I have an iPAQ hx2790 (JPN) with WM5 and I was wondering if someone can point me in the right direction of extracting files from the ROM area. I did some searching and also looked at the WM5 ROM Tools thread, but I tried all these tools in vain. I tried dumping a ROM image from my ppc (using the tool that auto-dumps ROM into storage card) and extracting that but it didn't work (I believe it locked up). I tried dumping the original .nbf ROM upgrade file provided by HP but that didn't work as well. I just need to extract 3 .dll files so if someone can point me in the right direction, I'd greatly appreciate it!
You should decrypt NBF file, then the tools would work.
Currently there is no decryption tool available, you should make it yourself.
I don't remember the encryption used in HP NBF format, but it should be simple, maybe XOR with a constant string, and maybe some garbage added after each block.
Thanks for your reply mamaich, I didn't know HP's NBF was encrypted. Is there source code for a decryption tool someone made for another NBF format already?
Related
Any brave soul try using mkrom in conjucntion with the 2003 ROM? I think I might give it a shot here in a bit but wanted to know if anybody had tried it yet...
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
sheran_g,
i didn't know u could use mkrom with 2003 rom image. can u please post how u did it? i created a special version based on SE 1.1 rom but would like to put the same programs into the new rom. any help is appreciated.
thanks
alex
sheran_g said:
I've managed to build a 2003 ROM. It's extremely tricky though. I'm working on customizing a ROM similar to the XDA Developers SER - as soon as I get some free time
I'd like to acknowledge all the help given to me by Developer Itsme in this endeavor.
Let me know any suggestions you may have for the new ROM.
Click to expand...
Click to collapse
What's tricky about it...?
The modified registry file you make does not get picked up at the device startup. You need to manually inject the memory address of the modified registry file into the ROM in order for it to get picked up.
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
sheran_g,
can u post the steps that u take to buid it? i'm trying right now and its not working. i'm having little problems. can u post ur default.reg and initobj.txt? any other help is apreciated.
thanks
alex
Ok. Here they are in a nutshell:
Get the latest romtools.
Make the following dirs: romfiles, cfg, tmp, out, files, files1, files2
Split the ROM into Bootloader, bootimage, OS image, xipchain into the 'cfg' dir.
Dump the files in the OS image into a 'romfiles' dir.
Get the default registry file, initobj & initdb files into your 'cfg' dir.
Make changes to your default.reg and initobj.txt
Place any files you want loaded in the ROM into the 'files' dir.
Run 'mkrom.sh'
You should then have your new ROM. I'm sorry if it's extremely brief; you'll have to make do with this and the README file in the romtools archive file for now. You'll find my default.reg and initobj.txt files on my site: www.zensay.com/qtek/mkrom
sheran_g,
Have you created a decent working custom WM2003 ROM?
If so what Apps have you added?
How much ROM space does it use?
I've not added any apps to my ROM. I have only added a carrier logo file and made some changes to the registry. So I cannot comment on ROM space yet. The ROM works fine.
sheran_g,
what command did u use to extract rom files? did u do it under windows or unix?
I'm having problems trying to dump the rom image. I don't know if its too much to ask, but can u zip ur directory and post it somewhere so i can download it? or if u can post commands that u ran to dump the 2003 rom?
thanks
alex
Hi,
could you include "O2 home zune" to the 2003 image, like in the 2002 3.19 GER. Its for Germany interested only!
AR :?:
home zone depends on specific 3.19 rilgsm features. which are not in 4.*
okay, used dumprom -4 -d files -q nk.nbf and extracted all files. Got could not find pointer for ofs 00000000 ERROR but all the files seem to be there. Trying to figure this out. Saw the above abreviated directions but am fumbling around. Anyone have concise directions?
Val
Anyone? Just give me a good hint then please.
Hi all!
When i overwrite the rilgsm.dll file in the t-mobile 4.0.10 image with the rilgsm.dll from the O2 GER 3.19 image, i could use the "O2 home zone" option with the hz.exe in Starup directory? rilgsm.dll from german image hes 'at+creg=2' string in it. probably the RIL_GetCellTowerInfo call is now implemented. When it can work, how could i write the german rilgsm.dll to the image? I haven't linux, could somebody cook the image for me?
here is the germen rilgsm.dll and the hz.exe for the "home zone" funktion! http://www.nokiaprog.de/XDA/home_zone.zip
THX
PS: Sorry, my english! ;-)
AR
the homezone enabled rilgsm.dll depends on other dll's and exe's.
probably ril.dll, stk.exe, cell*.dll and maybe more, I have not tried
replacing all.
you don't need to build a new rom in order to experiment with this, you
can just copy the desired files to \windows, to override the rom versions.
And I don't think it works with the RIL_GetCellTowerInfo call,
but adds some notification events.
to change the CREG setting you need to call RIL_DevSpecific with parameter 25 ( to turn it on ) or 26 ( to turn it off )
even though that does not seem to be how hz.exe does it.
Hi,
I opened the image file in the Hex editor and renamed the file there rilgsm.dll. Then I flashed the image, which was phone probably deactivated, because rilgsm.dll was missing. Then I copied over ActiveSync the German rilgsm.dll into the Windows directory, XDA reset and he not accept the file. I assume because the file was not in the EPROM memory! Therefore I wanted to have rilgsm.dll first times in the image!
AR
XDA developer Itsme said:
my latest romtools can be found at romtools
now it calls dumprom to find and fix the filedata offsets.
I think they should now build 2003 roms.
Click to expand...
Click to collapse
Is there any other way i can access this site or I can download this files, the sites are block here in my country, Please Help
Ronnie
I just make the special edition ROM trhought mkrom and I obtain the.nb1 file, but when I flash my xd and make the cold reset, it hangs on the welcome screen, it print the 3 lines in red in the right bottom and after that ..... Nothing....... sniff
Anyone could help me????
I used the .nbf file that comes with the program A of O2.
Thks
that means that the windows kernel, and gsm have initialized.
the system should then proceed to execute the stuff mentioned in registry key HKEY_LOCAL_MACHINE\init.
maybe something went wrong with default.fdf?
I use the default.fdf that comes with the mkrom.zip, I just extract it and copy the nk.nbf file and proceed, I didn´t modify anything.
thks
I try to make another ROM with diferent Default.fdf but it hangs too.
it could be the NK.nbf file???
can you tell me where is a link fot one NK.nbf valid?
I´m going crazy :shock: jeje
thanks
if you use a different source rom, you need to change your default.fdf to
the one from that rom.
thanks for your patience,
I extract the default.fdf from the NK.nbf with dumprom.exe.
and then I use the fdf2reg.pl to create the default.reg and I put this file in the cfg directory, and after that I execute mkrom (sh mkrom.sh NK.nbf)
is that correct???
thanks
I think that the nbf file that I´m using is not a correct verion.
I tried to make a nbf file form jeff´s page but it doesn´t work with the nbf selection.
Do you know where can I find a nbf file that works with mkrom???
i got nbf file of ipaq upgrade and want to dump it to files.
tried to many way i knew, dumprom, rdmsflsh.pl, but they said
imgfs is not found.
HTC64 Extended rom tool also an error to decode,
do anyone have an idea to
@decode to fat file,
@dump it to files
Help please!
Anyone know how I can extract .nbf files? I need to see what is in this nbf file. Refer to this thread if you are curious
http://forum.xda-developers.com/viewtopic.php?p=250201#250201
Use the tools made by Buzz on this page:
http://buzzdev.net/index.php?option=com_content&task=view&id=65&Itemid=1
To see the contents of the nbf (converted to nba using the above method) file, you need to use these tools:
http://wiki.xda-developers.com/index.php?pagename=WM5EditROM
Its rather simple and hardly takes about 5 minutes for the whole thing
Cheers!
Thanx for the fast response. I gave it a go and it dosent seam to work. I get the .nba from the .nbf then when trying to
"prepare_imgfs.exe nk.nba"
I get this
"Searching for IMGFS start... Not found!"
I think that the .nbf is password protected. If anyone more gifted than me can help out with this one I know we will find a way to change the splash screen on all the newer (2.17 an so forth) ROMS.
Thanx again; Lew
then how do you extract NBF file from 8125 instead of NBA file ? Is there a way to do this ?
I would like input on this as well. I think we are missing a password here or something.
universaldoc said:
Use the tools made by Buzz on this page:
http://buzzdev.net/index.php?option=com_content&task=view&id=65&Itemid=1
Click to expand...
Click to collapse
I don't believe this works with (newer?) wizard nbf's.
Is there anyone here that could crack this would be "encryption" on the .nbf in question? I tried encoding my splash backup from aWizard using the project file from the "decoded" nk.nbf from "ruu_forcedalias_splash_245_425.exe" and it was a no go. It said that my storage was the wrong size for this ROM update (or something to the effect of NO). So it looks as if this nk.nbf from "ruu_forcedalias_splash_245_425.exe" is the key to unlocking the ability to change splash screens to custom images.
Later; Lew
u can try the tools in the attachment to extract files from image file.
the typho2 can extract parts from a SD card image, and the typhoonnbftool_04 can extract parts from a NBF file. they work well while do with the 1.x ROM, but I've never experienced it in extracting a 2.x ROM.
any exciting info, pls let me know,
Ok, good news, thanx to BrightMoonHeart I have been able to extract the BMP from the NBF using "typhoonnbftool_04.exe". The bad news is so far I can't seem to add an image (bmp) to the nbf or remove the current image. So this was a great step forward, just need a little help to get r done. I tried "typho2.exe" but I couldn't get it to do anything except give me the same info "typhoonnbftool_04.exe", It says it can extract the ".NBF" to an ".SPL" and that may allow us to edit it but I was not able to get it to convert. Any ideas guys? Always appreciated
Thanx; Lew
Ok I'm even closer now. I am using "typhoonnbfdecode.pl" and I can extract the ".nb" from the ".nbf". I can create custom splash using "nb_image_converter_859_418_826.exe" and make a ".nb" but when trying to put it back to ".nbf" i get this error
Code:
read 00030000 for splash from 92000000-Splash.nb
no sm signature at 0 in Splash
If anyone can help me out with any of this I would really appreciate it. I keep getting held up with all these conversions. I think some out there must know how to do this already, and I'm close but I keep hitting road blocks.
my head hurts; Lew
hi all, i have a .nb0 file which extracted from a wm5 ppc phone ( cant remember the model), and i need some help here to view this nb0 and extract some cab file from there.
This .nb0 consist a lot useful softwares, for example, soundcover (background sound during conversation), answering machine, conversation recorder and it works flawlessly on wm5 ppc phone.
Any expert??? please help.
**ok, I found the phone model, its GIGA, this is the nb0 file, latest update from thier website http://www.higiga.com/HigigaFrontStage/event/download/update/V1.12.80.zip
Hi,
Congratulations on extracting an .nb0 file. There are many methods to do so, depending on the device. Out of curiosity, which method did you use? Assuming that you correctly extracted the .nbo file of the CE image, you can treat it the same as an .nb or .bin file. use "viewimgfs *.nb0". the * of course meaning the name of your nb0 file like MSFLSH50_2.nb0, or what ever. This will give you all the files and what not. You can then use the DSMtool by bepe. This will organize all the files into packages. Then you can use cabwiz or some other program to create a cab installer. Good posts to follow are mamiach, bepe, buzzlightyear, and others, if you didn't already know. The dsmtool is found in bepe's WM5 kitchen. the viewimgfs and other imgfs tools were created by mamiach.
Regards,
Jason
thanks for your reply, i will try to use the tools to see whether i can extract anything out of it...thanks again.
I think i have successfully dump the rom to a dump folder, but i cannot see anything but only some dll files, what else i need to do??? do i need to use some tools to convert all these dll files to view the rom content?? please advise, thanks.