Advanced Usage - Jdflasher, Flashing/Applying QA/Patching Options

[diezil]

Before you decide to flash or patch any phone its high recommended to make a back up of the GDSF area of the phone, this file is unique to every phone!!! (NOT phone model) and can save your phone if the worst were to happen
Please see here for instructions on how to make a read out of your GDSF General Usage - XS++

FIRST STEPS TO FLASHING:

There are a few things you must check before flashing.
Firstly, what kind of Firmware (Software) do we need??? I will be flashing a K800 with K810 software (killing two birds with one stone shall we say .

(You cannot just flash any phones Firmware into your phone though, as not all SE’s can be converted).
Secondly what CID#/Color does our Firmware need to be??? We can check this by simply connecting to XS++ and reading the phones information like below.

Note: When you connect a DB2020 phone to XS++, if the phone has an EROM CID or 49 or 51 it will ask you if you wish to update the EROM CID to 52, it’s best to say YES and flash with CID52 files, there are 2 reasons why its recommended, firstly, all the latest DB2020 Firmware’s are for CID52 only, the second reason is if you plan on patching the phone, you will need to be CID52.

21:33:04| XS++ v3.1 (Darwin) Ready !
21:33:04| Executed on Microsoft Windows Vista
21:33:17|
21:33:17| Attempting to open the interface...
21:33:17|
21:33:17| TURN OFF PHONE!
21:33:17| Hold 'C' button on phone and connect phone NOW.
21:33:17| You have 30 seconds...
21:33:17|
21:33:22| Baseband ID: 9900
21:33:22| Protocol Version: 3.1
21:33:22| Warning: IMEI name does not match GDFS name (IMEI:K800 GDFS:K810)
21:33:22| ...using IMEI name
21:33:22|
21:33:22| Profiling SEMC phone...
21:33:22| Platform: DB2020
21:33:22| OTP CID: 49
21:33:22| EROM CID: 52
21:33:22| EROM Color: Red
21:33:22| IMEI: 35170801xxxxxx
21:33:22| Phone ID: K800
21:33:22| Region: EUROPE_2
21:33:22| CDA: CDA102568/200 R2A
21:33:22| Firmware Version: R8BA024
21:33:22| EROM: R3A011
21:33:22| Ready for operation!
21:33:24|
21:33:24| Sending db2020_cid01_prodid_p3j.bin...
21:33:25| Applet ID: 070129 0950 NGUCXC1250330_DB2020_PRODUCTIONIDLOADER_P3J
21:33:25| This is a PRODUCTION_ID loader
21:33:25|
21:33:25| Sending db2020_mem_patcher_cid52_r2a006.bin...
21:33:25| Applet ID: 061205 1523 HANCXC9876543210_DB2020_MEM_PATCHER_R2A006 0
21:33:25| This is a MEM_PATCHER loader
21:33:25|
21:33:25| Sending db2020_cid52red_flash_r2a005.bin...
21:33:25| Applet ID: 061201 1314 HANCXC1329129_DB2020_FLASHLOADER_R2A005
21:33:25| This is a FLASH loader
21:33:25| Sendinging shutdown signal to phone...
21:33:25| Done.. You may now connect again...
21:33:25| Shutting down...

See how I’ve highlighted a few lines in my XS++ log file, the orange line where it says my IMEI name does not match the GDSF name, don’t worry about that... the chances are it will say that on a phone that’s just rolled out the factory so don’t pay much attention to it.

The next highlighted line states the OTP CID#, we take absolutely no notice to this one, DON’T let it confuse you...
And the next highlighted line is an important one, the EROM CID#, in my case its 52, my Firmware MUST match that number....

And the last highlighted line is also an important one, EROM Color, in my case the phones certificate color is red (will be red in most cases), my Firmware MUST also match this color...

So now we know that the Firmware we need must be K810 RED52 we need to find our files 3 in total....
We need a Main Firmware File, an FS Firmware File and a Cust Pack to Customize the phone after flashing, I’m going to choose R8BA024 Firmware as its the latest and most moddable K810 Firmware version, I also need to select a Firmware Region, I live in the UK so I will be using a “Europe 2” Firmware set, and the Main Firmware File to match that is a Main Generic, and the Cust Pack I will be using is “CDA102568_11_R8A_GENERIC_EUROPE_2” which is a K810 Generic Europe 2 Cust Pack (This should match your phone’s FS Firmware File that you will be flashing with).......

There is an easy way to determine which firmware region you already have which will help you determine which files you need, this is by tacking note or the selectable languages while writing sms (Please refer to topsony language list for more info), some phones will state the Region in the phones Service Menu (and the current CDA), from the home screen press >*<<*<* then select “Service Info then Software Info”.

So the 3 files I will be flashing with are (Notice where it says RED52 at the end of the two Firmwae Files.... EROM Color = RED..... EROM CID = 52):
Main Firmware: K810_R8BA024_MAIN_GENERIC_SM_RED52.mbn
FS Firmware: K810_R8BA024_FS_EUROPE_2_RED52.fbn
Cust Pack: CDA102568_11_R8A_GENERIC_EUROPE_2.rar

So now I know which Firmware files I will be flashing the phone with let’s get started (backup any important data as it will ALL be lost while flashing).


Flashing with jdflasher.

(we’ll be covering flashing/K800 – K810 conversion and patching in this tutorial).
To set up jdflasher please look here = General Usage - jdflasher or here jdflasher

Start up Far Manager and press Alt+F1 then 4 to stat jdflasher plugin, and you should be presented with this screen.



In the Script section choose your phone model, I’m using DB2020 (K800), in the port section choose your cable type, I’m using DCU-60 (standard USB lead that comes with the phone), in the speed section select the highest available (921600 ).

Now that we have set up jdflasher to be used with our phone press jump down into the large rabbit-hole, you should now see a screen that looks like this.



Connect your phone in the usual way, remove battery, sim card and memory card, insert the battery and press and hold the “C” button down on your phone and connect your USB lead to the phone, you should now see a screen that looks like this.



Because we are just flashing our phone we need to select “oflash” and you’ll come to a screen that looks like this (some phones will be prompted to remove the battery and reconnect to jdflasher (i.e. CID49 DB2010, just follow the on screen instructions given by jdflasher (explained in the General Usage – jdflasher thread)).
(Some phone you can press “bflash” but since we are flashing DB2020, if we do that we’ll end up bypassing security which is not needed (we’ll come to that in the patching section)).



I’ve already browsed to the Firmware files that I’ll be flashing with (see right window), if you haven’t then do so now.
Now move the cursor over your Main firmware file and press F5-copy (or you can use your mouse to drag firmware file over to the left window), now you’ll see a screen like this.
(If you have a DB2020 and plan on applying QAPatch, skip flashing Main as we do that again while applying the QAPatch)



Press copy and you’ll come to a screen like this.



We need to select flash as babe (it should be set as babe by default, but check just incase), then press “yeah flash it” lol mint.
After press flash the flashing process will begin and you’ll see a screen that looks like this.



Once the Main firmware file has finished flashing, repeat the process with the FS firmware file.



Now we have successfully flashed our phone, we need to upload a cust pack (or we will get the “Configuration Error Please Contact Your Service Provider” error message that worrys people so much lol), DO NOT SWITCH THE PHONE ON!!!
Ok you should already have read the General Usage – jdflasher thread (if you haven’t then do so now as it will explain how to upload files to the Internal FS i.e. your Cust Pack).

Connect your phone to jdflasher and browse to dir “/tpa/preset/custom”, this is where we place our Cust Pack, most cust packs come with lots of files named “FM_SOUNDS_HOOK_3.itm” and so on, these to me are useless they are those stupid links to the Sony Ericsson wapsite that we see while browsing our phone (in places like Pictures/Videos/Themes etc), if you do not wish to have those then simply don’t upload then, the only file we are interested in is the “Customize.xml” (and maybe” preloaded_config.xml” this file if present has some preloaded settings like data accounts, mms settings etc.
(Some Network Provider’s now require a unique Pass and Username now like T-Mobile UK, if your network requires these then the preloaded_config.xml file is also useless)
Highlight the Customize.xml file and press F5-Copy (its best to press F5 to copy this file or it has a tendency to copy to doja or drm lol).
Your phone should now look like this.



Now press “..” to move to the root or the Internal FS until jdflasher ask’s you if you would like to shut down CSLoader, select yes (if you are using CID49 DB2010 you will also be asked if you would like to restore firmware, select yes and that will flash rest file for you).
Now the phone is completely flashed and is safe to exit jdflasher and switch on the phone.

If you are converting your K800 to K810 than we also need to upload some K800 Light Effects or our KeyPad won’t light up correctly.
Upload the K800 light effects to “/tpa/preset/system/lighteffect/systemeffects/” (just replace the current light effects with the new ones).



When you first switch your phone after flashing, the phone will initialize and you will see a please wait screen spear, once the loading bar has finished then the phone is ready to use.

This post has been edited by diezil: 2008-04-18 10:33

[diezil]

Applying Quick Access Patch to DB2020.

We first need to set jdflasher up for DB2010 patching, download the needed files, once downloaded and extracted, copy jdflasher folder to the “far/plugins/” directory and press yes to merge files (or copy part1/2/3/4 to “far/plugins/jdflasher/2020_52/” and folder should look like this.
http://justdanpo.host.sk/redirected/jdflasher_2020_52.7z (if you have trouble downloading then use download manager).



Now we need to make our QAPatch, browse to dir “/Far/Plugins/jdflasher/2020_52” and simply drag and drop your Main Firmware file (in .mbn format-babe) onto “qamaker.exe” and the rest will be done for you and a .vkp file will be placed in dir called something like “” depending on your phone model and firmware.



Now that we have our QAPatch we need to start Far Manager press Alt+F1 then 4 to start jdflasher plugin, in the Script section choose DB2020, in the port section choose your cable type, I’m using DCU-60 (standard USB lead that comes with the phone), in the speed section select the highest available (921600 ) now press jump down into the large rabbit-hole, you should now see a screen that looks like this.



Connect your phone in the usual way, remove battery, sim card and memory card, insert the battery and press and hold the “C” button down on your phone and connect your USB lead to the phone, you should now see a screen that looks like this.



Now we need to enter “bflash” NOT “oflash” and you will get a message saying “you MUST flash main after connect, do you want to continue?” and select yes.



Jdflasher will now start bypassing the security, this will be done in 3 parts.
You will eventually get a message saying “unplug cable, reinsert battery and press ok (1/3), follow the instructions and jdflasher.



Jdflasher will now ask you to reconnect and then start the second phase of the bypass.
You will be prompted to disconnect and remove the battery, when you connect again you will get another prompt almost straight away to do the same (phase 3/3), once you reconnect you will then get a message saying “don’t forget to flash MAIN first”.



You will now see a screen like this.



And we do as instructed and flash our Main firmware file (see flashing section for instructions to flash the main firmware file).



Once you have flashed the Main firmware file you are ready to apply the QAPatch (this should always be the first patch applied to DB2020), highlight “quick_access_K810_R8BA024.vkp” and press F5-Copy (or drag and drop patch into the left window) and you’ll get a screen like this.



You will then be prompted with a screen asking how you want to apply patch (as raw which is a big NO!!! NO!!! or as .vkp which is correct), press “yeah, flash it” to apply patch.



Jdflasher will now write patch to phone, if you get warning saying byte mismatch the general rule is DONT PATCH IT!!!



Once applied press “..” to exit jdflasher and you will be prompted “are you sure” select yes unless you plan on applying more patches while you’re in the flash area of your phone.
Now that you have applied the QAPatch you can enter jdflasher using qa2020 script, this is much faster than DB2020 script, and also has options “bflash” and “bfs” which allows you to apply patches like on other phones like DB2010 without needing to do the security bypass again, you will also be able to read files from the Internal FS (make back ups).

Appling/Removing Patches.

start Far Manager press Alt+F1 then 4 to start jdflasher plugin, in the Script section choose you phone model or if you have applied QAPatch then select qa2020 for patching DB2020 (if you haven’t applied QAPatch then do so now), in the port section choose your cable type, I’m using DCU-60 (standard USB lead that comes with the phone), in the speed section select the highest available (921600 ) now press jump down into the large rabbit-hole, you should now see a screen that looks like this.



Connect your phone in the usual way, remove battery, sim card and memory card, insert the battery and press and hold the “C” button down on your phone and connect your USB lead to the phone, you should now see a screen that looks like this.



Now we need to enter “bflash” NOT “oflash” and you’ll have a screen that looks like this
(DB2010 CID49 phones will be asked to disconnect and reconnect as they require rest files and so on, so follow the on screen instructions (and make sure rest file is present although jdflasher comes with most of them present)).



To apply a patch browse to vkp file in right window of Far Manager, highlight .vkp then press F5-Copy (or drag and drop .vkp into left window) and you’ll have a screen that looks like this.



Now press copy and you’ll come to a screen like this.
(if you have applied a patch and want to remove the patch you must mark the box “remove patch”)



Then press “yeah, flash it” to apply the patch.



Once you’ve applied the patch, press “..” to exit jdflasher all done.
(if you get an error saying bytes mismatch my advice is DONT APPLY!!!

This post has been edited by diezil: 2008-04-18 10:24

[FaUZaNeVVa]

Oh... A long tutorials...

[wizzy]

i have a z520 and i cant find a program that can patych it, any help

[eddie2020]

how come when i connect my CID53, i double click OFS then it show this... bad answer 10
http://img206.imageshack.us/my.php?image=27093323gl7.png

This post has been edited by eddie2020: 2008-05-27 16:54

[Reversedhex]

Oh... A long tutorials...

indeed verry long
thats verry kind, share your time this way

[RLP06]

Can we use this to patch unlock?

[WizaJ]

diezil, it's effing brillitant

[melindajanderson...]

How do you take a back up of the GFDS for a CID53 phone? XS++ doesn't support it. I'm a total newbie, so could you please be kind in your explanation?

[WizaJ]

Can't patch CID 53 yet.

[PrettyPistol555]

thanks for the tutorial, i keep getting error. this is my log
________________________________________________________
log started. plugin compiled Jan 3 2008 / 13:54:44
create session object
used script: db2020.xml
turn off the phone, hold "c" button and plug usb cable
found EPIUSB1
connecting...
got response
protocol: 0301 baseband: 9900
cid detect
<- cid=53 color=red platform=db2020
qhldr: 070703 1229 DB2020_SEMC_RECOVERY_P3N.2020_1_BLUE
<- hello: 070703 1229 NPA4_CXC1329130_DB2020_SEMC_RECOVERY_P3N
cmd3c: 080108 1810 DB2020_FLASHLOADER_R2A015.2020_53_RED
<- hello: 080108 1810 ESGCXC1329129_DB2020_FLASHLOADER_R2A015
activateloader
flashID: 897E (Manufacturer: Intel)
<- OTP: status 0 locked 1 cid 51 cert 1 IMEI xxxxxxxxxxxxxx
flashing babe: W580_R8BE001_MAIN_GENERIC_LA_RED53.mbn
error: PutFiles(putfile(putfile_flash(flashbabe(header(send header error 15)))))
_______________________________________________________________________

[PrettyPistol555]

Fixed my own problem. all the links to w580i FS and MAIN files were corrupted, so i bought high integrity files off SE-Users... anyone need USA w580 F/W gimme a PM


actually here is a link to firmware for w580 R8E001 CID53 America MAIN/FS/Custom



edit: fixed link

This post has been edited by PrettyPistol555: 2008-06-19 04:44

[thewok5]

hey can anyone help me please when i wanna flash firmware with jdflasher they give me this error:

 jdf.jpg ( 161.07K ) Number of downloads: 150

[0100931m]

could jdflasher really unlock cid53 phones? and are you guys able to modify?

[vraptor]

I only seem to get :
PutFiles(putfile(putfile_flash(flashbabe(header(send header error 15)))))
when trying to flash the FS?

[mrgambit]

I only seem to get :
PutFiles(putfile(putfile_flash(flashbabe(header(send header error 15)))))
when trying to flash the FS?

you have a corrupted FS... check your fs....

[ace68]

Hey Guys
Im experiencing a similar problem
I have the files from Prettypistol yet i still get an error so im assuming that i dont have the "corrupted file}

It says Timeout
Here's an image of my error




Thanks for the help.

Note* i get it at various points in the process, sometimes i get it at like 17/460 or 49/460
this one 177/460 i think is the farthest I've gone before it crashed

This post has been edited by ace68: 2008-09-02 00:00

[diezil]

@Ace, check your USB flash driver
(make sure you use correct script also)

[zondajag]

@Ace, check your USB flash driver
(make sure you use correct script also)

I'm having trouble flashing my Virgin Mobile Branded SE K770i as well. I got two different versions of the firmware i wanted to flash (CID53 DB2020) and i still keep getting the putfile... error 15 etc error. Is it that this phone has been made unflashable by Virgin or Sony? Its really getting on my nerves, all the other phones i have had have flashed nice an easily compared to this and they were newer at the time (motorolas and samsungs).

xs++ 4.1 doesnt look like it will ever come to windows at the moment and it probably wont be able to help me either.

Been searching Google for a week now looking for solutions but all are only suggested but never oreviously carried out.

BTW how is one to check their usb driver? Also the ofs allows me to delete and overwrite files on the phones filesystem but not download any files from the phone, is this due to a wrong usb flash driver?

[KrX]

ofs means original FS.
you need bfs to download files (break-in FS)

Try downloading again. test6, then test6add1.