Crossflashing Huawei B593s-22 from Sonera to Elisa firmware
My B593s had ancient Sonera branded firmware that has DNS issues when IPv6 is active. At least IPv6 reverse queries stall causing long delays. There's some rumors going that Sonera provides updated firmware over-the-air, but I couldn't trigger update despite trying hard. Might be because I was using Elisa SIM card. Since Elisa does have fairly recent firmware available for download I thought why not use Elisa firmware instead - get IPv6 bug fixed, have correct operator settings as default and also future updates should work without extra hacks.
Start by checking provider code of firwmare currently installed. You can see this by logging in to management. Last two or three digits after letter C in end of firmware version are what we're after. In this case old ID was C07 (Sonera) and new ID I wanted was C260 (Elisa).
Download latest Elisa fw from here: Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
Next reset B593s to factory defaults to avoid mess due incompatibilities between versions. Either by button on side of device or using browser via router management.
Patch firmware using sed or some other tool capable doing search-and-replace on binary files.
sed -i.bak -e's/M00C260/M00C07\x00/g' Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
Notice there's "\x00" after Sonera C07 ID. This is mandatory because ID old firmware is looking for is shorten than new one.
You might want to compare original and patched firmware files before continuing to be sure search didn't do any unwanted changes elsewhere in binary. That's also why I'm matching "M00C260" instead of just "C260" which is short string and could exist outside headers in some firmware versions.
md5sums of original (.bak) and patched firmware are:
c196fdb41ba785f8fdb8842bbd964f68 Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
85d2821e8fda7ca1de483ee9882d8396 Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.bak
Flash new patched firwmare to B593s via web interface. It'll take few minutes be patient. After upgrade is done reset device again to factory defaults to ensure proper operation. If you're having problems logging in open new browser window in incognito mode to rule out potential issues due browser caching old pages and cookies.
New updates from now on must have C260 ID and they can be installed without further hacks.
If you prefer patching image by hand rather than using sed here's list of changes required.
--- Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.bak.hd 2015-07-21 09:45:20.466805858 +0300
+++ Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.hd 2015-07-21 09:45:06.744805866 +0300
@@ -9,7 +9,7 @@
00000080 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
00000090 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
000000a0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-000000b0 32 36 30 00 00 00 00 00 14 9c 00 10 00 00 1c 1e |260.............|
+000000b0 30 37 00 00 00 00 00 00 14 9c 00 10 00 00 1c 1e |07..............|
000000c0 1f 8b 08 00 00 00 00 00 00 0b 2b 08 49 4c ca 49 |..........+.IL.I|
000000d0 f5 48 4d 4c 61 00 81 06 27 7f ff 90 20 7f df f8 |.HMLa...'... ...|
000000e0 30 03 43 3d 03 23 06 06 0f 33 4b 23 03 e7 e0 f8 |0.C=.#...3K#....|
@@ -38,7 +38,7 @@
00000250 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
00000260 31 37 2e 32 34 2e 35 31 00 00 00 00 00 00 00 00 |17.24.51........|
00000270 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-00000280 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+00000280 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
00000290 65 3a 00 10 00 00 07 ed a0 ca 4b 07 27 8b 25 fa |e:........K.'.%.|
000002a0 01 4e f7 f6 46 5a 1f 8b 08 00 00 00 00 00 00 0b |.N..FZ..........|
000002b0 ec bd 7b 7c 5c d5 75 2f be cf 3c a4 91 34 d8 47 |..{|\.u/..<..4.G|
@@ -2053,7 +2053,7 @@
00008040 2e 30 38 2e 31 31 00 00 00 00 00 00 31 37 2e 32 |.08.11......17.2|
00008050 34 2e 35 31 00 00 00 00 00 00 00 00 3a 42 37 31 |4.51........:B71|
00008060 30 43 30 3a 56 32 52 31 42 32 37 30 44 30 35 44 |0C0:V2R1B270D05D|
-00008070 4d 30 30 43 32 36 30 00 00 00 00 00 1c 32 00 10 |M00C260......2..|
+00008070 4d 30 30 43 30 37 00 00 00 00 00 00 1c 32 00 10 |M00C07.......2..|
00008080 00 00 e6 cb 9a 45 cc ab 6a 15 b3 aa 38 ad 26 6a |.....E..j...8.&j|
00008090 19 5e cb 12 dc 26 59 2a 83 74 ec 07 be d5 fa 23 |.^...&Y*.t.....#|
000080a0 8a 1d c4 1f a6 b5 b6 13 9d 11 38 c1 ff 2d 64 d8 |..........8..-d.|
@@ -44046,7 +44046,7 @@
000ac0d0 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
000ac0e0 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
000ac0f0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-000ac100 32 36 30 00 00 00 00 00 30 5e 00 10 00 00 4f 83 |260.....0^....O.|
+000ac100 30 37 00 00 00 00 00 00 30 5e 00 10 00 00 4f 83 |07......0^....O.|
000ac110 c7 f2 1f a3 de 19 68 96 fa 83 7a 4c 1d 83 68 19 |......h...zL..h.|
000ac120 46 07 a0 cb da b1 9d 25 25 5e 12 7f 6a 91 db 04 |F......%%^..j...|
000ac130 84 eb 4f 19 f9 8a af 99 e5 54 13 0e 74 9f 30 af |..O......T..t.0.|
@@ -574184,7 +574184,7 @@
008c2e70 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
008c2e80 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
008c2e90 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-008c2ea0 32 36 30 00 00 00 00 00 3d bc 00 10 00 00 40 d3 |260.....=.....@.|
+008c2ea0 30 37 00 00 00 00 00 00 3d bc 00 10 00 00 40 d3 |07......=.....@.|
008c2eb0 eb 37 12 6e 3e 25 32 f8 36 0b ae bd 58 75 1f 8b |.7.n>%2.6...Xu..|
008c2ec0 08 00 00 00 00 00 00 0b c4 bd 0b 7c 5d 55 99 37 |...........|]U.7|
008c2ed0 bc f6 b9 24 a7 e9 69 bb 73 83 50 22 9c b6 01 02 |...$..i.s.P"....|
@@ -576065,7 +576065,7 @@
008ca400 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
008ca410 31 37 2e 32 34 2e 35 31 00 00 00 00 00 00 00 00 |17.24.51........|
008ca420 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-008ca430 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+008ca430 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
008ca440 b4 0f 00 10 00 00 00 b8 69 05 d4 23 33 06 cc fd |........i..#3...|
008ca450 e5 1f 4a b5 40 62 98 e7 7f c8 27 38 31 76 c9 e7 |..J.@b....'81v..|
008ca460 ce 80 ea 49 7d ff 9e e6 35 82 aa 3d e7 64 c3 a6 |...I}...5..=.d..|
@@ -808701,7 +808701,7 @@
00c56fc0 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 32 |11......17.24.52|
00c56fd0 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
00c56fe0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-00c56ff0 32 36 30 00 00 00 00 00 74 c2 00 10 00 00 d5 5a |260.....t......Z|
+00c56ff0 30 37 00 00 00 00 00 00 74 c2 00 10 00 00 d5 5a |07......t......Z|
00c57000 67 5a 43 a4 14 73 f3 8c 87 ec 72 54 fd 4f c6 4f |gZC..s....rT.O.O|
00c57010 69 d7 84 6b 0d 6d d3 38 b0 b7 a4 75 2a 32 94 0a |i..k.m.8...u*2..|
00c57020 1a f7 2d b7 ff e0 7d 5c e1 cd b5 19 43 bf 0b 00 |..-...}\....C...|
@@ -2212856,7 +2212856,7 @@
021c3f70 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 32 |11......17.24.52|
021c3f80 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
021c3f90 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-021c3fa0 32 36 30 00 00 00 00 00 b8 6e 00 10 00 00 a3 ce |260......n......|
+021c3fa0 30 37 00 00 00 00 00 00 b8 6e 00 10 00 00 a3 ce |07.......n......|
021c3fb0 f8 ee 96 27 23 9c 06 a3 83 7b f5 2c 81 8f ea d5 |...'#....{.,....|
021c3fc0 a1 5e 64 db f9 2c a4 65 86 a2 0b d9 e8 26 9b dd |.^d..,.e.....&..|
021c3fd0 0a e6 39 bd 21 4c 3c 33 5e 6e 12 d3 f9 1b 4f c5 |..9.!L<3^n....O.|
@@ -2458849,7 +2458849,7 @@
02584e00 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
02584e10 31 37 2e 32 34 2e 35 32 00 00 00 00 00 00 00 00 |17.24.52........|
02584e20 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-02584e30 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+02584e30 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
02584e40 2b 2a 00 10 00 00 67 2b e6 f3 cb 71 f9 e5 aa 0d |+*....g+...q....|
02584e50 b8 08 3a 73 31 fc a7 3b 09 1b 7a 69 a9 66 31 5b |..:s1..;..zi.f1[|
02584e60 c4 e1 4f 94 0f 64 e8 e5 35 73 28 9a 7a e9 3b 4c |..O..d..5s(.z.;L|
Start by checking provider code of firwmare currently installed. You can see this by logging in to management. Last two or three digits after letter C in end of firmware version are what we're after. In this case old ID was C07 (Sonera) and new ID I wanted was C260 (Elisa).
Download latest Elisa fw from here: Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
Next reset B593s to factory defaults to avoid mess due incompatibilities between versions. Either by button on side of device or using browser via router management.
Patch firmware using sed or some other tool capable doing search-and-replace on binary files.
sed -i.bak -e's/M00C260/M00C07\x00/g' Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
Notice there's "\x00" after Sonera C07 ID. This is mandatory because ID old firmware is looking for is shorten than new one.
You might want to compare original and patched firmware files before continuing to be sure search didn't do any unwanted changes elsewhere in binary. That's also why I'm matching "M00C260" instead of just "C260" which is short string and could exist outside headers in some firmware versions.
md5sums of original (.bak) and patched firmware are:
c196fdb41ba785f8fdb8842bbd964f68 Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN
85d2821e8fda7ca1de483ee9882d8396 Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.bak
Flash new patched firwmare to B593s via web interface. It'll take few minutes be patient. After upgrade is done reset device again to factory defaults to ensure proper operation. If you're having problems logging in open new browser window in incognito mode to rule out potential issues due browser caching old pages and cookies.
New updates from now on must have C260 ID and they can be installed without further hacks.
If you prefer patching image by hand rather than using sed here's list of changes required.
--- Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.bak.hd 2015-07-21 09:45:20.466805858 +0300
+++ Huawei_B593s_UPDATE_V200R001B270D05DM00C260.BIN.hd 2015-07-21 09:45:06.744805866 +0300
@@ -9,7 +9,7 @@
00000080 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
00000090 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
000000a0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-000000b0 32 36 30 00 00 00 00 00 14 9c 00 10 00 00 1c 1e |260.............|
+000000b0 30 37 00 00 00 00 00 00 14 9c 00 10 00 00 1c 1e |07..............|
000000c0 1f 8b 08 00 00 00 00 00 00 0b 2b 08 49 4c ca 49 |..........+.IL.I|
000000d0 f5 48 4d 4c 61 00 81 06 27 7f ff 90 20 7f df f8 |.HMLa...'... ...|
000000e0 30 03 43 3d 03 23 06 06 0f 33 4b 23 03 e7 e0 f8 |0.C=.#...3K#....|
@@ -38,7 +38,7 @@
00000250 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
00000260 31 37 2e 32 34 2e 35 31 00 00 00 00 00 00 00 00 |17.24.51........|
00000270 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-00000280 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+00000280 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
00000290 65 3a 00 10 00 00 07 ed a0 ca 4b 07 27 8b 25 fa |e:........K.'.%.|
000002a0 01 4e f7 f6 46 5a 1f 8b 08 00 00 00 00 00 00 0b |.N..FZ..........|
000002b0 ec bd 7b 7c 5c d5 75 2f be cf 3c a4 91 34 d8 47 |..{|\.u/..<..4.G|
@@ -2053,7 +2053,7 @@
00008040 2e 30 38 2e 31 31 00 00 00 00 00 00 31 37 2e 32 |.08.11......17.2|
00008050 34 2e 35 31 00 00 00 00 00 00 00 00 3a 42 37 31 |4.51........:B71|
00008060 30 43 30 3a 56 32 52 31 42 32 37 30 44 30 35 44 |0C0:V2R1B270D05D|
-00008070 4d 30 30 43 32 36 30 00 00 00 00 00 1c 32 00 10 |M00C260......2..|
+00008070 4d 30 30 43 30 37 00 00 00 00 00 00 1c 32 00 10 |M00C07.......2..|
00008080 00 00 e6 cb 9a 45 cc ab 6a 15 b3 aa 38 ad 26 6a |.....E..j...8.&j|
00008090 19 5e cb 12 dc 26 59 2a 83 74 ec 07 be d5 fa 23 |.^...&Y*.t.....#|
000080a0 8a 1d c4 1f a6 b5 b6 13 9d 11 38 c1 ff 2d 64 d8 |..........8..-d.|
@@ -44046,7 +44046,7 @@
000ac0d0 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
000ac0e0 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
000ac0f0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-000ac100 32 36 30 00 00 00 00 00 30 5e 00 10 00 00 4f 83 |260.....0^....O.|
+000ac100 30 37 00 00 00 00 00 00 30 5e 00 10 00 00 4f 83 |07......0^....O.|
000ac110 c7 f2 1f a3 de 19 68 96 fa 83 7a 4c 1d 83 68 19 |......h...zL..h.|
000ac120 46 07 a0 cb da b1 9d 25 25 5e 12 7f 6a 91 db 04 |F......%%^..j...|
000ac130 84 eb 4f 19 f9 8a af 99 e5 54 13 0e 74 9f 30 af |..O......T..t.0.|
@@ -574184,7 +574184,7 @@
008c2e70 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 31 |11......17.24.51|
008c2e80 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
008c2e90 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-008c2ea0 32 36 30 00 00 00 00 00 3d bc 00 10 00 00 40 d3 |260.....=.....@.|
+008c2ea0 30 37 00 00 00 00 00 00 3d bc 00 10 00 00 40 d3 |07......=.....@.|
008c2eb0 eb 37 12 6e 3e 25 32 f8 36 0b ae bd 58 75 1f 8b |.7.n>%2.6...Xu..|
008c2ec0 08 00 00 00 00 00 00 0b c4 bd 0b 7c 5d 55 99 37 |...........|]U.7|
008c2ed0 bc f6 b9 24 a7 e9 69 bb 73 83 50 22 9c b6 01 02 |...$..i.s.P"....|
@@ -576065,7 +576065,7 @@
008ca400 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
008ca410 31 37 2e 32 34 2e 35 31 00 00 00 00 00 00 00 00 |17.24.51........|
008ca420 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-008ca430 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+008ca430 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
008ca440 b4 0f 00 10 00 00 00 b8 69 05 d4 23 33 06 cc fd |........i..#3...|
008ca450 e5 1f 4a b5 40 62 98 e7 7f c8 27 38 31 76 c9 e7 |..J.@b....'81v..|
008ca460 ce 80 ea 49 7d ff 9e e6 35 82 aa 3d e7 64 c3 a6 |...I}...5..=.d..|
@@ -808701,7 +808701,7 @@
00c56fc0 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 32 |11......17.24.52|
00c56fd0 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
00c56fe0 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-00c56ff0 32 36 30 00 00 00 00 00 74 c2 00 10 00 00 d5 5a |260.....t......Z|
+00c56ff0 30 37 00 00 00 00 00 00 74 c2 00 10 00 00 d5 5a |07......t......Z|
00c57000 67 5a 43 a4 14 73 f3 8c 87 ec 72 54 fd 4f c6 4f |gZC..s....rT.O.O|
00c57010 69 d7 84 6b 0d 6d d3 38 b0 b7 a4 75 2a 32 94 0a |i..k.m.8...u*2..|
00c57020 1a f7 2d b7 ff e0 7d 5c e1 cd b5 19 43 bf 0b 00 |..-...}\....C...|
@@ -2212856,7 +2212856,7 @@
021c3f70 31 31 00 00 00 00 00 00 31 37 2e 32 34 2e 35 32 |11......17.24.52|
021c3f80 00 00 00 00 00 00 00 00 3a 42 37 31 30 43 30 3a |........:B710C0:|
021c3f90 56 32 52 31 42 32 37 30 44 30 35 44 4d 30 30 43 |V2R1B270D05DM00C|
-021c3fa0 32 36 30 00 00 00 00 00 b8 6e 00 10 00 00 a3 ce |260......n......|
+021c3fa0 30 37 00 00 00 00 00 00 b8 6e 00 10 00 00 a3 ce |07.......n......|
021c3fb0 f8 ee 96 27 23 9c 06 a3 83 7b f5 2c 81 8f ea d5 |...'#....{.,....|
021c3fc0 a1 5e 64 db f9 2c a4 65 86 a2 0b d9 e8 26 9b dd |.^d..,.e.....&..|
021c3fd0 0a e6 39 bd 21 4c 3c 33 5e 6e 12 d3 f9 1b 4f c5 |..9.!L<3^n....O.|
@@ -2458849,7 +2458849,7 @@
02584e00 32 30 31 34 2e 30 38 2e 31 31 00 00 00 00 00 00 |2014.08.11......|
02584e10 31 37 2e 32 34 2e 35 32 00 00 00 00 00 00 00 00 |17.24.52........|
02584e20 3a 42 37 31 30 43 30 3a 56 32 52 31 42 32 37 30 |:B710C0:V2R1B270|
-02584e30 44 30 35 44 4d 30 30 43 32 36 30 00 00 00 00 00 |D05DM00C260.....|
+02584e30 44 30 35 44 4d 30 30 43 30 37 00 00 00 00 00 00 |D05DM00C07......|
02584e40 2b 2a 00 10 00 00 67 2b e6 f3 cb 71 f9 e5 aa 0d |+*....g+...q....|
02584e50 b8 08 3a 73 31 fc a7 3b 09 1b 7a 69 a9 66 31 5b |..:s1..;..zi.f1[|
02584e60 c4 e1 4f 94 0f 64 e8 e5 35 73 28 9a 7a e9 3b 4c |..O..d..5s(.z.;L|
I have T-Mobile E5186. Here is the newest firmware for this model:
ReplyDeletehttp://update2.hicloud.com:8180/TDS/data/files/p9/s115/G345/g0/v27120/f1/full/BV7R2C0update_21.306.01.00.55.gz.bin
I tried to use FMK for unpacking, but it didn't work quite well. I was able to extract squashfs-root folder with Binwalk. Now I need some hints to enable Telnet/SSH and root access to this router. Also how to repack firmware as FMK didn't work?
I would appreciate if you could take a look to this firmware.
Thanks
There is a e5186 file system extraction here: http://vve.su/vvesu/files/misc/V7R2/E5186fs.tgz
Deleteinspired by this post, you could:
1- get this file https://docs.google.com/file/d/0B-YZOMmVIvQKVU4xWFMwSkM4OFE/edit (Firmware 21.302.01.00.00 for E5186)
2- apply a command like "sed -i.bak -e's/302.01.00.00/307.01.00.55/g' BV7R2C0update_21.302.01.00.00.gz.bin" to make a fake 21.307.01.00.55 version
3- try to local update with the new file
It is your risk as you could brick your device. Tell us if you try and the results !!
No it doesn't work. There must be more checks for the firmware than just firmware version line.
DeleteHi
ReplyDeletehow to modify Firmware using hex editor step by step , Please
Thanks in advance
Hi
ReplyDeleteActually I have B593s-22 with firmware V200R001B180D20SP05C07
And want to flash it with firmware V200R001B270D10SP00C00
which is not possible without hacking . so may you help me hacking this firmware using hex editor in easy steps because I am not a professional .
Thanks Alot
I assume that you use Windows...
DeleteOpen firmware V200R001B270D10SP00C00 with HEX editor. For example Notepad++ and download HEX-plugin.
Find text (CTRL+F)
Find: M00C00
Replace: M00C07
Replace all.
Find TEXT or Unicode string, otherwise it wont work!
Afterwards make sure that the file is same size as original.
Thanks A lot It works
Delete"Find: M00C00
DeleteReplace: M00C07"
Do you mean "Find: P00C00 Replace: M00C07" Or "Find: P00C00 Replace:P00C07" ?
/Jarmo
Find: P00C00 Replace:P00C07
Deleteguys help me i cant downgrade or update my modem
ReplyDeletethe firmware isV200R001B270D15SP07C158 i tried other firmware like V200R001B270D15SP05C158 and etc.. but no look
i need to change that firmware because the isp that flash the modem disabled tha admin ,, user only
i cant change the apn and etc.. via web.
lease help me im willing to pay
i already tried the hex editor but no luck... help me please..
what modem you have.. just contact me on my gmail elumbajulito@gmail.com
Deletesame problem here V200R001B270D15SP07C158 is blocking other firmware when you update it stop and blinks on signal 4.. how can we update the modem, help us, we cant unlock the modem, and edit the apn.. bacause the admin is not accessible,. please help us
ReplyDeletehuawei b395s-931.. please help us...thanks
Hello Mr asiantuntijakaveri.
ReplyDeleteI have Huawei B593s-931 November firmware. It has no admin access and no text messaging features. Also you cannot configure APN.
Its not possible to upgrade or downgrade the firmware using multicast tool, since it has watchdog.
[crypto/0]
/sbin/fwwatcher/ -b -d -mnt/frimware/fw
http://www.symbianize.com/attachment.php?attachmentid=1016138&d=1426659535
Please I need your expertise on how to upgrade or downgrade the firmware.
Thank you
what programm are you using im tring multicast but it dosent seem do to anything only sending and sending and how long it normalie takes
ReplyDeleteHuawei E5186s-22a, Sim lock removed ISP LOCKED APN AND PROVIDER how to change.
ReplyDeleteHi all modem hackers!
ReplyDeleteThank you for your detailed upgrade instructions on the B593s-22!
Tried this on a Sweden Tele2 branded B593s-22, the HEX editor hack worked so far as the modem accepted the firmware.
The first instance was changed to "V2R1B270D05DM00C56.......œ......" , the "C56." is the code for Tele2.
But still got stuck during the update, with the antenna segment number 4 flashing.
And, the log in the modem just stated that the upgrade failed.
If I find out how to get this working, I´ll let you know!
Thanks!
Jarmo
PS
ReplyDeleteMy modem seems to be unlocked - tried with another operators SIM, no problem.
And, admin access seems to work OK.
/Jarmo
Hmmm, not giving up on this one - until I brick it, or something good happens!
ReplyDeleteGot -> V200R001B270D25SP02C56
Tried-> B710C0UPDATE_V200R001B270D10SP00C00 and Huawei_B593s_UPDATE_V200R001B270D05DM00C260 as found here - no luck - yet. /Jarmo
Hello Jarmo, I have the same problem. Did you find any solution?
DeleteHi all,
ReplyDeleteI have recently upgraded my B593s-22 firmware, and it does successfully but I can't add any APN or change any thing in the setting because its always seems to get into "Equipment Mode" on every boot up. Many core features (WLAN, DHCP, etc) are not working. I tried to do a hardware rest but it doesn't work too. Any idea how to switch back to "Normal Mode"?
Thanks
Some problem ! please if you find solution tell me !
Deleteif your modem always equipment mode i can help you...greeting from philippines
Deletei can help you sir the tricks in in the command via cmd
DeleteHey, I have dna firmware, so does anyone know how to replace dna's firmware with elisa ? And if someone can help me doing this hack step by step that would be great.
ReplyDeleteDear, I have b593s-22 firmware V200R001B180D20SP00C1134, and the last is C1134 which is 4 digits, how to change it? please kindly help. email: pku540@hotmail.com
ReplyDeleteThanks in advance.
Hallo,
ReplyDeletevery fine, thank you!
But does this also work in the other direction? C00 (universal) --> Cxxx (customized) or Cxx (customized) --> Cxxx (customized)?
Thank you!
johannu