Virgin Mobile USA working data/mms/3g settings discovery thread

[mrdodge]

Any updates with regards to progress? I've also tried to read the AAA using logcat... with Anycut pointing to the DATA, since ##DATA# doesn't work for the Optimus V. I had to use the second one labeled "DATA" as my shortcut, since the first one was a blank screen. But no luck getting anything useful from the logs.

Anyway, please update with progress and I will do same.

Thanks,
md

Since I don't see another way to get the AAA PW, I've gone through the NV Items file I downloaded out of the Optimus V tonight. It was a 300 page long txt file! I looked for 4~30 character strings in the items near the beginnings of the items. I've narrowed it down to 3 pages, and will look for some likely candidates and try them out one at a time. As far as I can tell, the Samsung Intercept according to [Only registered and activated users can see links. ] here on VM uses vmug33k for the HA PW (see post #6). For the AAA, he used a data log (logcat) to recover the AAA PW. I found this didn't work on the Optimus V- or maybe I wasn't doing it correctly- the process is different from the Intercept to the Optimus. I'll update if I get any results.

EDIT
Using past examples, I found that the Intercept on VM used a 12 digit text AAA PW, which would be 24 in hex (2 hex for one text character). I put in vmug33k as a user profile 1 text field in M.IP using QPST in another phone that QXDM can read user profiles on, and it returned a hex of 76 6D 75 67 33 33 6B. It appears to be basic encryption (note the consistency for "3" below), where:
76= v
6D= m
75= u
67= g
33= 3
33= 3
6B= k

Looking at my thinned-down NV ITEM file, there is only one 24 hex entry, and it's item 215 located at 0X00D7. The format is similar to other phones I've seen, it's preceded by a 00 in item 215.

That's my best guess for now. I don't have signal to test it here, but will do so later & update. Apparently the system locks you out for too many incorrect PW attempts, but it's only for 20-30 minutes each time.

UPDATE
QPST wouldn't allow a 24 character entry in M.IP, so I tried a couple of 16 character ones all with the HA of vmug33k. Still no luck. I tried to read the NAM1 A-key in CDMA WS but it didn't find anything.

[NP08]

I ended up giving up on it after not making any progress & sold the phone. I used the Anycut both in range & out of range of 3G, thinking that made a difference, but it didn't. The phone is someone else's problem now.

[atchoufong]

If you own a samsung intercept, the AAA password is in item 466_1. I have found mine, but still can't get 3G. I am probably missing a setting. [Only registered and activated users can see links. ] by alexanderkr1

[idone]

Motorola Triumph won't let you read the nv item that contains aaa_pw. Internet searches turned up zero also so I will post how I got it. Get your spc/msl code Install anycut/bettercut Make a shortcut to the activity>DbgCfgTool and also Select COM Port Mode (com port mode can also be accessed via ##port# from the dialer. In DbgCfgTool go 2-Logger Conf and enable dump system info in 4-Modem Conf "Ram Dump Configurations" change it to Auto Download. save your settings as you go and then go change your com port from mass storage to diag. Reboot your phone(this is mandatory for your DbgCfgTool settings to save their changes) Now I use cdmaworkshop 2.7 that is widely available on the internet to trigger a ram dump. Go to computer management>devices on your windows pc, look under ports to see which port your phone is on enter this port in cdmaworkshop and click connect. Go to security tab and enter your spc then click send. now click scan memory... it will fail, but look at your phone it is dumping ram to your sd card transfer this file to your pc as soon as your phone reboots. Throw it in your favorite hex editor and search for the ha password or your hexadecimal meid... your aaa password will be found multiple times and will appear just as in the picture atchoufong posted. It will ALWAYS be 10 characters long and can consist of uppercase, lowercase, symbols, and numbers. Good luck and have fun guys.

[idone]

Using past examples, I found that the Intercept on VM used a 12 digit text AAA PW, which would be 24 in hex (2 hex for one text character). I put in vmug33k as a user profile 1 text field in M.IP using QPST in another phone that QXDM can read user profiles on, and it returned a hex of 76 6D 75 67 33 33 6B. It appears to be basic encryption (note the consistency for "3" below), where:
76= v
6D= m
75= u
67= g
33= 3
33= 3
6B= k

.

I just wanted to point out so no one gets confused the aaa password will always be 10 characters not 12. vmug33k is still good and current for ha_pw. And lastly that's not any form of encryption those are that hexadecimal representations of those letters XD

[ykman1]

Any clue on how to get the keys from a LG Rumor yet? I've searched everywhere and even made post on various sites and I'm not getting any answers. All I keep seeing is that its impossible to get the keys from a rumor? Anybody have any ideas???