Hi,
I was wondering if anyone could guide me as to whats involved in writing your own program to read write the Flash and eeprom of a DCT3 phone? I dont want any ready made solution, just point me in the right direction ...

Thanks,
brochar

i think you'd have to know about communication protocols (COM, LPT, FBUS,MBUS), delay times, phone responses, different chips ID's, and a lot of others i do not know about

Thanks mestrini,

I do know the protocols, the information I am looking for is :
-- Is it possible to atleast read the EEPROM using Mbus or FBus on COM port or LPT is required?
--



i think you'd have to know about communication protocols (COM, LPT, FBUS,MBUS), delay times, phone responses, different chips ID's, and a lot of others i do not know about

i think with LPT you get to read and write flash and "all" is needed is to know the boot strap(?) in order to get response from a dead phone (erased chip)

with MBUS/FBUS commands you must have working phone that writes itself to flash and eeprom areas depending on the order given but following routines from the firmware. for example, there's a routine in DCT3 where you can see all the default values for a "virgin" eeprom, i.e, when you give a certain order (don't ask me which) the routine writes those values to eeprom and you get a clean eeprom (like when restoring/repairing IMEI ;) )

cheers

hmmm... Do you know if EEPROMs use I2C bus and I can directly read the EEPROM or I would have to program a PIC to be able to read the EEPROM through it?
I was searching for a schematic diagram for the nokia hardware but havn't come across any.
Thanks for replying to my qs.
--brochar



i think with LPT you get to read and write flash and "all" is needed is to know the boot strap(?) in order to get response from a dead phone (erased chip)

with MBUS/FBUS commands you must have working phone that writes itself to flash and eeprom areas depending on the order given but following routines from the firmware. for example, there's a routine in DCT3 where you can see all the default values for a "virgin" eeprom, i.e, when you give a certain order (don't ask me which) the routine writes those values to eeprom and you get a clean eeprom (like when restoring/repairing IMEI ;) )

cheers

hmmm... Do you know if EEPROMs use I2C bus and I can directly read the EEPROM or I would have to program a PIC to be able to read the EEPROM through it?

Rolis DCT3 tool (MBUS/FBUS) has menu items to read chip via I2C cable but i guess you'd have to connect directly to flash chip. It should work even with phone ON since there is option to read RAM :-)

Hi,

> Is it possible to atleast read the EEPROM using Mbus or FBus on COM port or LPT is required?

Please be more specific what precise eeprom U mean.

We can flash a phone's complete (eeprom) chip contents with socalled flashfiles, like formatting & installing windows on a pc.

Flashing can never be done by mbus/ fbus while the communication itself is one of the running processes of the operating system.

So a phone without a flash, which U have since U are re-flashing it, can never be able to run mbus to have a communication.

In pc terms, U can't format Ur C disk completely when windows os itself runs from it, U have to start with another boot floppy/ cd first.

And that's where flashing and mbus/ fbus communicating differs, flashing is taking over the bootloading (bios), formatting and reinstalling.

While mbus/ fbus is more like dll stuff in Ur windows os, stuff needed after the os was loaded and running.

NokDoc

Ps,

Try PcLocals tool, I believed it had a (read) memory blocks functions to see what's inside Ur phone via mbus/ fbus cable.

NokDoc

My main aim is just read form the EEPROM. I want the whole memory dump to be able to extract any deleted sms? If mbus or fbus commands allow me to do that (get the memory dump) then that will be the route to take.

I checked out the PCLocals, but my impression was that it is useful for 6610/5110, 6130/5130, 6150, 8810. Also this will activate the netmonitor mode and then I will have to run the test in the netmonitor menu. Am I right?

I have a 3310 that I can experiment with. I am not sure I can activate a netmonitor mode on it? My understanding about netmonitor mode was that it is not available on all the phones, only special phones?

Thank you so much for replying,
Regards,
brochar


Hi,

> Is it possible to atleast read the EEPROM using Mbus or FBus on COM port or LPT is required?

Please be more specific what precise eeprom U mean.

We can flash a phone's complete (eeprom) chip contents with socalled flashfiles, like formatting & installing windows on a pc.

Flashing can never be done by mbus/ fbus while the communication itself is one of the running processes of the operating system.

So a phone without a flash, which U have since U are re-flashing it, can never be able to run mbus to have a communication.

In pc terms, U can't format Ur C disk completely when windows os itself runs from it, U have to start with another boot floppy/ cd first.

And that's where flashing and mbus/ fbus communicating differs, flashing is taking over the bootloading (bios), formatting and reinstalling.

While mbus/ fbus is more like dll stuff in Ur windows os, stuff needed after the os was loaded and running.

NokDoc

Hi,

Now it gets really confusing.

I think sms's are stored in sim.

But anyway, tools like gammu are able to read and write them already like U want, via mbus.

And putting on netmonitor in dct 3 is rather simple, many tool can do for U by mbus command.

In dct4 there was a 'roumor' for a long time bout such 'special' file was needed, although that now appeared to be pure for commercial reasonings.

NokDoc

http://www.mwiacek.com/zips/download.html

download gnokki, look in the help files.

there is an mbus command for read eeprom area. you give start address and sie and phone replaies the data. you can also write to specified addrres.

sorry i do not remember these commands, it is a long time since dct3 mbus :)