也许可以破解MC5725的GPS,新发现的固件,供研究
很多MC5725被屏蔽掉了GPS功能,今天在网上找到了一份固件,是sprint 595u(MC5725)的固件,也许可以破解GPS功能,小弟没有MC5725,所以没法试怎么把固件刷进去,固件放在这里了,有需要的兄弟下吧。这个固件如果成功刷进去了,可能会把FRU版本的MC5725变成SPRINT版。希望早日研究出来。如果那位兄弟愿意低价转让一片MC5725给我研究的话,我也愿意的,哈哈。
这个固件版本就是SWI6800_PP.01.00.02。
请看《 [其它] 【原创】T500上MC5725 GPS定位测试》帖子http://www.thinkpad.cn/forum/viewthread.php?tid=846924&highlight=MC5725,里面的MC5725就是这个版本的SWI6800_PP.01.00.02。
这是固件下载地址
新的纯固件地址:http://www.namipan.com/d/AC595u_firmware_sprint.rar/d24262089c1cd92489e4fa01e9d16510b5823ad924912a00
这个是老的固件,里面有刷机工具:http://www.namipan.com/d/CCT_MC5725_00.60.01_03_vzw_do_000.007_001.exe/a4736e16a3f3286be5f183a4a7914c3f58dbe02238003a00
希望结合上面的刷机工具和新的固件,能把固件刷进去。老的刷机包可以用"UniExtract”解开来,里面有几个配置文件"package.ini","FWUpgradeConfigFile.txt",大家可以打开来看看的。 这个是HP EV2210版的MC5725刷机工具,我把这个包解开来了,里面有两个配置文件:
package.ini文件如下:
;
; Package.ini version - Should be less than or equal to CCT version.
;
Version = 6.24
;
;Required
;
; Firmware upgrade method
; 1 - Default.Use MDLoader.If "Firmware Upgrade Method" is not specified,
; this value is assumed.
; 2 - FwDApi DLL method.This method supports EM5625 and MC5720.
; 3 - SWIApi DLL method.This method supports EM5725 and AC595.
;
Firmware Upgrade Method = 3
; For Firmware Upgrade Method = 1, the 4 items below are required for a
; successful firmware download. All Package.ini files will have these items set.
; CCT will fail if they are not present.
;
; Flash Image File Name = c:\Sierra\Packages\Template\flash.bin
; NV Default File Name = c:\Sierra\Packages\Template\mdloader_dflt.nvm
; NV Item File Name = c:\Sierra\Packages\Template\mdloadernv.cfg
; Post NV File Name = c:\Sierra\Packages\Template\post_restore.nvm
; For Firmware Upgrade Method = 2, upgrading boot image is optional,
; as is App Image File Name. See example below.
;
; Boot Image File Name = \emblud.bin
; App Image file Name =\em5625_swi.cwe
Boot Image File Name = \\sandiego\shared\engineering\Software\Release\Modem\SWI6800\swi6800_fp.00.60.01\p2\build\ms\bin\SWI6800_cwe\boot.cwe
App Image file Name = \\sandiego\shared\engineering\Software\Release\Modem\SWI6800\swi6800_fp.00.60.01\p2\build\ms\bin\SWI6800_cwe\appl.cwe
QCOM Loader File Name = \\sandiego\shared\engineering\Software\Release\Modem\SWI6800\swi6800_fp.00.60.01\p2\build\ms\bin\SWI6800_cwe\qcom.cwe
; USB Descriptor image
SWI Image File Name = \\sandiego\shared\engineering\Software\Release\Modem\SWI6800\swi6800_fp.00.60.01\p2\build\ms\bin\SWI6800_cwe\swi_ud_hp_00.cwe
; For Firmware Upgrade Method = 3, upgrading the QCOM image file isoptional, as is the boot image file,
; as is App Image File. See example below.
;
; Boot Image File Name = \boot.cwe
; App Image file Name =\appl.cwe
; QCOM Loader File Name = \qcom.cwe
Serial Loader File Name = \\sandiego\shared\engineering\Software\Release\Modem\SWI6800\swi6800_fp.00.60.01\p2\sierra\tools\emloader.exe
;Optional
;
; Some Package.ini files may not have a PRI, EFS or PRL file(s).
;
; If CCT is told to expressly load a given file, but it is absent from Package.ini, and
; also absent from config.ini, CCT will fail.
;
; PRI File Path= c:\Sierra\Packages\Template\Config_PRI.XLS@@/main/pc5220a/vzw/LATEST
; Common PRI File Path= c:\Sierra\Packages\Template\Common_PRI.XLS@@/main/pc5220a/LATEST
; PRL File Path = c:\Sierra\Packages\Template\PRL.XLS
; DMU File Path= c:\SierraWireless\Bogus\DMU.bin
; ERI File Path= c:\SierraWireless\Bogus\ERI.bin
; DMU Modem Path = \DMU
; ERI Modem Path = \eri
Common PRI File Path= pri_vob\common_pri.xls@@/main/0
PRI File Path= pri_vob\config_pri.pri@@/main/mc5725/mc5725_hp_vzw_do/8
PRL File Path = \\sandiego\shared\engineering\Software\PRLs\Verizon\Commercial PRLs\Commercial PRL EVDO Data Device Only\50853-VZW EV_1x Roaming.prl
DMU File Path= \\sandiego\shared\engineering\Software\DMUs\Verizon\10.key
ERI File Path= \\sandiego\shared\engineering\Software\ERIs\Verizon\vzw_eri_0004\eri_nam1
DMU Modem Path = DMU
ERI Modem Path = swir
;
; PRI Reset is a switch indicating whether to do a PRI Reset at the end of the provisioning process. Can be set to TRUE or FALSE.
;
; PRI Reset = TRUE
;
PRI Reset = FALSE
; Product Type - Allowable Values are:
; Embedded Module
; PC Card
; Product Type = Embedded Module
;
Product Type = Embedded Module
; Load NV Defaults is a switch indicating whether to load the NV Defaults file instead
; of retrieving and restoring the modem's NV Data during firmware upgrades.
; Allowable values are TRUE or FALSE. If missing from Package.ini file, FALSE is assumed.
; Load NV Defaults = FALSE
;
Load NV Defaults = FALSE
; Check Carrier ID is a switch indicating whether to check the Carrier ID.
; Allowable values are TRUE or FALSE. If missing from Package.ini file, TRUE is assumed.
; Check Carrier ID = TRUE
;
Check Carrier ID = TRUE
; Firmware Variant is a switch indicating whether to check the Firmware Variant.
; Allowable values are TRUE or FALSE. If missing from Package.ini file, TRUE is assumed.
; Check Firmware Variant = TRUE
;
Check Firmware Variant = TRUE
; Check PRL Downgrade is a switch indicating whether to check for a PRL downgrade.
; Allowable values are TRUE or FALSE. If missing from Package.ini file, TRUE is assumed.
; Check PRL Downgrade = TRUE
;
Check PRL Downgrade = TRUE
; Backup NV Files to memory within the modem.
; Allowable values are TRUE or FALSE. If missing from Package.ini FALSE is assumed.
; NV Backup = TRUE
NV Backup= FALSE
; Restore NV Files that were previously stored in memory within the modem.
; Allowable values are TRUE or FALSE. If missing from Package.ini TRUE is assumed.
; NV Restore = TRUE
NV Restore = FALSE
; Backup OEM NV Files to memory within the modem.
; Allowable values are TRUE or FALSE. If missing from Package.ini FALSE is assumed.
; OEM NV Backup = TRUE
OEM NV Backup= TRUE
; Field Mode Load QCom Image.
; Allowable values are TRUE or FALSE. If missing from Package.ini FALSE is assumed.
; Field Mode Load QCom Image= FALSE
Field Mode Load QCom Image= TRUE
; Field Mode Load Boot Image.
; Allowable values are TRUE or FALSE. If missing from Package.ini FALSE is assumed.
; Field Mode Load Boot Image= FALSE
Field Mode Load Boot Image= TRUE
; Field Mode DownGrade Firmware.
; Allowable values are TRUE or FALSE. If missing from Package.ini FALSE is assumed.
; Field Mode DownGrade Firmware= FALSE
Field Mode DownGrade Firmware = FALSE
; Update Flat File.
; Allowable values are TRUE or FALSE. If missing from Package.ini TRUE is assumed.
; Update Flat File= TRUE
Update Flat File = TRUE
; Create Flat File from Phone. This is left in for legacy purposes.
; Allowable values are TRUE or FALSE. If missing from Package.ini TRUE is assumed.
; Create Flat File from Phone= TRUE
Create Flat File from Phone = TRUE
; Field Mode No AC Power.
; Allowable values are ADVISE, FORCE, or IGNORE.
; If missing from Package.ini, IGNORE is assumed.
; Create Flat File from Phone= IGNORE
Field Mode No AC Power = ADVISE
; Provisioning enable.This flag has an effect when Firmware Upgrade Method is 2.
; When omitted, the default behavior is FALSE for this flag.To enable
; provisioning with Firmware Upgrade Method 2, include this flag and set to TRUE
Provisioning = TRUE
; Automatic USB Port Selection.This flag has an effect when Firmware Upgrade Method is 2.
; When omitted, the default behavior is FALSE for this flag.To enable Automatic USB Port
; Selection with Firmware Upgrade Method 2, include this flag and set to TRUE
Automatic USB Port Selection = TRUE
; Field Mode PRL Upgrade.This flag determines whether the PRL is loaded in field mode.
; This flag has an effect for Firmware Upgrade Method 1 and 2.When omitted, the default
; behavior is TRUE for this flag.To enable loading the PRL in field mode, set this flag
; to TRUE.
Field Mode PRL Upgrade = FALSE
; Field Mode Simulate Factory Mode.This flag tells CCT to bypass ceratin safeguards while
; in Field mode. This flag has an effect for Firmware Upgrade Method 1 and 2. When omitted,
; the default value is FALSE for this flag. To simulate Factory mode while in field mode,
; set this flag to TRUE.
Field Mode Simulate Factory Mode = FALSE
; Update RF Checksum.This flag tells CCT to update the RF Cal checksum in the modem
; following the firmware upgrade and PRI write.This flag has an effect for Firmware
; Upgrade Method 1 and 2.This flag has meaning in factory and field mode.To enable
; the RF checksum update, set this flag to TRUE.To disable the RF checksum update,
; set this flag to FALSE.When omitted, the default behavior is FALSE.
Update RF Checksum = FALSE
; Update FTS Record.This flag has an effect when Firmware Upgrade Method is 1, 2 or 3.
; When omitted, the default behavior is FALSE for this flag.To enable updating of the
; fts.txt file to append a CCT record, include this flag and set to TRUE.
Update FTS Record = FALSE
; Update EFS with arbitrary files. This is a list rather than a single flag. The format for the list is:
; file<x> = <EFS Directory>, <filename>, <optional rm command>
; where <x> is a positive number, <filename> is the name of the file you wish to copy from the package
; directory on the host to the modem or to delete form the modem, and <optional rm command> is used to
; remove the file from the modem instead of copying it from the host. See the following example.
; file1 = /FTS, track.txt
; file2 = /swir, somefile.bin, rm
; Update First Character of FSN.This flag has an effect when Firmware Upgrade Method is 2.
; When omitted, the default behavior is to not update the First character of the FSN in the modem.
; To enable updating of the first character of the FSN, include this flag and provide the character you
; wish to substitute with. The first character of the FSN will thereafter be the one you provided.
; Update First Character of FSN = R
; Cleanup ERI and DMU Folders. This flag has an effect when Firmware Upgrade Method is 1 or 2.
; When omitted, the default behavior is to delete files in the DMU and ERI folders in the modem's EFS.
; To avoid deleting the DMU and ERI files, set this flag to FALSE.
Cleanup ERI and DMU Folders = FALSE
; Watcher Running check. If in field mode, displays a prompt for the user to close the Sierra Wireless
; Watcher program.
; When omitted, the default value for this flag is FALSE.
Watcher Running Check = FALSE
; Clear FTS History Bits. If in factory mode, optionally clear the history bits of the FTS file.
; The rest of the FTS file is left alone.
; When omitted, the default value for this flag is FALSE.
Clear FTS History Bits = FALSE
; Check PRL Version. Optionally check the PRL file version.
; When omitted, the default value for this flag is TRUE.
Check PRL Version = TRUE
; Packet Size. Optionally set the packet size for modem IO.
; When omitted, the default value for this key is 0.
; When CCT sees a vale for packet size of 0, it uses a packet size of
; 0x800 (2048) for modem IO instead.
Packet Size = 0
; Field Mode OEM NV Backup. This flag was added because of a snafu in the factory. This flag tells CCT
; to backup OEM NV items to a special memory in the modem as if the CCT was being ran in the factory.
; When omitted, the default value for this flag is FALSE.
Field Mode OEM NV Backup = FALSE
; Field Mode ERI Upgrade. This flag was added to support FW Upgrade project. CCT uses this flag when
; executing the Parse command to write the ERIUpdate flag in FWUpgradeConfigFile.txt.
; When omitted, the default value for this flag is FALSE.
Field Mode ERI Upgrade = FALSE
FWUpgradeConfigFile.txt文件如下:
Version = 1.3
PRISKU = 11148
PRIDataVersion = 000.007.001
AppFWVersion = 0.60.01
AppFWUpdate = TRUE
AppFWFile = appl.cwe
MinAppFWVerForFieldUpgrade = 0.54.0
QCBootFWUpdate = TRUE
QCBootFWFile = qcom.cwe
BootFWUpdate = TRUE
BootFWFile = boot.cwe
PRLUpdate = FALSE
PRLFile = 50853-VZW EV_1x Roaming.prl
ERIUpdate = TRUE
ERIFile = eri_nam1
NVUpdate = TRUE
NVUpdateFile = nvup
SWIFWUpdate = TRUE
SWIFWFile = swi_ud_hp_00.cwe
SWOCFWUpdate = FALSE
SWOCFWFile = 等待小白鼠
不过单为了那个鸡肋的GPS,还真的可以等待测试成功后再折腾 sprint MC5725 595U GPS一般都可正常开启.不带595U的sprint MC5725难说,等待试验 值得期待的一个固件。希望有小白鼠。最好连esn也同样搞定了就爽了。^_^ 等我去搞搞。。。 公版的,刷玩不会变HP版吧 失败了,我的是公版的。 LZ能不能把UniExtract解压缩来的东西打个WINRAR包。 Posted by love_wensi on 2009-10-31 22:30 http://www.thinkpad.cn/forum/images/common/back.gif
LZ能不能把UniExtract解压缩来的东西打个WINRAR包。
之前有人试过用这个刷机工具,在刷的过程中把新的固件替换进去,但是刷进去后,GPS还是OFF状态。 关注一下 ,别说我是掘墓的哈 我也来支持一下,正在玩这个…… 不是说掘不掘墓的问题,很多人都在用这个卡,如果能完美解决当然更好,但是现在好像没有人愿意做这个,参照THINKPAD对硬件的认证,应该有非常好的解决办法的,但就是有人知道了也不放出方法。 我有点怀疑
专门网卖的机卡分离就是刷的某个特殊版本的595U固件 Posted by 0ceanpower on 2010-4-30 00:45 http://www.ibmnb.com/images/common/back.gif
我有点怀疑
专门网卖的机卡分离就是刷的某个特殊版本的595U固件
同样怀疑添加了某个硬件,刷了某个固件。! http://software.informer.com/getfree-sierra-wireless-pst-ac595u/
这里有些软件,但不知道怎么用。
[ Edited byhuos on 2010-6-16 00:39 ]
回复 #1 songhu168 的帖子
刚看了一下,可以把机卡分离的NV备份一下刷到写号的里面试试 这个值得研究啊! Posted by surperrover on 2010-6-19 21:00 http://www.ibmnb.com/images/common/back.gif刚看了一下,可以把机卡分离的NV备份一下刷到写号的里面试试
问题说有分离的硬件?怎么备份出来,怎么写进去呢? 机卡分离的截图。
继续传图 谢谢ls传的图片,看看先 hp ev2210 成功使用gps。上图 刷不了!郁闷!
页:
[1]