def nand_probe(self, chipset_type, base_address):
data = pack32L(chipset_type) + pack32L(base_address)
result = self._ProtocolRETeam__send_command(
self.Commands.CMD_PROB_NAND, data)
if (len(result) < 8):
raise repr(result)
maker_id = unpack32L(result[:4])
device_id = unpack32L(result[4:])
print "maker id: %08X" % maker_id
print "device id: %08X" % device_id
return (maker_id, device_id)
def mmc_init(self, version=0):
data = self.__send_command(self.Commands.INIT_MMC, pack32L(version))
product_name = data[6:6 + 6][::-1]
block_count = unpack32L(data[16:16 + 4])
block_size = unpack32L(data[20:24])
card_mid = unpack16L(data[14:16])
print "Product Name: ", product_name
print "Manufacturer Id: 0x%X" % card_mid
print "Block Count: 0x%X" % block_count
print "Block Size : 0x%X" % block_size
print "Capacity: : %d(MB)" % ((block_count * block_size) /
(1024 * 1024))
return block_count, block_size
def ping(self, string, shouldPrint=True):
"""
send a string to phone and verify that you receive the same string back
"""
ret = self.__send_command(self.Commands.PING, string)
if shouldPrint:
if string != ret:
print "raw: ", ret.encode("hex")
if len(ret) == 4:
print "bitfield: "
for i in xrange(32):
print i, " : ", not (2**i & unpack32L(ret) == 0)
print "ping returned\n%s\ninsted of\n%s" % (hex(
unpack32L(ret)), string)
return string
else:
print "ping successfull"
return ret
def authenticate(self):
"""
send 32 bit value, get back challange.
send response, get back some value if it's the correct response
"""
challange = unpack32L(
self._ProtocolRETeam__send_command(self.Commands.CHALLENGE_REQ))
print "Authenticate, Received: %X" % challange
resp = gen_response(challange)
return self._ProtocolRETeam__send_command(self.Commands.CHALLENGE_RES,
pack32L(resp))
def extmem_init(self):
extmem_entry_fmt = "<III"
extmem_entry_size = struct.calcsize(extmem_entry_fmt)
reply = self.__send_command(self.Commands.INIT_EXTMEM, "")
count, data = unpack32L(reply[:4]), reply[4:]
memory = []
if (count * extmem_entry_size != len(data)):
raise Exception("Malformed IEXM packet.")
for i in range(count):
memory.append(
struct.unpack(extmem_entry_fmt, data[i:i + extmem_entry_size]))
return memory
def init_alloc(self, addr_start=0, addr_end=0x800000):
tout = self.framer.get_timeout()
self.framer.set_timeout(0.1)
try:
ret = self._ProtocolRETeam__send_command(self.Commands.INIT_ALLOC, \
pack32L(addr_start) + pack32L(addr_end), sleep = 1)
self.framer.set_timeout(tout)
return unpack32L(ret)
except Exception, e:
if "FramerRETeam: got only empty head!" in repr(e):
pass
else:
raise
def change_debug_level(self, wanted_level):
restart_needed = False
print "Changing debug level...",
response = self.send_tfs_command("NvGetInt NV_SI_SYSTEM_DEBUG_STATE")
state = unpack32L(response[4:])
if state != 1:
self.send_tfs_command("NvWriteInt NV_SI_SYSTEM_DEBUG_STATE 1")
restart_needed = True
response = self.send_tfs_command("NvGetInt NV_SI_SYSTEM_DEBUG_LEVEL")
current_level = unpack32L(response[4:])
if current_level != wanted_level:
self.send_tfs_command("NvWriteInt NV_SI_SYSTEM_DEBUG_LEVEL %d" %
(wanted_level))
restart_needed = True
print "Done!"
if restart_needed:
print "Restart needed, Restarting device.. Please wait (Keep it connected)"
self.base_framer.send("AT+RESET\r\n")
return restart_needed
def read_filesystem_file(self, fname=''):
"""
read content of a file that resides on the phone filesystem
send:0x59,0x04,seq[1],name_len[1],sz_name[len]
get: 0x59,0x04,status[1],seq[1],isMore[1],file_size[4],data_len[2],data[len]
if status 0 means OK
status 0x0D means bad filename (probably a dir) so just ignore
status 0x1C end of file list
"""
nullTerm = '\x00'
data = ''
#read 1st block
seq = 0
resp = self.__send_command(
self.Commands.DIAG_FS_OP_F,
chr(self.FS_Operations.READ_FILE) + chr(seq) +
chr(len(fname) + len(nullTerm)) + fname + nullTerm)
status = ord(resp[1])
if (status != self.FS_Status.OK):
return None #error reading file
file_length = unpack32L(resp[4:8])
block_len = unpack16L(resp[8:10])
data += resp[10:10 + block_len]
#read next blocks if needed
isMore = (ord(resp[3]) != 0)
while (isMore): #the MORE field is false, so no more data blocks
seq = self.__next_seq(seq)
resp = self.__send_command(
self.Commands.DIAG_FS_OP_F,
chr(self.FS_Operations.READ_FILE) + chr(seq))
status = ord(resp[1])
if (status != self.FS_Status.OK):
break #error reading rest of the file (but we'll just quit the loop to return what data we got)
isMore = (ord(resp[3]) != 0)
block_len = unpack16L(resp[4:6])
data += resp[6:6 + block_len]
#print 'file',fname,' was read data(',len(data),'): ',repr(data)
return data[:file_length]
data = self._ProtocolRETeam__send_command(
self.Commands.INTERNAL_NAND_INIT, cmd)
except Exception, e:
if "recv error" in repr(e):
raise Exception("Can't find internal! %r" % (e))
self.framer.set_timeout(tout)
values = struct.unpack("<" + "I" * 8, data[:8 * 4])
(device_maker_id, device_id, block_count, block_size, page_size,
total_page_size, device_type, device_name_len) = values
device_name = data[8 * 4:8 * 4 + device_name_len]
client_addr = 0
flash_open = 0
if (len(data) > 8 * 4 + device_name_len):
client_addr = unpack32L(data[8 * 4 + device_name_len:8 * 4 +
device_name_len + 4])
flash_open = unpack32L(data[9 * 4 + device_name_len:9 * 4 +
device_name_len + 4])
print "device name: %s" % device_name
print "device maker id: %08X" % device_maker_id
print "device_id: %08X" % device_id
print "block_count: %08X" % block_count
print "block_size: %08X" % block_size
print "page_size: %08X" % page_size
print "total_page_size: %08X" % total_page_size
print "client_addr: %08X" % client_addr
print "flash_open_addr: %08X" % flash_open
device_str = str(device_type)
if (device_type in nand_type_string.keys()):
device_str = nand_type_string[device_type]
def get_dump_size(self):
size_str = self.get_addresses(0x1EEEFFC, 0x1EEEFFF, 4)
return unpack32L(size_str)
def get_dump_start_address(self):
start_address = self.get_addresses(0x01FFFFFC, 0x01FFFFFF, 12)
return unpack32L(start_address[8:])
def nand_init(self, page_size, spare_size, block_size, block_count, width):
return unpack32L(self.__send_command(self.Commands.INIT_NAND, pack32L(page_size)+pack32L(spare_size) + \
pack32L(block_size) + pack32L(block_count) + pack32L(width) ))
def get_esn(self):
"""
read NVM item number 0, and decode the ESN from there
"""
return unpack32L(self.get_nv_item(0)[2:2 + 4])
def parse_data(data):
header, comp_data = data[:0x17], data[0x17:]
data_len = unpack32L(header[15:15+4])
flag = unpack32L(header[:4])
return flag == 0x100, comp_data