Thread: Dumping the Q's ROM - 5k1ttl3
View Single Post
  #1 (permalink)  
Old 01-03-2009, 03:46 AM
Acetherockr's Avatar
Acetherockr
Lurker
Offline
Location: Omaha, Nebraska
  
Join Date: Dec 2008
Posts: 2
Reputation: 5
Acetherockr is a n00b
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Send a message via Skype™ to Acetherockr
Exclamation Dumping the Q's ROM - 5k1ttl3
Nobody else seems to know how to do it, so I'm going to write a guide. I would've killed for this info a couple weeks back. So. Here goes.


As you may have noticed, there are certain files in your q9c that you simply cannot get your hands on. Most of these files reside in \windows\. And though you can see them, you can't copy them off.

The basic process for retrieving these files is to dump the ROM and then extract usable information from the ROM dump.

You'll need a few tool kits. The first one is XDA ITSUTILS, available here:

http://www.xs4all.nl/~itsme/projects/xda/tools.html

This contains a whole bunch of fun little goodies, but the app we'll be using today is pdocread.

So. Extract itsutils to its own directory. Open a command prompt and change to this directory. I used c:\itsutils\

go ahead and type pdocread and hit enter.

Let me preface this by saying that ITSUTILS works by copying a DLL file to your device to do the heavy lifting. You'll need to allow this when the device asks you.

Pdocread will tell you that it is attempting to update the DLL file on your device. If it succeeds, you'll get a screen full of usage information. If it fails, you'll get an error asking you if your device is locked.

I wasn't able to use the tool until I made the following regedit:

HKLM\Security\Policies\Policies
valuename '00001001' was set to dword:2, change it to dword:1

Have podocread running? Good. Lets proceed.

You'll need to get a listing of the available disk devices.
The command for this is simple:

pdocread -l

Take a screenshot, or copy and paste this information into a text document or something. I printed mine out. It'll help save screen real estate, and it'll help keep your sanity.

My information looks a lot like this:

C:\Users\Jay\Desktop\itsutilsbin-20080313>pdocread -l
63.94M (0x3ff0000) TrueFFS
| 4.12M (0x41fc00) Part00
| 2.56M (0x290000) Part01
| 57.25M (0x3940000) Part02
52.72M (0x34b8000) TrueFFS
| 4.12M (0x41fc00) Part00
| 2.56M (0x290000) Part01
| 57.25M (0x3940000) Part02
1.90G (0x79b00000) DSK1:
| 1.90G (0x79ae1200) Part00

lets start analyzing this. we can see three physical devices. TrueFFS, TrueFFS and DSK1.
You might not have DSK1. DSK1 is my minisd card. that device is irrelevant, we're going to ignore it.

So. Now we get to throw some commands together and work out a ROM dump.

My command looks like this:

pdocread -v -w -d TrueFFS -p Part02 0 0x3940000 Part02.raw

Scary, I know. Chill out though. I'll explain:

The first part, pdocread, is obviously the app we're running.
Then we have the options (-v, -w,)
Then -d, (disk) followed by the disk name TrueFFS
then -p (partition?) followed by the Partition name Part02
then the starting location, 0
then the size of the partition 0x3940000
then the output file that this will create Part02.raw

You'll need to change some of the values, like size and partition name,probably.

Cross your fingers and hit <return>
if everything is correct, you'll see lots of information on the screen.

It's going to churn for a while. Something like 15 minutes, for the file I'm dumping.

When it's done, you'll have a shiny new ROM dump.

Congratulations.

Now you'll probably want to extract something useful from it. Download imgfs tools (imgfs_tools_182.rar)
http://forum.xda-developers.com/showthread.php?t=249836

Extract the files into your working directory. (c:\itsutils\) in my case

Now I'm going to extract my files. This is the fun part.

My commands look like this:

prepare_imgfs.exe Part02.raw -nosplit
-then-
viewimgfs.exe imgfs_raw_data.bin

The second command will run for quite a while. It will create a directory called "dump", containing everything that it could extract.

You can run these commands against every dump you make, just be sure to change the filenames in the appropriate spots first.

Now, in my case, I'm going to navigate to the motgpsapi.dll directory and copy out motgpsapi.dll and send it on to someone who knows what he's doing .

Good luck, Have fun, and if you need any help I'll see if I can answer your questions.

Just Throwing this out there - if someone has a sprint q9c and would like to help out the verizon GPS effort, feel free to dump your rom and send me motgpsapi.dll

Credit Goes To 5k1ttl3. Thanks!
__________________
-AcEtHeRoCkR
This post has been thanked 1 times.