Softbank 007SH Unlock FOUND!

**SuperSZ** · 06-11-2012, 11:38 PM

It's not that I don't have faith in those chinese guys, but the thing is that having the Sim unlock as a very well kept secret or not having it at all is practically the same

**yamanote** · 06-12-2012, 03:35 AM

Or maybe they're trying to keep it a secret so they can sell the unlock to people.

**martindesu** · 06-12-2012, 03:50 AM

Well, some guys in Russia managed SIM unlock, so it is possible for sure.

**SuperSZ** · 06-12-2012, 08:16 AM

Originally Posted by yamanote

Or maybe they're trying to keep it a secret so they can sell the unlock to people.

Then what's their benefit of telling people how to root and uploading the software needed for free? There may be people who are only interested in rooting (and not Sim unlock), and in that case they have the root available for free ... but not the same for us who want the sim unlock

Originally Posted by martindesu

Well, some guys in Russia managed SIM unlock, so it is possible for sure.

you mean kokos and "his friends" ? or somebody else?

**martindesu** · 06-12-2012, 08:54 PM

Originally Posted by SuperSZ

you mean kokos and "his friends" ? or somebody else?

Yeah, I mean kokos. The unlock is there, someone cracked it, someone did it. Is is possible to poke around on an unlocked 007SH to find out what has been done?

**tokyo_dom** · 06-12-2012, 09:00 PM

Thats what the Chinese guys are doing. One of them had both, and was comparing boot images. Apparently the lock isnt in there as the images were identical.

Another clue was discussed was that the unlock was available before permanent root was worked out (and before MIYABI unlock was discovered); hence it is most likely not something in the /System folder.

To be honest i am not sure that having this persistent root will help with the unlock, but who knows...

**SuperSZ** · 06-12-2012, 09:50 PM

Originally Posted by tokyo_dom

Thats what the Chinese guys are doing. One of them had both, and was comparing boot images. Apparently the lock isnt in there as the images were identical.

Another clue was discussed was that the unlock was available before permanent root was worked out (and before MIYABI unlock was discovered); hence it is most likely not something in the /System folder.

To be honest i am not sure that having this persistent root will help with the unlock, but who knows...

Are you still sure that the sim lock is located somewhere in the NAND? If it does, then I think the root it's kinda necessary (how else is anybody gonna unlock the NAND?). Also according to this image:

You said that they didn't find the sim-lock in the "/System". There are other places to continue exploring, right? Any chance that the sim-lock is located somewhere else like "/misc", "/data", or "/boot" ?. You previously mentioned that "/radio" is not a folder, but is it something that can be analized and modified (if sim-lock happens to be there)?

**Stereowind** · 06-13-2012, 11:18 AM

Is there a possibility that sim-lock is something like a hardware chip which will unlock the phone if detached? Could try to see, but I'm really not good at assembling/disassembling things.

**SuperSZ** · 06-13-2012, 05:11 PM

Originally Posted by Stereowind

Is there a possibility that sim-lock is something like a hardware chip which will unlock the phone if detached? Could try to see, but I'm really not good at assembling/disassembling things.

If it happens to be that, then I'm pretty much f*cked because there's no way that I open my phone, and probably no one in my country would know how to open it either (I mean, not just opening but also understanding what's inside)

There was a post with images about a dissasembled 007SH, but I don't think they mentioned such a thing:
http://bbs.blueshow.net/thread-1722673-1-1.html

**tokyo_dom** · 06-13-2012, 07:28 PM

Even if there was - it wouldnt be labelled "SIM LOCK CHIP"

And regardless, the SIM locking does not need to be stored in a chip. Its a single bit of data to say "locked" or not. From my amateur investigations yesterday, it seems the SIM locking is coming from an area that is not in the main Android Operating System. Probably the radio

**SuperSZ** · 06-13-2012, 07:44 PM

Originally Posted by tokyo_dom

Even if there was - it wouldnt be labelled "SIM LOCK CHIP"

And regardless, the SIM locking does not need to be stored in a chip. Its a single bit of data to say "locked" or not. From my amateur investigations yesterday, it seems the SIM locking is coming from an area that is not in the main Android Operating System. Probably the radio

I've never thought that I would hate a single bit of data so much in my life

**SuperSZ** · 06-17-2012, 06:39 PM

I found something in the 2ch forums, not sure what it is: http://chisa.dtdns.net/005sh/

**tokyo_dom** · 06-17-2012, 07:25 PM

Thats the uploader location for 003/005SH root progress files. Dump image/flash image/erase image is what is used to write/backup and clear partitions on the OS, and shmaincamgetroot is the program used to get temporary root to make this all possible.

One interesting point is that they have uploaded the Froyo version of shmaincamgetroot. There has been a few people asking about, and subsequently succeeding in using that to upgrade their Version 2.2 phones to 2.3 using this root kit.

**白い熊** · 06-19-2012, 02:18 AM

Originally Posted by tokyo_dom

[*]Start the original menu program and backup system images (using "menu")

What is the "original menu program"? Is this some recovery boot method as on other Android phones? How do I start it?

**tokyo_dom** · 06-19-2012, 02:51 AM

No i meant the program just called menu.exe, not menu0526.exe Its hard to differentiate the two.... Maybe i should have clarified it like this:

From now on, unless specifically mentioned, "menu" and "original menu" refer to the menu program that is unzipped as "menu".
"menu0526" refers to the newer menu program that unzips to that name.