Hi,

Someone has the DCT2 algo? I have found the pascal code of Zulea, but I think that I have it incompleted. It requires SECRET,GID1, GID2, IMSI.... for the calc.

Does any one have the code? An example of use of that code (I mean all variables filled except IMEI and prov)? Other lenguage apart pascal?


Cheers

those are the values to be entered. gid1 will calc lock2, gid2>lock3, imsi>lock4 and mccmnc>lock1

the secret i think its the value returned.
i am not sure.

if u give me source in c++ i will make it work ;)

Hi,

Here is the code I have found:


Unit NslUnit;

interface

function Calc_SP_Code(SECR_Str,MCCMNC_Str,GID1_Str,GID2_Str
,MSIN_Str,ImeiStr:string;CodeNR:Byte):String;


implementation

Uses General;

function Calc_SP_Code(SECR_Str,MCCMNC_Str,GID1_Str,GID2_Str
,MSIN_Str,ImeiStr:string;CodeNR:Byte):String;

Const
Sl_F0 : Array[0..7] Of Byte = ($00,$00,$00,$00,$00,$00,$00,$00);
S_Sub : Array[0..14] Of Byte = ($17,$2D,$25,$29,$17,$15,$23,$13,
$2B,$19,$20,$16,$29,$1F,$1C);
S_Xor : Array[0..9] Of Byte = ($02,$0B,$07,$04,$01,$19,$11,$09,
$10,$1E);
S_Add : Array[0..9] Of Byte = ($01,$05,$07,$06,$03,$02,$03,$05,
$09,$01);

Var
Summ : Byte;
Imei : Array[0..14] Of Byte;
SL : Array[0..9] Of Byte;
T28 : Array[0..27] Of Byte;
Sl_Temp : Array[0..2] Of Byte;
SP : Array[0..4] Of Byte;
Buff : Array[0..$1A] Of Byte;
Long : Array[0..$10D] Of Byte;
I : Integer;
A : Integer;
O : Integer;
L : Integer;
NSL_Result : Byte;
OutputString : String;
TempString : String[1];
Gid1_1 : Byte;
Gid1_2 : Byte;
Gid2_1 : Byte;
Gid2_2 : Byte;
Sl_F1 : Array[0..1] Of Byte;
Sl_F2 : Array[0..1] Of Byte;
Secr : Byte; {Sim Lock Pad.0C}
IMSI : Array[0..9] Of Byte;
{----}

function Store_SECR(SecrStringStore:String):Boolean;

Var
St : String;
TmpStr : String;
Rsl : Word;
Gf : Boolean;

Begin
St := SecrStringStore;
Gf:=False;
If Length(St)<>2 Then
Gf:=True;
TmpStr:=Copy(St,1,2);
Rsl:=HexToByte(TmpStr);
Secr:=Rsl;
If Gf then Store_SECR := FALSE else Store_SECR := TRUE;
End;

{----}

function Store_MCC_MNC(MCC_MNC_StringStore : String): boolean;

Var
One : String;
Code : Integer;
B : Byte;
Count : Byte;
Point : Byte;
Spf : Boolean;

Begin
Count:=1;
Point:=0;
Spf:=False;
If Length(MCC_MNC_StringStore)<>5 Then Spf:=True;
Repeat
One:=Copy(MCC_MNC_StringStore,Count,1);
Val(One,B,Code);
If Code <> 0 Then Spf:=True;
SP[Point]:=B;
Count:=Count+1;
Point:=Point+1;
Until Spf Or (Point=5);
If Spf Then Store_MCC_MNC := FALSE else Store_MCC_MNC := TRUE;
End;
{----}

function StoreImei(ImeiStringStore: String): Boolean;

Var
One : String;
Code : Integer;
B : Byte;
Count : Byte;
Point : Byte;
Imf : Boolean;

Begin
Count:=1;
Point:=0;
Imf:=False;
If Length(ImeiStringStore)<>15 Then Imf:=True;
Repeat
One:=Copy(ImeiStringStore,Count,1);
Val(One,B,Code);
If Code <> 0 Then Imf:=True;
Imei[Point]:=B+$30;
Count:=Count+1;
Point:=Point+1;
Until Imf Or (Point=15);
If Imf then StoreImei := FALSE else StoreImei := TRUE;
End;
{----}

function Store_GID1(Gid1StringStore:String):Boolean;

Var
St : String;
TmpStr : String;
Rsl : Word;
Gf : Boolean;

Begin
St := Gid1StringStore;
Gf:=False;
If Length(St)<>4 Then
Gf:=True;
TmpStr:=Copy(St,1,2);
Rsl:=HexToByte(TmpStr);
Gid1_1:=Rsl;
TmpStr:=Copy(St,3,2);
Rsl:=HexToByte(TmpStr);
Gid1_2:=Rsl;
If Gf then Store_GID1 := FALSE else Store_GID1 := TRUE;
End;
{----}

function Store_GID2(Gid2StringStore:String):Boolean;

Var
St : String;
TmpStr : String;
Rsl : Word;
Gf : Boolean;

Begin
St := Gid2StringStore;
Gf:=False;
If Length(St)<>4 Then
Gf:=True;
TmpStr:=Copy(St,1,2);
Rsl:=HexToByte(TmpStr);
Gid2_1:=Rsl;
TmpStr:=Copy(St,3,2);
Rsl:=HexToByte(TmpStr);
Gid2_2:=Rsl;
If Gf then Store_GID2 := FALSE else Store_GID2 := TRUE;
End;
{----}

function Store_IMSI(ImsiStringStore:String):Boolean;

Var
St : String;
One : String;
Code : Integer;
B : Byte;
Count : Byte;
Point : Byte;
Isb : Boolean;

Begin
St := ImsiStringStore;
Count:=1;
Point:=0;
Isb:=False;
If Length(St)<>10 Then
Isb:=True;
Repeat
One:=Copy(St,Count,1);
Val(One,B,Code);
If Code <> 0 Then
Isb:=True;
IMSI[Point]:=B;
Count:=Count+1;
Point:=Point+1;
Until Isb Or (Point=10);
If Isb then Store_IMSI := FALSE else Store_IMSI := TRUE;
End;
{----}

Procedure Calc_28;

Const
C_112 : Array[0..$6F] Of Byte = ($17,$2C,$43,$0E,$22,$13,$43,$4D,
$59,$16,$22,$4E,$37,$58,$5C,$0C,
$23,$1D,$4E,$5C,$22,$2D,$15,$44,
$30,$34,$3B,$0D,$4B,$2D,$5A,$12,
$24,$43,$35,$4A,$47,$36,$13,$17,
$53,$24,$13,$1B,$1F,$62,$38,$4D,
$54,$2A,$38,$15,$1D,$0D,$0B,$41,
$22,$47,$1D,$4E,$62,$22,$41,$17,
$26,$30,$2C,$57,$38,$36,$12,$40,
$20,$59,$23,$21,$36,$32,$48,$52,
$62,$3F,$13,$0D,$42,$2E,$18,$2D,
$4E,$20,$0E,$23,$4A,$60,$47,$25,
$30,$39,$3F,$52,$48,$3B,$1A,$26,
$5D,$2D,$2C,$57,$45,$11,$20,$30);
C_1C : Array[0..$1B] Of Byte = ($01,$05,$07,$06,$03,$02,$03,$05,
$09,$01,$00,$02,$05,$06,$02,$08,
$05,$06,$07,$09,$02,$03,$05,$08,
$03,$05,$04,$01);

Var
I : Integer;
A_3 : Array[0..$02] Of Byte;
A_1C : Array[0..$1B] Of Byte;
O : Integer;
Fix : Byte;
Fux : Byte;
NSL_Result : Byte;
C : Integer;
W1 : Word;
W2 : Word;
W3 : Word;

Begin
Fux:=(((Sl_Temp[0] And $F0) + Sl_Temp[1]) Mod $08);
Fix :=Sl_Temp[2] Mod $0E;
O:=Fix + (Fux * $0E);
A_3[0]:=(Sl_Temp[0] And $F0) - C_112[O];

For I:= 1 To 2 Do
Begin
O:=((Fix + I) Mod $0E) + (Fux * $0E);
A_3[I]:=Sl_Temp[I] - C_112[O];
End;

NSL_Result:=0;
C:=0;
Repeat
NSL_Result:= NSL_Result + (A_3[2] Shr C) + (A_3[1] Shr C);
C:=C+2;
Until C>6;
NSL_Result:=NSL_Result And $07;

For I:=0 To $1B Do
Begin
O:=(((NSL_Result+I) Mod $08) * $0E)+((I+Secr) Mod $0E);
A_1C[I]:= (A_3[I Mod $03] + Secr + C_1C[I]) Xor C_112[O];
End;

NSL_Result:=0;
C:=0;
Repeat
NSL_Result:= NSL_Result Xor (A_3[2] Shr C) Xor (A_3[0] Shr C);
C:=C+2;
Until C>6;
NSL_Result:=NSL_Result And $07;

For I:=0 To $1B Do
Begin
O:=(((NSL_Result-I+$1C) Mod $08) * $0E)+((I+Secr) Mod $0E);
W1:=C_112[O] And $00FF;
W2:=A_1C[I] And $00FF;
W3:=(W1 * W2) Mod $0100;
W1:=C_1C[I] And $00FF;
W2:=W3+W1;
T28[I]:=(W2 Mod $0A)+$30;
End;
End;
{----}

Begin

Calc_SP_Code := '';
if (NOT Store_SECR(SECR_Str)) then
begin
Calc_SP_Code := '0000000000';
Exit;
end;
if (NOT Store_MCC_MNC(MCCMNC_Str)) then
begin
Calc_SP_Code := '1111111111';
Exit;
end;
if (NOT StoreImei(ImeiStr)) then
begin
Calc_SP_Code := '2222222222';
Exit;
end;
if (NOT Store_GID1(GID1_Str)) then
begin
Calc_SP_Code := '3333333333';
Exit;
end;
if (NOT Store_GID2(GID2_Str)) then
begin
Calc_SP_Code := '4444444444';
Exit;
end;
if (NOT Store_IMSI(MSIN_Str)) then
begin
Calc_SP_Code := '5555555555';
Exit;
end;

if CodeNR = 4 then
begin
Sl_F0[0]:=9 or (SP[0] Shl 4);
Sl_F0[1]:=SP[1] Or (SP[2] Shl 4);
Sl_F0[2]:=SP[3] Or (SP[4] Shl 4);
Sl_F0[3]:=IMSI[0] Or (IMSI[1] Shl 4);
Sl_F0[4]:=IMSI[2] Or (IMSI[3] Shl 4);
Sl_F0[5]:=IMSI[4] Or (IMSI[5] Shl 4);
Sl_F0[6]:=IMSI[6] Or (IMSI[7] Shl 4);
Sl_F0[7]:=IMSI[8] Or (IMSI[9] Shl 4);
end;

Sl_F1[0]:=Gid1_1;
Sl_F1[1]:=Gid1_2;

Sl_F2[0]:=Gid2_1;
Sl_F2[1]:=Gid2_2;


SL_Temp[0]:=SP[0] Shl 4;
SL_Temp[1]:=SP[1] Or (SP[2] Shl 4);
SL_Temp[2]:=SP[3] Or (Sp[4] Shl 4);

Calc_28;

Summ:=0;
For I:=$08 To $0D Do Summ:= Summ+ Imei[I];

For I:= $00 To $07 Do
Begin
O:=(I+Summ) Mod $0F;
Buff[I]:=Sl_F0[I]-S_Sub[O];
End;

For I:= $08 To $09 Do
Begin
O:=(I+Summ) Mod $0F;
Buff[I]:=Sl_F1[I-$08]-S_Sub[O];
End;

For I:= $0A To $0B Do
Begin
O:=(I+Summ) Mod $0F;
Buff[I]:=Sl_F2[I-$0A]-S_Sub[O];
End;

For I:= $0C To $1A Do
Begin
O:=(I-$0c+Summ) Mod $0F;
Buff[I]:=Imei[I-$0C]-S_Sub[O];
End;

For L:= 0 to $09 Do
Begin
For I:= 0 to $1A Do
Begin
O:=(S_Xor[L]+I) Mod $1B;
Long[L * $1B + I]:= Buff[O] Xor Buff[I];
End;
End;

For L:= 0 to $09 Do
Begin
NSL_Result:=0;
For I:= 0 to $1A Do
Begin
O:=(5*I+L) Mod $1C;
NSL_Result:= NSL_Result + (T28[O] * Long[L * $1B + I]);
End;
SL[L]:=(NSL_Result+S_Add[L]) Mod $0A;
End;
OutputString := '';
for A := 0 to 9 do
begin
Str(Sl[A],TempString);
OutputString := OutputString + TempString;
end;
Calc_SP_Code := OutputString;
End;

End.

As you can see, in this code you need to pass "SECRET" for the calc.
Another thing, if you are trying to calc code1 (MMC-MNC) also do the calc with the GID1, GID2 variables.

I'm trying to convert it to JAVA, I don't know PASCAL but reading it is quite simple to guess what is it doing.

If I would have the code in C... that will be another story. :-P

Anyone?

could anyone compile it with delphi or pascal to compare results?

the question is.. what is SECR??? :-?
it is really needed?
somebody have a valid DCT2 unlock code and IMEI for test?

Hi,

Here you can download this generator for code 1:

http://www.hcmc.netnam.vn/infotech_imgs/mobile/nsl.exe

The codes work, I have tried myself.

This one, will calc the 4 codes. It doesn't run on fast machines (Error 200, I can't try it)

http://www.hcmc.netnam.vn/infotech_imgs/mobile/splnokia.exe


And this one, calcs the security code

http://www.hcmc.netnam.vn/infotech_imgs/mobile/sid.exe

splnokia unpack and Error 200 patched

:)

thanks!

Would you will to reverse the algo? ;)

Yes, I only need a new bottle vodka :D :D :D

cool.
this patched version is better then the one i sent u.

use this :)

splnokia.exe never calculated correct Lock 4 codes

only nk_info from dejan kaljevic displays correct codes

users.net.yu/~dejan

you need m-bus cable and phone like 3110 / 8110

software works only in protected mode in win98

mobtool from cosmictej calculates the same code for lock 4 as for lock 1 if msin is 0000000000 . that is wrong. it must be a completely different code

Hi,

I cant find this error in Mobtool, can you help, because if there is an error, I should rectify it

Somebody can post the IMEI, MCCMNC, MSIN and the correct codes generated by nk_info to verify a thing
thx

:)

Yes i think I may have fixed Mobtool, but can some one post valid codes

Somebody can post the IMEI, MCCMNC, MSIN and the correct codes generated by nk_info to verify a thing
thx

:)

Hello!

Sorry, i wasn´t awake today :-)

/MONO

This thread is about DCT2 :rolleyes:
(the algorithm for DCT3 works perfectly)

:)