It's a little dumb, and hard to explain (since i'm not english) but anyway, i'll give it a try...

I'm looking in a flashfile, and i want to find out how functions calls a spesific text string.

For instance, the keylock:
When you press "unlock" it says "now press *"
So when you press "unlock" -> "*" the text "Keypad Active" is shown.
That means that in the unlock function, there must be something telling it to show that text string after the unlock and * is pressed.

How would that look like in hex?
How will the offset be shown?

In the text chunk there is numbers in front of all phrases. I know that is supposed to be the offset where the text string is located. Could someone give me an example on how to find the offset of a text string, if the number in front of the text is 876?

>I'm looking in a flashfile, and i want to find out how functions
>calls a spesific text string.

Not knowing what flash version or model makes this tricky, but here's how it works for 3310 v5.13. It works the same way for other versions, but the hex addresses will be different.

>For instance, the keylock:
>When you press "unlock" it says "now press *"
>So when you press "unlock" -> "*" the text "Keypad Active" is >shown.

>That means that in the unlock function, there must be
>something telling it to show that text string after the unlock and
>* is pressed.

Agreed.

>How would that look like in hex?

Hmmmm....which bit do you mean?
The text is stored in PPM, in the TEXT chunk. The first few phrases are common to all languages (COMM) and the rest are language specific. e.g "Phonenumber" in English is "Telefonnummer" in German, "Numero di telefono" in Italian etc.
The important thing is that these phrases all have the same index number - in this case, they are all the 8th entry in each language.

"now press *" is the 576th entry (240hex) of each language (for this flash version only)

Remember the common block - this flash file has 50 common phrases, so we add 50 to 576 to get 626. This is 0272 in hex.

There is a large table that points to each of these entries. Use a hex editor to search for 04 02 72 (they all start 04), we see this is stored at 10B392 (30B392 when flashed to the phone).

If you use WinArm and search for the string 0030B392 you will find the routine that refers to this text - so it must be part of the routine that displays this message :D

0a9a2e: 48df : LDR R0, #0030b392
0a9a30: e019 : B a9a66>>How will the offset be shown?

Not sure what you mean by the offset, but hopefully you can find what you are looking for somewhere in this post :D

>>In the text chunk there is numbers in front of all phrases. I
>>know that is supposed to be the offset where the text string is
>>located. Could someone give me an example on how to find
>>the offset of a text string, if the number in front of the text is
>>876

These numbers aren't stored in the text chunk... they've been added by whatever tool you are using to view the text chunk. Which program are you using?

Here's part of the text chunk as stored in PPM:
...Lock keypadNow(0A)press *Keypad...

As you can see, the text is just one long line of characters and the various tools decode how long each part should be. The 0A is just the new line character.

If you want to find a particular text, get the entry number, add the number of common entries and search for "04 xx yy" where xx yy is the result of your sum. Use a normal hex editor for this. Use WinArm if you want to find the code that uses the text.

If you want the addresses for the flash you are using, post the model and flash version (a link would be nice too...), and if anything isn't clear then just ask!

I know I posted something similiar to this a few days ago, but I'm jetlagged, it's nearly 5am and I'm bored :D


George

Thanks! That's exactly what i wanted to know!

:cool:

I only just got round to reading this, bloody nice explanation jeep.

Most of it went way over my head, especially when you started talking about flashes and stuff :D

Cheers

Bob