If anything goes wrong, you can go to Nokia Service Center and tell them your update failed.
They will recover your phone.First of all, download the tools at the bottom of this post.
Use Nokia PC Suite or make a backup using the memory card application. Both methods work.
Next you need to get NokiaSoftware Updater (NSU) from Nokia. It will look if there are updates available for your mobile and will allow you to reinstall your current firmware.
Grab it here hxxp://europe.nokia.com/A4579163 .
Start NSU, click Start, connect your phone to the computer (select ‘PC Suite’ if it asks you) and click Next.
It will recognize your phone and look for updates. Press the checkbox and continue.
NSU will start downloading the firmware files from Nokia’s server and update your phone.
After the process is completed, you will find some firmware files stored in
Most probably the path differs according to each phone model. You should be able to find it though.
You need the .fpsx file. Its about 45MB and its name structure is: <model>_<version>-…<localization>….fpsx
If you have an up-to-date N80, the filename will look like this n80_5.0719.0.2-prd_western_c00_cc.fpsx
Open the file in WinHex or any other hex editor.
Press Ctrl+F, enter AllowUnsigned, select ‘ASCII/Code Page’ in the dropdown box and press OK
The first search result is pretty useless.. just some filenames and random strings.
Press F3 to get to the next one.
Now you see the content of swipolicy.ini in front of you. The blue marked part in the image shows this file.
The content may differ from firmware to firmware but you will see where the text ends and where the encrypted code starts.
Maybe you will not even find this part in your firmware at all….
Now select the content -> rightclick -> Edit -> Copy Block -> Into New File -> Save as content.txt (for example)
Use your favourite text editor (I recommend Notepad++ .. look below) to change the file but remember to keep the filesize!
You will need to remove some lines. So I recommend to take a look on this page which explain you the contents of swipolicy.ini
hxxp://www.symbian.com/developer/techlib/v9.2docs/doc_source/ToolsAndUtilities/Installing-ref/swipolicy.html
Here is an example of a working swipolicy file .. before and after .. both 536 bytes :
MandatePolicies = false
MandateCodeSigningExtension = false
Oid = 1.2.3.4.5.6
Oid = 2.3.4.5.6.7
DRMEnabled = true
DRMIntent = 3
OcspMandatory = false
OcspEnabled = true
AllowGrantUserCapabilities = true
AllowOrphanedOverwrite = true
UserCapabilities = NetworkServices LocalServices ReadUserData WriteUserData UserEnvironment
AllowPackagePropagate = true
SISCompatibleIfNoTargetDevices = false
RunWaitTimeoutSeconds = 600
AllowRunOnInstallUninstall = false
DeletePreinstalledFilesOnUninstall = true
MandatePolicies = false
MandateCodeSigningExtension = false
Oid = 1.2.3.4.5.6
Oid = 2.3.4.5.6.7
OcspMandatory = false
OcspEnabled = true
AllowGrantUserCapabilities = true
AllowOrphanedOverwrite = true
UserCapabilities = AllFiles TCB DRM DiskAdmin NetworkServices LocalServices ReadUserData WriteUserData ReadDeviceData WriteDeviceData UserEnvironment PowerMgmt MultimediaDD TrustedUI ProtServ NetworkControl SwEvent Location SurroundingsDD CommDD
AllowPackagePropagate = true
I highly doubt that you will need all the capabilities listed there, this is only a possible example.
The most interesting should be AllFiles – it enables you to view the hidden system folders. Assumed you’ve got a compatible file browser.
You can also change AllowUnsigned to true. Should be self-explainable.
And Remember to keep the filesize, you can add some spaces in Notepad++ until it fits.
When you are done editing, save it as a new file named as content_new.txt (for example)
Again.. check the filesize to be sure. Move your mouse over the file to see a popup saying 536 bytes (in this case).
Open Apatcher and write a command line according to this form:
…where <content> and <content_new> are the hex values of each text file.
To get the hex values, open the according text file in WinHex, press Ctrl+A and Ctrl+Shift+C.
It should look like this:
Basically, your patch is ready. You can save it for later use if you want, don’t close Apatcher. Now it needs to be applied the firmware file.
Unfortunately NSU will download the firmware files each time you want to flash your phone and transfer them directly without confirmation.
Thats no problem though because you can patch the fpsx file while its finished and the others are downloading.
That will be ~20MB and not much time for people with fast internet connections.
Get NetLimiter (look below) to slowdown NSU if you want.
So.. start NSU, let it download the files and check the folder to see when the fpsx is done.
Quickly switch to Apatcher and press the ‘Apply patch for file’ button 
(remember to switch file type to ‘All files’ afterwards) and select the fpsx file.
When its done, you will see some text at the log window below:
All DONE!
Now you can lean back and watch NSU flash your phone. The process will take ~15-20 minutes and does not require your interaction.
Congratulations! You’re done!
Now you can use ActiveFile (look below) to test your new capabilities or read this tutorial (will follow soon) how to give the AllFiles capability to your favourite file browser.
—————-
Optional Tools:
WinHex
NetLimiter
Source: symbian-mobiles.eu
Author: K3nny
0 Antworten zu „Hacking the NSU…“