Buzzdev.org

Here’s the source code of grab_it tool.
I wrote it sometimes around may/june 2005 for some specific reason.

Maybe someone find this c++ source code useful.

// grab_it.cpp : Defines the entry point for the application.
// by buzz_lightyear
// sometime around may/june 2005
// http://buzzdev.net

#include "stdafx.h"
#include "windows.h"

// in this case, dump will be saved to MiniSD card
#define targetFile L"\Mini-SD\dump.bin"

int		lineHeight=1;		//progress bar height
int		drawPoint=319;
int		BarPosition=0;
int		screenWidth = GetSystemMetrics(SM_CXSCREEN);
HDC		hdc = ::GetDC(NULL);
HPEN	lineProgress,lineBackground,po;	// Pen Progress bar

wchar_t	Buff[1024];		// buffer for Error messages

DWORD	DumpStart=0x00000000;		//start address
DWORD	DumpSize=0x8000000;			//Size
DWORD	Step=0x80000;

extern "C" BOOL VirtualCopy(
  LPVOID lpvDest,
  LPVOID lpvSrc,
  DWORD cbSize,
  DWORD fdwProtect
);

int ShowProgress(int pos){
	MoveToEx(hdc,0,drawPoint,NULL);

	po = (HPEN)SelectObject(hdc,lineBackground);
	LineTo(hdc,pos,drawPoint);

    SelectObject(hdc,lineProgress);
    LineTo(hdc,screenWidth,drawPoint);

	SelectObject(hdc,lineBackground);
    LineTo(hdc,screenWidth,drawPoint);

return 0;
}

int ShowError(wchar_t text[1024]){
	MessageBox(NULL,text,L"ERROR",MB_OK | MB_TOPMOST | MB_SETFOREGROUND);
	return 0;
}

int WINAPI WinMain(	HINSTANCE hInstance,
					HINSTANCE hPrevInstance,
					LPTSTR    lpCmdLine,
					int       nCmdShow)
{/// 1st

	lineProgress = CreatePen(PS_SOLID,lineHeight,RGB(255,0,0)); // Progress bar
	lineBackground = CreatePen(PS_SOLID,lineHeight,RGB(100,100,100)); // Background bar

	HANDLE H=CreateFile(targetFile,GENERIC_WRITE,0,0,CREATE_ALWAYS,FILE_FLAG_WRITE_THROUGH,0);
	if(H==INVALID_HANDLE_VALUE)
	{
		MessageBox(NULL,L"Cannot create file!",L"Error",MB_OK);
		return 1;
	}

	//for( i; i<(DumpStart+DumpSize); i+=Step)
	{
		LPVOID Ptr=VirtualAlloc(
			0,
			512*1024,
			MEM_RESERVE,
			PAGE_READONLY
			);
		if(Ptr==0)
		{
			wsprintf(Buff,L"Cannot allocate %08X",i);
			ShowError(Buff);
			return 1;
		}
		/// update progress bar ///
		BarPosition=((i-DumpStart)/(DumpSize/screenWidth));
		ShowProgress(BarPosition);
		///////////////////////////

		if(!VirtualCopy(Ptr,(void*)(i/256),512*1024,PAGE_EXECUTE_READWRITE|PAGE_PHYSICAL))
		{
			wsprintf(Buff,L"Cannot map %08X",i);
			ShowError(Buff);
			return 1;
		}
		DWORD W=0;
		WriteFile(H,Ptr,512*1024,&W,0);
		if(W!=512*1024)
		{
			wsprintf(Buff,L"Error on WriteFile. Card full?",i);
			ShowError(Buff);
			return 1;
		}
		VirtualFree(Ptr,0,MEM_RELEASE);
	}

	CloseHandle(H);

	MessageBeep(MB_OK);

	DeleteObject(lineBackground);
	DeleteObject(lineProgress);
	return 0;
}

Here are some bootloader commands to dump parts of HTC Universal ROM.

Security level check

Before you can do any dumps off of your device, you must first pass the security check. You need to issue this command before any set of “d2s” commands.

task 32

Typical output looks like this:

USB>task 32
SD:Waiting for card insert.........

CMD3 for SD, it's OK, ready to get RCA from response.

SD:Detected one card

SD:ready for transfer OK

d.total_lba=F1F00
d.block_size=200
d.RCA=80CA
d.drv_type=40000000
d.busWidth=1
Total card size=1E3E0000

Level = FF

If the last line of output is Level=00 you are OK and your device is so called SuperCID device and you are allowed to dump the ROM content.
In case you’ll get Level=FF, you need to make your device SuperCID (see below).

Dump Bootloader

d2s 70000000 80000

OS ROM + splash

d2s 70100000 3FA0000

XtendedROM

d2s 74100000 A00000

Radio ROM

d2s 60000000 a24200

If you want to have them all on single SD card, you must add “sd a” at the end of each command except the first one.

OS ROM + Xtended ROM + Radio

d2s 70100000 3FA0000
d2s 74100000 A00000 sd a
d2s 60000000 a24200 sd a

Which program you use to do this?

We use good old mtty.exe version 1.16
[download#6#size]

Important notice

Never copy & paste commands into mtty.exe. You always have to write it down there.
Use mtty.exe version 1.16, newer versions (1.42) are not working properly.

There are some devices, where the commands above are locked and you always get “Not allow operation” as response.
For these devices you have to use Universal SIM unlocker first, which will also unlock the CID of your device.

Finally, the word from Microsoft is out.
Again, it was Mike Calligaro, who wrote this cool article, why there is no WM5 upgrade for this or that device.
I suggest you to read that one.

From msdn blogs:

Why Can’t I Upgrade?

We released Windows Mobile 5 a few months ago and devices are starting to hit the market now.  A question I’ve seen asked in a number of places is, “Why can’t I upgrade my existing WM 2003 SE devices to WM5?”

The answer is sure to get me a bunch of angry comments from people who abbreviate our name “M$.”  You can choose to see this as spin from a greedy marketing wonk, or you can see it for what it is–an honest attempt from a developer to explain how this stuff works.

Possible vs. Practical
Since 2002, we’ve set our hardware requirements and designed our software to make it possible to upgrade any PocketPC or Smartphone at least once.  And there have been a number of devices that have upgraded from one version to the next.  Also, some of our partners have announced that some of their WM 2003 SE devices will be upgraded to WM5.  But, by and large, the number of devices that will upgrade is pretty small.

The trouble is, while it’s possible to upgrade devices, it’s often not practical to do so.  The reason it’s not practical boils down this:
1) It costs a lot of money to upgrade a device
2) So few people upgrade that it’s hard to amortize this cost

Second things First
I know that it’s frustrating to want to upgrade and hear me say, “But no one upgrades.”  Obviously you want to upgrade.  You wouldn’t be reading this if you didn’t.  And, I’ll bet you know a bunch of people who want to upgrade as well.  Please understand, the companies involved do not say, “Hey, let’s not bother to upgrade the device.  We won’t piss off too many people.”  Everyone wants to upgrade your devices.  There are a number of reasons for this, not the least of which is that we know that providing upgrades makes customers happy.  And, yes, we all like happy customers.

It’s not about figuring out how many people we can get away with annoying.  Upgrades don’t happen due to a much simpler calculation.

(Total cost of doing the upgrade) / (number of people who will use it) = (unreasonable price)

The value of “unreasonable price” varies from situation to situation.  But there have been times where it was higher than the price of a new phone.  Because there have been upgrades in the past, we know how many people do them.  And, even though you know a bunch of people who want to upgrade, it’s still a tiny percentage of the owners of that device.

Show me the Money
So what are all these costs?  The first is the cost of developing and testing all the drivers for a new version of the OS.  While Microsoft writes the bulk of the software on a WM device, a significant amount of it is written by the OEM or ODM who created the hardware.  And the part they do is the most complicated part of the device: the drivers, parts of the kernel, and the radio stack.  On major OS revisions, many of these parts need to be changed, sometimes dramatically.  And, any time they need to be changed, extensive testing needs to be done.

Another cost is associated with phone devices sold through Mobile Operators.  MOs rightfully want to be sure that any device on their network doesn’t interfere with other devices on their network.  To do this, they put every device they plan to sell through a battery of tests that last weeks.  If a significant amount of code on the device changes, it needs to be retested.  And that takes away testing time from another device.  The Mobile Operator needs to make a conscious decision to test an upgrade that few people will use instead of testing a sexy new phone that potentially many more will buy.

Another cost comes from how difficult it is to upgrade these devices.  The steps are complicated, there are changes that users don’t expect, and sometimes it doesn’t work.  All of those situations result in calls to product support, which are really expensive.  Yes, you’re capable of pulling off the upgrade.  But you’re techy enough to be reading an MSDN site.  How do you think your grandmother would fare?

Well, what are you doing about it?
In WM5 we spent a lot of time building an infrastructure for enabling updates that anyone can do.  We’re heading toward a Windows Update sort of experience, where you’re using your phone and it suddenly pops up a box that says something like, “An update is available, would you like to have it installed?”  Then you just need to select “Yes” and it’ll happen for you.  How much OEMs and Mobile Operators make use of this infrastructure is up to them, but it’s there now.  This should solve the “could your grandmother do it?” problem, especially for smaller updates like security fixes.

Of course, to do this, we had to change a ton of stuff, which makes the first two problems even bigger for this release.  No pain, no gain.

We’re doing a few things to make future updates easier for OEMs and Mobile Operators.  First, we’re going to try to do some smaller releases that don’t require changes in OEM code.  If the drivers don’t need to change, then it’s much easier for the OEM to take an update from us and make it work.  The Mobile Operators will still want to test the device, but, hopefully, if the drivers didn’t change, they can have some assurance that the things they worry most about didn’t change either.  That should make their testing easier.

Longer term, we’re looking at ways to design our OS so that even major revisions don’t require significant driver changes.  We don’t know for sure that we’ll be able to pull that off, but it’s a goal we’re striving toward.

No it’s not just “greed”
I’ve seen people complain that upgrades don’t happen because the parties involved are just greedy.  I guess there’s a fine line between “economics” and “greed” but that line does exist.  The economics of the situation are that it often just doesn’t make sense to provide an upgrade.  We’re working on both parts of that equation.  We’re trying to reduce the total upgrade cost, and make upgrading easy enough that more people will make use of it.  Whether this work will result in more upgrades being provided in the future remains to be seen.  But we hope so.

Mike Calligaro
MS Windows Mobile Team

You know… Sometimes there is a situation, when someone needs to grab, fast and invisible, a ROM dump off of a device at some exhibition…
Well i wrote this bad and nasty tool to do the dirty work… )

all you need is a SD card and this tool.

Setup

- rename ‘grab_it_xx.exe’ to ‘autorun.exe’
- create folder ‘2577′ on your (empty) SD/MMC/Mini-SD card
- copy ‘autorun.exe’ to this folder

That’s it for the “setup” )

Usage

Now every time, when you insert this card into PPC it will grab the ROM image and save it into root of the card as ‘dump.bin’.
It will show you a tiny red progress bar at the very bottom of the screen.
Once done, it will beep the default sound.
Message boxes are only shown in case of error.

IMPORTANT NOTE (thanx MDAIIIuser)
YOU MUST NOT put it back into another device after you grabbed the ROM dump!!!
YOU MUST LOCK THE SD CARD FIRST!!!!!
or read the SD with card reader on your desktop PC.
Otherwise, you will rewrite the dump with your own ROM!!!!

This ROM dump file can be then further processed and converted to flashable formats.

it is a real spy tool ))) i mean 007 kind of… )))))

Now there are few new versions.
They are for grabing different amount of ROM.

Please note, that you will need a card which is bigger than the ROM size.
32MB dump -> fits onto 64MB card
64MB dump -> fits onto 128MB card
128MB dump -> fits onto 256MB card

THANX for pieces of mamaich’s code…

Enjoy
buzz

Download

[download#2]
[download#3]
[download#4]
[download#5]

Source code

If you are wondering, how it works, grab_it source code is available as well.