--------------------------------------------------------------------------- a K-rad Nokia Flasher (aka kNok) --------------------------------------------------------------------------- *************************************************************************** D I S C L A I M E R THIS SOFTWARE AND ALL THE ACCOMPANYING FILES ARE PROVIDED "AS IS" AND WITHOUT ANY WARRANTIES EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANT ABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL I BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THIS PRODUCT. *************************************************************************** --------------------- 1. What is it anyway? --------------------- It's a command line program, so to be able to use the built-in features, you must "command" knok. Let's sum-up the features it supports: - reading flashes on any kind of PC system (let it be AMD/Intel based one) and store them as "raw" or "knok" flash files - writing flashes on any kind of PC system (let it be AMD/Intel based one) from "raw" or "knok" flash files - collecting phone information and dumping it into a log file (information such as start/end address of MCU/PPM/PMM/EEPROM blocks, software version, checksums, language pack) - communicating through the user-given LPT and COM port - beeing able to set the level of information it displays ("debug level") - beeing able to redirect information to "log.txt" - beeing able to update or downgrade the software of your phone - highly configurable --------------- 2. Installation --------------- The package consists of the following files: CONFIG.CFG * MODELS.CFG * Configuration files DEV_LIST.FPS * FLASHID.CFG * KNOK.EXE * KNOK95.EXE * Executables KNOKLIB.DLL * PRINTIO.SYS * Port access drivers file_id.diz * readme.txt * Documentation whatsnew.txt * ----------------------- 2.1 Configuration files ----------------------- ---------------- 2.1.1 CONFIG.CFG ---------------- This files sets the basic parameters for kNok. It has 7 lines in it: loaders -> directory where the bootstraps and the algocodes are config -> directory where the configuration files are models.cfg -> name of the NMP config file dev_list.fps -> name of the flash chips config file flashid.cfg -> name of the file to store the list of detected flashes algocode.cfg -> name of the manual algocode mapping file tia -> what is the extension for the bootstrap and the algo code files 100 -> delay value for serial (COMx) communication The directory is used as follows; If you ran kNok from "f:\knok" it will search the boot and flash loaders under "f:\knok\loaders" ---------------- 2.1.2 MODELS.CFG ---------------- Note that the name of this file can be changed via the 'config.cfg' file. Check 2.1.1. This file has the information about the certain NMPs kNok knows about. The format is the following: NSE-1 5110 DCT3BT2.TIA 61 06 0 1. 2. 3. 4. 5. 6. 1. The name of the NMP (it must be in the same format it is in the phone's memory (i.e. there is no use to change that to '3310' or something like that) 2. The wide-spread name of the mobile 3. The name of the bootloader the NMP uses to communicate (must be in the directory set by 'config.cfg') 4.-5. The delay values the bootloader uses to communicate with the NMP 6. The overruled size of the flash of the NMP. I.e. it is mostly for 7110. Since 7110 has two flash chips on board, but only one of them is detected, the size of the flash has to be "increased". ------------------ 2.1.3 DEV_LIST.FPS ------------------ Note that the name of this file can be changed via the 'config.cfg' file. Check 2.1.1. This file has the information about the certain flash types kNok knows about. The format is the following: 000089A6: Intel 28F008SC-L, ALIAS_ID=89A2 1. 2. 3. or 000122DA: AMD 29LV800T, size 8Mb 1. 2. 3. 1. The 32bit ID of the FLASH 2. The name of the flash IC 3. The size of the flash in megabits or the the "alias" (substitue) ID (ALIAS_ID= must be in front of the ID) ----------------- 2.1.4 FLASHID.CFG ----------------- Note that the name of this file can be changed via the 'config.cfg' file. Check 2.1.1. This file has the information about the algocodes and the supported flash IDs the specific algo code supports. Note that this file is created runtime, so no need to update it manually. 00898892 I28F160.TIA 1. 2. 1. The flash ID 2. The name of algocode file that supports the flash id ------------------ 2.1.5 ALGOCODE.CFG ------------------ Note that the name of this file can be changed via the 'config.cfg' file. Check 2.1.1. This file has the very same layout and holds the very same information as the one found in FLASHID.CFG. Its purpose is when algocode cannot be detected automatically, you might "force" a specific flashid to be used by a specific flashloader. Note that this ONLY happens if the specific flashid is not found aoutmatically. -------------- 2.2 Executable -------------- These are the kNok executable. Nothing more nothing less ----------------- 2.3 Documentation ----------------- ----------------- 2.3.2 file_id.diz ----------------- The short description what is kNok about. ---------------- 2.3.3 readme.txt ---------------- The very file you're reading just now. ------------------ 2.3.4 whatsnew.txt ------------------ The list of changes. ------------------ 3 List of commands ------------------ Generally each and every command has a short and a long version. The subsections will contain both. The usage of knok is as follows: kNok NMP cmd1 arg1a arg1b cmd2 arg2 Which means that you have to specify the NMP (i.e. NSE-1 (or 5110), NPE- 3(or 6210), etc.) and after the commands you wish to run and right after the commands each and every argument the command has. For each and evry command there is the type of the argument that must be specified. There are two kinds of supported arugments: - numerical (N) - string (S) Note that the string arguments (because of the long filenames) must be given between ". (i.e. "nse-1 v05.05.fls") ************************************************************************** Note: to start a command you must start it with a '-' or a '/' or a '\' ************************************************************************** For example to read a raw flash (size of 65536) from a 5110 starting from 0x200000 you should: kNok NSE-1 -rr 0x200000 65536 The headers of the subsections will have the name of the commands and the arguments it needs. The arguments starting with 'N' will mean a number, starting with an 'S' will mean a string. ************************************************************************** Note: 'a' number can practically mean more than one number. You can specify 'a' number in the following way: 1..4,7,9,11..15 Which will be used as if you specified 1,2,3,4,7,9,11,12,13,14,15 To specify a hexadecimal number you must prefix it with '0x' or '0X'. ************************************************************************** Let's see the commands. ------------------------- 3.1 setdebuglevel (sd) N1 ------------------------- Only one argument which can start from 0 to 3. 0 : no debug info to be displayed 1 : low debug infos (mostly errors) 2 : medium debug infos (low infos + some useful information) 3 : high debug infos (all kind of information, can be used to trace the commnucation ------------------------- 3.2 setredirection(sr) N1 ------------------------- The commands sets the type of redirection. If N1 is 0 no redirection is done, if N1 is 1 no logs will be displayed, instead of that logs will be copied to 'log.txt'. If N1 is 2 both 'log.txt' will be created and displaying will be done. --------------- 3.3 noerase(ne) --------------- No arguements are used. It switches off erasing before write to flash. ----------------- 3.4 read(r) N1 N2 ----------------- This command reads from the phone starting from N1 size of N2. The command stores the flash in a form like this: NSE-1 (5110) v05.07.KNK So the first 4 part is the identification of the NMP, the rest is the version of the phone (it's possible that the language pack gets inserted as well in the name). Note that this is stored as a 'knk' file which means that the stored flash begins with a header: 'K' 'N' 'O' 'K' 00 00 20 00 TT TT TT TT CS CS CS CS So it will start with the string 'KNOK' then the 32bit address where it starts, then a type setting (whether it's a full or partial flash) and finally the checksum on the header. This was implemented to avoid 'miswritten' partial flashes. --------------------- 3.5 rawread(rr) N1 N2 --------------------- To support the 'old', 'raw' flash format (that's why it's called raw format - since it only has the bytes from the flash one by one) another command is implemented which behaves the same way the previous one. The only difference is the lack of the header and the extension which is 'fls'. --------------- 3.6 readall(ra) --------------- The command analysis the layout of the phone then it dumps all MCU blocks, all PPM blocks, all PMM and EEPROM blocks (if available) to disk. The format...
zabrzesklep