initial commit

README.md

@@ -1,2 +1,4 @@
-MSMUnlock
-=========
+Unlocker for Option GI0225 3G Modems
+====================================
+This script will remove the net-/simlock for Option GI0225 Modems. More information here:
+http://dogber1.blogspot.com/2010/01/unlocker-for-option-gio225.html

bootloader.py

@@ -0,0 +1,83 @@
+#!/usr/bin/env python
+#
+# Copyright 2009: dogbert <[email protected]>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307	USA
+#
+
+import hashlib, os
+
+def sha1sum(filename):
+	return hashlib.sha1(open(filename,'rb').read()).hexdigest()
+
+def checkUnpatchedBootloader(filename):
+	return (sha1sum(filename) in ("cbcef9e634999b6b778a04b45b178fec0ea709c9", "e6a537b16f35bf7e4cc207fb157dc5eef73ab3ee", "a2fd786181c3f75dd88395c0badc01e0acd6e086", "53a69d0e0aa8479366bc2378b67bbdc15b63c42a"))
+
+def checkPatchedBootloader(filename):
+	return (sha1sum(filename) == "4252e74d48fe60d1173ecd898e2d3cdfd2a96c53")
+
+def extractBootloader(inFile, outFile, offset):
+	f = open(inFile, 'rb')
+	f.seek(offset)
+	intelHex = f.read(0x18c97)
+	f.close()
+	data = ''
+	for s in intelHex.splitlines():
+		if s[0] != ':':
+			continue
+		if int(s[1]+s[2],16) < 5:
+			continue
+		for i in range(0, (len(s)-11)/2):
+			data += chr(int(s[i*2+9]+s[i*2+10],16))
+	f = open(outFile, 'wb')
+	f.write(data)
+	f.close()
+	return
+
+def patchBootloader(inFile, outFile, patchFile):
+	inF = open(inFile, 'rb')
+	orig = inF.read()
+	inF.close()
+
+	paF = open(patchFile, 'rb')
+	patch = paF.read()
+	paF.close()
+
+	patchedLoader = orig[0:0x89df] + '\x00' + patch[0x9e0:0x9e0+0x110]
+	patchedLoader += orig[0x89e0+0x110:0x8b14] + '\xe1\x89' + orig[0x8b16:len(orig)]
+
+	outF = open(outFile, 'wb')
+	outF.write(patchedLoader)
+	outF.close()
+
+	return
+
+def getBootloader():
+	if not os.path.exists('msm6280.bin'):
+		if not os.path.exists('Superfire.exe'):
+			return False
+		sum = sha1sum('Superfire.exe')
+
+		if sum == 'd584e3fb5bd786bba7d3bcf3391523d88fd6128e':
+			extractBootloader('Superfire.exe', 'msm6280.bin', 0x9c5cc)
+		elif sum in ('534ecd8f693cd4d9a89c31d00d17885d3abcb26a', '4ecda86f0816f2641fbfa19c00dd0034108b86b7', 'fef058fbcedcbfb3a77f99812c14815d6b3abd83', '68fd7d98360f2ac2c09a30e6b9d2af9eb6b314b9', 'ff79c921fcd360c3674d57bf07c948b4d528897d'):
+			extractBootloader('Superfire.exe', 'msm6280.bin', 0x9c44c)
+		else:
+			return False
+	if not os.path.exists('msm6280-patched.bin'):
+		if not checkUnpatchedBootloader('msm6280.bin'):
+			return False
+		patchBootloader('msm6280.bin', 'msm6280-patched.bin', os.path.join('patch','patch.bin'))
+	return checkPatchedBootloader('msm6280-patched.bin')

crctable.py

@@ -0,0 +1,51 @@
+#!/usr/bin/env python
+#
+# Copyright 2009: dogbert <[email protected]>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+crcTable = (0xF078,0xE1F1,0xD36A,0xC2E3,0xB65C,0xA7D5,0x954E,0x84C7, 
+	    0x7C30,0x6DB9,0x5F22,0x4EAB,0x3A14,0x2B9D,0x1906,0x088F, 
+	    0xE0F9,0xF170,0xC3EB,0xD262,0xA6DD,0xB754,0x85CF,0x9446, 
+	    0x6CB1,0x7D38,0x4FA3,0x5E2A,0x2A95,0x3B1C,0x0987,0x180E, 
+	    0xD17A,0xC0F3,0xF268,0xE3E1,0x975E,0x86D7,0xB44C,0xA5C5, 
+	    0x5D32,0x4CBB,0x7E20,0x6FA9,0x1B16,0x0A9F,0x3804,0x298D, 
+	    0xC1FB,0xD072,0xE2E9,0xF360,0x87DF,0x9656,0xA4CD,0xB544, 
+	    0x4DB3,0x5C3A,0x6EA1,0x7F28,0x0B97,0x1A1E,0x2885,0x390C, 
+	    0xB27C,0xA3F5,0x916E,0x80E7,0xF458,0xE5D1,0xD74A,0xC6C3, 
+	    0x3E34,0x2FBD,0x1D26,0x0CAF,0x7810,0x6999,0x5B02,0x4A8B, 
+	    0xA2FD,0xB374,0x81EF,0x9066,0xE4D9,0xF550,0xC7CB,0xD642, 
+	    0x2EB5,0x3F3C,0x0DA7,0x1C2E,0x6891,0x7918,0x4B83,0x5A0A, 
+	    0x937E,0x82F7,0xB06C,0xA1E5,0xD55A,0xC4D3,0xF648,0xE7C1, 
+	    0x1F36,0x0EBF,0x3C24,0x2DAD,0x5912,0x489B,0x7A00,0x6B89, 
+	    0x83FF,0x9276,0xA0ED,0xB164,0xC5DB,0xD452,0xE6C9,0xF740, 
+	    0x0FB7,0x1E3E,0x2CA5,0x3D2C,0x4993,0x581A,0x6A81,0x7B08, 
+	    0x7470,0x65F9,0x5762,0x46EB,0x3254,0x23DD,0x1146,0x00CF, 
+	    0xF838,0xE9B1,0xDB2A,0xCAA3,0xBE1C,0xAF95,0x9D0E,0x8C87, 
+	    0x64F1,0x7578,0x47E3,0x566A,0x22D5,0x335C,0x01C7,0x104E, 
+	    0xE8B9,0xF930,0xCBAB,0xDA22,0xAE9D,0xBF14,0x8D8F,0x9C06, 
+	    0x5572,0x44FB,0x7660,0x67E9,0x1356,0x02DF,0x3044,0x21CD, 
+	    0xD93A,0xC8B3,0xFA28,0xEBA1,0x9F1E,0x8E97,0xBC0C,0xAD85, 
+	    0x45F3,0x547A,0x66E1,0x7768,0x03D7,0x125E,0x20C5,0x314C, 
+	    0xC9BB,0xD832,0xEAA9,0xFB20,0x8F9F,0x9E16,0xAC8D,0xBD04, 
+	    0x3674,0x27FD,0x1566,0x04EF,0x7050,0x61D9,0x5342,0x42CB, 
+	    0xBA3C,0xABB5,0x992E,0x88A7,0xFC18,0xED91,0xDF0A,0xCE83, 
+	    0x26F5,0x377C,0x05E7,0x146E,0x60D1,0x7158,0x43C3,0x524A, 
+	    0xAABD,0xBB34,0x89AF,0x9826,0xEC99,0xFD10,0xCF8B,0xDE02, 
+	    0x1776,0x06FF,0x3464,0x25ED,0x5152,0x40DB,0x7240,0x63C9, 
+	    0x9B3E,0x8AB7,0xB82C,0xA9A5,0xDD1A,0xCC93,0xFE08,0xEF81, 
+	    0x07F7,0x167E,0x24E5,0x356C,0x41D3,0x505A,0x62C1,0x7348, 
+	    0x8BBF,0x9A36,0xA8AD,0xB924,0xCD9B,0xDC12,0xEE89,0xFF00) 

msm_apply.py

@@ -0,0 +1,82 @@
+#!/usr/bin/env python
+#
+# Copyright 2009: dogbert <[email protected]>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import getopt, sys, os, msm_unlock
+
+def info():
+	print "msm_apply.py v1.6"
+	print "Copyright (c) 2009 dogbert <[email protected]>, http://dogber1.blogspot.com"
+	print "This scripts applies the unlock code of Option 3G modems (Icon 225)."
+	print ""
+
+def usage():
+	print "Options: -a, --appPort=  name of the serial application port (e.g. COM4)"
+	print "		-c, --code=     unlock code"
+	print "Example: msm_apply.py -a COM3 -c 12345678"
+
+def main():
+	info()
+	try:
+		opts, args = getopt.getopt(sys.argv[1:], "hc:a:", ["help", "code=", "diagPort="])
+	except getopt.GetoptError, err:
+		print str(err)
+		usage()
+		sys.exit(2)
+
+	appPort = None
+	code	= ''
+	baud	= 115200
+	Init	= True
+
+	for o, a in opts:
+		if o in ("-c", "--code"):
+			code = int(a)
+		if o in ("-a", "--appPort"):
+			appPort = a
+		elif o in ("-h", "--help"):
+			usage()
+			sys.exit()
+
+	if (os.name == 'nt') and (appPort == None):
+		print "Searching for serial ports..."
+		appPort = msm_unlock.findSerialPorts()[0]
+
+	if appPort == None:
+		print "Failed to find the application port. Please shutdown the device software."
+		sys.exit(-1)
+
+	print "Application serial port: %s" % appPort
+	print ""
+
+	if code == '':
+		print "Please enter the unlock code:"
+		code = int(raw_input())
+
+	print ""
+	print "Unlocking modem..."
+	if msm_unlock.unlockModem(appPort, code):
+		print "Unlock successful."
+	else:
+		print "ERROR: Unlock unsuccessful"
+	print ""
+	print "done."
+	raw_input()
+
+if __name__ == "__main__":
+	main()