp z1nex_pr1

z1end_pr1:

lea edi,id_bafer
cmp ecx,60
jbe z1ok_szid
mov ecx,60
mov [id_bafer+4+ecx],byte ptr 0
z1ok_szid: mov eax,ecx
stosd
rep movsb


lea esi,id_bafer+4

_printm 1,0,1fh, 'MS SW:'

mov ax,108h
mov bl,1bh
call print



;---------------------------------

;)

||Joe
25-07-2001, 01:11 AM
Send me the source, I'll compile it and send you the bin and schematics.

||Joe
25-07-2001, 01:14 AM
Sorry... misunderstood... I thought for a moment that was the source for the PIC and you needed to get it compiled /n/images/smiles/icon_smile.gif

Nevermind /n/images/smiles/icon_smile.gif I can send you the schematics... the source of the PIC I don't have /n/images/smiles/icon_frown.gif

||Joe
25-07-2001, 09:12 PM
Hi!
Have you checked from 'Dejan Flasher 1.04' source code, what purpose PIC12C508 has in Dejan Box?
If that uC is just a Dongle protection for software, it should be possible to modify Flasher source to "ignore" the protection.
No more: "Bad connection or bad BOX!" or phone update limit. Plus, we don't need HEX file for pic.

(I found cracked "Dejan Flasher 1.03", maybe FAKE. I'll try to attach it anyway.)
(If you try it, better to virus check executables before executing, you newer know)

About flasher box schematics...
I have schematic for PPM&MCU SW box, but I belive it is FAKE too. (I'll try to attach it anyway)
From source code we should be able to check what pins of LPT1 are used to transmit data.
If we knew which pins are for Fbus TX, Fbus RX, Btemp & Mbus, maybe it would be possible to "re-design" box schematics.
Or maybe we can use 'Dejan flasher cable' schematics with cracked software...

(I'm sorry about any errors in text, english is not my original language)

||Joe
25-07-2001, 09:15 PM
PPM&MCU SW schematic, FAKE

||Joe
25-07-2001, 11:02 PM
Hi, just some other info I picked up somewhere, is that the BOX is not used as a Dongle, but also to calculated the "FlashAuthorityID" of the phone, using the MSID & Checksum of flash parts. This is required to update the Eeprom area in order that the phone will find network.
If I look at the schematic above, I can believe it is close to what is required to perform this task, it is similar to original dejan flasker, but with the inclusion of the PIC for the above task and as the cracked version 1.03 does work on the original flasher of dejan (only reads the flash) I recon it got to be very similar to the original... But I guess the Pic used (if it is a Pic) will be code protected so we will never know!!!!
Also some other info I got was that a log file is produced, which is the sent away, to be calculated, and a authority is then generated and sent back to you to update only that phone. This may however be info relating to a different MCU/PPM Uploader, not that of Dejan ( I am not sure of this )

||Joe
25-07-2001, 11:36 PM
.....you can do this routine only with two pc connected
....one for running software other to analize lpt port
.....and if you are good you might reverse engineer the box
.....i have seen a good hacker do this with powerful protected software
.....but then i was only a rooky to understand the process
.....the dejan shematic is not far from the true box
.....it does not make sense to build somthing complicated when all you
.....need is one ic that will do all......(pic12c508?) or (16c84=easy to crack)
.....this uses software protection and enables comunication to phone
.....two in one no other better way to do it......making it cheap to build
.....and quite profitable........if you see what i meen.

||Joe
02-08-2001, 11:52 AM
hi all i've used the nokia unlock program release 3 with black box'+jethro 'dark flasher ver 1.4 ,for the nokia 3310 .
after using this program the 3310 will not work any more can any body advise me on any program out there to bring the nokia back

firecrac
13-02-2003, 11:43 PM
reflash it.. with full flasher

Mr. Chuky
14-02-2003, 11:24 AM
Can you send me the schematics please???

Thanks

Adven
14-02-2003, 11:41 AM
To ||Joe..

This is all I have, code schematics etc, hope it's usefull !!!!

pico
14-02-2003, 01:37 PM
Originally posted by firecrac
reflash it.. with full flasher
i think after almost 2 years, its not really necessary to tell him that now..

stefan_pandele
05-04-2004, 02:20 AM
can you send me the source code, please?

my e-mail is : removed

thank you!

danwood76
05-04-2004, 10:54 AM
NO send me posts, email removed

Please see rule 6 (I think) of the forum rules
do it again and you will earn yourself a small holiday outside nfree

Danny