Step 1. - Retrieve nv_data.bin file
Check locks… go to phone and enter *#7465625#
use “adb shell” or a terminal emulator to get a terminal prompt and run the following commands
su cat /efs/root/afs/settings/nv_data.bin >> /sdcard/nv_data.bin
Step 2. - Edit nv_data.bin file
mount the internal SD Card on your computer
make a backup copy of the nv_data.bin file on your computer
using your favorite HEX editor open the nv_data.bin on the sdcard
jump to address 0×1469
you should see a string like this
ff ff 01 00 00 00 00
there are 5 different types of locks in 5 different bytes
the FF bytes should be left alone
the next byte is the network subset lock
the next byte is the sp lock
the next byte is the cp lock
the last byte appears to be a data lock.
Change any 0×01 to 0×00 (or 0×00 to 0×01 to lock for warranty)
save and close file
unmount SD Card
Step 3. - Replace nv_data.bin file
I want to say it again so no one misses it MAKE SURE YOU HAVE A BACKUP OF YOUR NV_DATA.BIN FILE BEFORE YOU CONTINUE!!!!!
use “adb shell” or a terminal emulator to get a terminal prompt and run the following commands
su rm /efs/root/afs/settings/nv_data.bin cat /sdcard/nv_data.bin >> /efs/root/afs/settings/nv_data.bin chmod 755 /efs/root/afs/settings/nv_data.bin chown radio.radio /efs/root/afs/settings/nv_data.bin || chown 1001.1001 /efs/root/afs/settings/nv_data.bin reboot
your phone is now unlocked… enjoy
Post by