Ljay,
I could write one for you, but that would take me forever. So instead I found one on MO-FI posted by hitesh, but originally written by swordsaint. So here you go!
This is a tutorial for the 8330 curve, but the same principals apply.
Originally posted by swordsaint_ss on old mo-fi.com
I am not changing a single word from old post so read it as it was written by original poster.
ESN Writeup!
UniCDMA 0.98
Winhex Pro
QPST
QXDM
For Blackberry 8330
I advise you have Blackberry Desktop Manager Open first, before you attempt to open, configure and and connect any program that will use the phone.
1 Use UniCDMA - Change the COM PORT it looks for the phone on to the same one Blackberry desktop manager uses in Windows Device Manager
Start Address : 0x10700000
Length : 13500000
You will get a memory read error close to the end, don't worry about that, as the dump up to that point is sufficient to get the ESN addresses.
2. Use WinHex Pro and open the generated bin file from UNICDMA.
Go to Search --> Hex values
Search for the ESN Value in reverse e.g if your ESN is 12 34 56 78 , search for 78 56 34 12.
Write down the address offset that the ESN value is found at, Keep pressing F3 and writing down the Memory Address values until WINHEX prompts that the value cannot be found. You should have found between 11- 14 memory addresses. I found 14.
Be very careful with this part as it is ESSENTIAL to moving on to the other steps of the process.
Using Start Address 0x10700000 Add each ESN Memory Address to get the ACTUAL Address you will search for in QXDM.
Recall you are using HEXADECIMAL Addtion so
0-1-2-3-4-5-6-7-8-9-A-B-C-D-E-F, example: 5+C=17, after 9 goes A=10. B=11, C=12, D=13, E=14, F=15
e.g
0x10700000 +
000148A0 =
0x107148A0
0x10700000 +
0x003A7070 =
0x10AA7070
etc etc.
Install QPST First, then install QXDM.
I advise you have Blackberry Desktop Manager Open first, before you attempt to open, configure and and connect QPST.
Open QPST after INstall and go to ADD PORT if the RIM Virtual serial Port # is not already listed. Add the port # if its not there and then connect the phone.
Once you see that the phone is detected, you can proceed to open QXDM as it depends on QPST being connected to the phone in order to connect and perform any functions on the device.
Go to Communications --> Port.
Choose the Port that the Phone is connected to from Device manager and QPST. Click Connect and you should now see little reading changing in the lower right hand corner of the screen showing that the phone has been detected by QXDM.
In View --> New --> Common, Choose Command Output.
1. input mode offline-d
2. spc "000000" (this is of course specific to verizon, it differs on other networks, consult tnycortes; thread to find this value out)
3. It should read, Result SPC Correct.
4. Hit F4 and Memory Viewer should open.
5. Start with the first ACTUAL address you calculated using the combination of start address and memory address.Input it into the field and press ENTER
6. Verifiy that the location does indeed contain the ESN # in reverse. If the values are all 0 or greyed out you are not at the correct address.
7. Click on the first digit and enter eight (8) consecutive 0's i.e 00000000 . you will see these values turn red. Click WRITE.
8. Repeat steps 5-7 for all the memory addresses.
In View --> New --> Common, Choose NV Browser
1. Under category choose Security. ESN is the first item in the list.
2. Hit read, the ESN should come up as 0x00000000. if it does not, you have not written to all the ESN locations. Click on this ESN field and enter new ESN
3. Click Write. it should say successful. if it does not, then you have not found and rewritten all the ESN Locations in the phone's memory.
4. To confirm go to the command line again and enter RequestNVItemRead esn
5. It should confirm that you have the new esn. If you see two differing ESN's as in DIAG TX 0x00000000
and DIAG RX 0xYOURESN then you have not found and rewritten ALL the ESN locations on the phone.
6. Final step, enter mode reset
7. when the phone reboots confirm via Options --> Status that it is confirmed in the phone's screen. SUCCESS!
NOW i was very happy to have this process done in three days or so since i first started researching it. I could not have done it without lots of help along the way from some vry patient and willing forum members such as tonycortes, miguelito( amended his post) , magicwonder(told me there were more esn locations to be found) and ravjeet( for suggesting the longer byte length for the Unicdma dump)
THANK You ALL!
Now if someone can be so kind as to help me with the A-key issue as i was able to activate the phone with verizon but it is unable to send or receive text messages and calls because Verizon is "unable to authenticate my device'
THANKS AGAIN and i hope you find my post useful. Please say thanks if you do..
Bookmarks