Make Rompatcher patches:
I just realized that there are only a fraction of the patches which are available for S^3,
Even those patches, most of it are older ones which were initially made for s60v5
So I thought of including this guide which I found in another forum(SF),
The original post was made by the authour "Microx256" on 03 Jul 2008, 03:20
I thought this guide might inspire patch making for S^3,
Also those who wanted to remove red LED in camera, you can try this out:
Contents:
What you need?
How to save Patches as *.rmp
Additional Prefixes
Understanding the HEX
Frequently Asked Questions
Well, you might have found ROMpatcher, and perhaps some good patches for it, but what if you could write your own patches?
What you need?
A HEX editor, i use HxD in this example
A Hacked phone with ROMpatcher installed
So.. Are you ready to begin?
Find out what you want to patch, and where. In my example, i want to change the *#0000# screen to say that i have a Nokia N99.
After looking for the right file to change, i found that its Phone.exe, because it has the path of the file we need to change
First, open the file in a HEX editor. (I use HxD in my example)
(for understanding what HEX means, theres a short info somewhat down on this post)
Next, I know that Z:\resource\versions\model.txt is the file that shows the Phone model, so i search for it (ctrl + F) also remember to show that we search for text, and that its in Unicode:
Now we have the result, and also see it directly in HEX code, which will be the first part of the HEX code in the patch file:
At this point, its recommended to copy the HEX (circled above) to notepad, or somewhere where you can easily copy it to another place.
Next, i have decided that i want the phone to use Model.txt on the memorycard (E) instead of the Z:\ Drive, so i change the first part of the path (note that changed areas turn red) and you also notice that the HEX code changed from 5A to 45 where i changed the letter Z to be the letter E
At this point, we are half way done, good job if you made it this far.
Next we need to write the patch
The Patch should always have the patch name or short info on the first line, and next comes comments, if you want them, and after that comes the actual Patch, and also, there must be a ; before every line, except the patch line itself, like in this example:
Code:
;Model Text Changer
;This is a patch that changes the Model text
;here i can add as many lines as i want
;this was made by Microx256 from SF
SnR:sys\bin\Phone.exe:5A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400:45003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400
Now, where did i get that SnR:...blablabla code? Well, you actualy have it already
First, every patch like this should have a SnR: prefix (SnR means Search and Replace)
And after the SnR: comes the file that we want to change, in this case it was Phone.exe. you need to include there the path to the file, WITHOUT the Z:\ in the beginning, in this case it is sys\bin\Phone.exe
After the path and the file comes a : and after it comes the original, unchanged HEX code that we copied to notepad earlier, and after the original code comesagain a : and after that, finally, the changed code, the code that is still in the hex editor.
Now make sure you copy the same amounth of code that you did earlier (starting from the code of the Z, which is 5A to the 00 after the latest character in the name)
Code:
First Part: 5A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400
Second Part: 45003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400
And there we have a Patch!
Code:
;Model Text Changer
;This is a patch that changes the Model text
;here i can add as many lines as i want
;this was made by Microx256 from SF
SnR:sys\bin\Phone.exe:5A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400:45003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400
But wait, we are not finished by this patch just yet!
Now, as we changed the Phone.exe to show the file on the memorycard instead of the file on the Z:\, we need to copy and edit the file.
Copy the file Model.txt from Z:\resource\versions\ to E:\resource\versions\ (you might need to make the folders on the memorycard) and edit it as you wish (note: Model.txt has a 20 character limit)
After this, just copy the patch to E:\Patches\ and have fun
How to save Patches as *.rmp
When having the Code in notepad, you need to save the code, and Notepad saves as .txt by default.
To save it as .rmp, like the patches should be do this:
When saving, Select Save as type: All Files (*.*) and manually add the .rmp extension, for example, here i show how it should be if the Patch name was uberpatch:
Additional Prefixes:
SnR: is not the only prefix, there are some more, for example, the Prefix Rel:
The Prefix Rel: works the same way as SnR, but you define the location info aswell, so the format of the Rel: prefix is:
Rel:Path\file:location:find:replace
Got confused? Let me explain:
Rel: is just like SnR: but different
Path means the same as the path in the SnR: prefix
file is also same as in SnR: Prefix
location this is the difference from the SnR:, this means the location 0x?? of the change, ill explain this later here
find this is the same as in SnR: Prefix, this is what to look for in the file
replace and this is what to replace the previos with, just like in SnR:
Well, whats this all for if it has same effect as SnR?
- if the file have that same code in multiple places, and you want to change just one of them, how would ROMPatcher know what part do you want to change? well, this is the solution to it
And what does that 0x?? mean, and how to find it?
open up HEX editor, in this example i use HxD:
Again, first decide what to do, and where:
In my example, i have decided to remove the Wlan search bar from the Active Standby of my N95.
And i have found out that the file responsible for this is SnifferAIPlugin.dll located in Z:\sys\bin\
And to disable it, i have found out that changing the first and 4th byte to a 00 byte disables it
and well, the bytes are 10 and 79.. but the thing here is that there are those same bytes many many times in the file, but i want to change only the first ones! so i use Rel: prefix..
Heres the bytes im talking about in Blue:
and in the Red circles are the location adresses
so decide which byte you want to know the location,
and take the number from the left vertical column, and add the number from the top horizional colum to it.
For example, the 4th byte would be 00000003 because in the left theres 00000000
and on top theres 03, and 00000000 + 03 is 00000003
so another example: From the 5th line, the 7th byte would be 00000046 because on the left theres 00000040 and on the top theres 06
so the patch that changes those 2 bytes marked in blue, would be like this:
Code:
;No Wlan in ActiveStandby
;This removes the Wlan Search bar from the Active Standby, atleast on nokia N95
;to get this to work, first disable ActiveStandby, and then apply the patch, and then again enable Active Standby
;By Microx256 from Symbian-Freak.com
rel:sys\bin\SnifferAIPlugin.dll:00000003:10:00
rel:sys\bin\SnifferAIPlugin.dll:00000000:79:00
Understanding the HEX:
Well, shortly HEX is actualy just numbers, almost like those that we use :wink:
Here you can see how the most common numeric systems goes:
Decimals - HEX - Binary
0 0 0
1 1 1
2 2 10
3 3 11
4 4 100
5 5 101
6 6 110
7 7 111
8 8 1000
9 9 1001
10 A 1010
11 B 1011
12 C 1100
13 D 1101
14 E 1110
15 F 1111
16 10 10000
17 11 10001
18 12 10010
19 13 10011
20 14 10100
21 15 10101
22 16 10110
23 17 10111
24 18 11000
25 19 11001
26 1A 11010
27 1B 11011
28 1C 11100
29 1D 11101
30 1E 11110
31 1F 11111
32 20 100000
...
Using this online converter, you can convert any hexadecimal to decimal and binary and vice versa
ok.. maybe thats enough for you to see how they goes :lol:
so basicaly, Decimals, that we use every day, have 10 numbers, 0 1 2 3 4 5 6 7 8 9
and HEX has 16 numbers, 0 1 2 3 4 5 6 7 8 9 A B C D E F
and finally binary has just 2 numbers, 1 and 0 (binary is not needed to know in this tutorial, but it could be usefull to know it)
So, are all those files just numbers? so how can there be text if hex is only numbers?
- yes, they are numbers, and every letter we use, have thier own number :wink:
for example, in HEX editor you can see the letter A (note: its a capital A)
has the HEX of 41
and hex 41 is 65 in Decimal, and 1000001 in Binary
for this, you can use the Windows calculator, just set it to Scientific from the menus, and then check the Hex button, or Dec (decimal) or Bin (binary) and type a number, and check another button to change it to that
So, Remember this:
- HEX is "numbers", and every letter and special mark have its own number
- in HEX editor, theres 2 HEX numbers after each other, and they form 1 Byte, and if you converth the 2 hex numbers into Binary, you get 8 Binary numbers, and 1 Binary number is 1 bit (1byte=8bits) and as you might already know, 1 letter takes 1 byte of space, so 2 HEX numbers forms 1 letter
Frequently Asked Questions:
How did you know what to look for and where?
-> Just keep looking inside files, and you might find something interesting to patch, thats how i did
My Patch dont show up in ROMpatcher?
-> Make sure the patch is in E:\PAtches\ and that the patch has a .rmp extension
When i try to apply my patch, i get a red cross as an error, why?
-> there can be several reasons, but most probably some of these:
*You are trying to patch a file thats not in the ROM (remember, this is ROM Patcher, not Z Patcher)
EDIT:
By "remember, this is ROM Patcher, not Z Patcher"
He means to say that you can only patch the files in the z:\sys\bin folder of the rom not any file in Z
If you don't believe this, try to open all thes patches in notepad, and you will see that all of them will have only like this syntax in the last line saying:
SnR:sys\bin\xx(filename)xx:A003A005C(hex code):A003A005C(hex code)
EDIT:
Few more words from the author:
"Remember; this is called ROM Patcher, and not Z Patcher, so basicaly, only files on ROM can be patched.. but for this, there are workarounds, such as, patch the file/application thats pointing to the file and so on.. just like in the tutorial, we patched Phone.exe that points to the model file, but we did not patch the model file (Model.txt) itself, because the model file is not in the ROM..."
EDIT:(explanation by nicesoni_ash)
Quote from: nicesoni_ash on 16 August 2011, 07:47
While using Rompatcher, you must keep in mind that it won't change or edit the contents from Z drive (or say from ROM), however it's only to change the few bytes from these files only when they exist in the memory thus once you restart your phone, these modifications are not there until you reactivate the same patch again or include them in Auto..
*The syntax of the patch is wrong (original code that dont exist)
*The 2 hex codes are not the same lenght
*The lenght of the first and second code must be dividable by 2 (eg. 1337FCA is wrong, because 7 is not dividable by 2, but 1337FCA0 is possible, because 8 is dividable by 2)
How can I know what files are on the ROM and what are not?
-> Use this ROM Dump tool (by Zorn) to get the ROM files extraced to your computer
I did like you did in that example, but the Model line disappeared from the *#0000# display?
-> Make sure the Patch syntax is correct, and also make sure you have your Model.txt in the right directory on the memorycard
Can Patches be harmfull for my phone?
-> Not really, because the Patches dont actualy change anything, and all changes are reset efter you restart your phone. However, if something happens, neither me or Symbian-Freak.com are responsible to any possible harm caused.
Can i Patch many files in 1 Patch?
-> Yes you can, heres a example Patch that changes 2 files in 1 Patch:
Code:
;all info mod
;this mod lets you change the whole *#0000# screen
;make files E:\resource\versions\sw.txt and E:\resource\versions\model.txt on the memorycard
;then customize them as you want
;there is a 64 character limit for the sw.txt, which is displayed first
;and a 20 characters limit for the model.txt, which is displayed after sw.txt
;use \n for a new line, also note, the new line uses 2 characters, and there dont need to be a space before or after the marks
;also note that the model.txt will be displayed right after sw.txt without a new line, unless you define it so
;and you can use the new line marking \n only in sw.txt, it wont work in model.txt
;combined mod by Microx256 from SF
SnR:sys\bin\sysutil.dll:5A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C00730077002E0074007800740000001F0000005A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006C0061006E006700730077002E0074007800740000001D0000005A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006C0061006E0067002E007400780074:45003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C00730077002E0074007800740000001F00000045003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006C0061006E006700730077002E0074007800740000001D00000043003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006C0061006E0067002E007400780074
SnR:sys\bin\Phone.exe:5A003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400:45003A005C007200650073006F0075007200630065005C00760065007200730069006F006E0073005C006D006F00640065006C002E00740078007400
If you have guestions, please ask them here and dont PM me, as i am not the author of this thread;
I just decided to share this so that users like you can go ahead and experiment with making patches;
IMPORTANT:
How to open the rom drive?
Two methods
1. Extract the rom drive (open rofs2 in nokia cooker or any program and extract it)
2. Else you can use Rom Dump in Rompatcher plus
How to do this,
Go to rompatcher and under options click on Rom Dump,
You will get a file in the root of your SD card,
Copy paste this file onto your PC,
Then Use CODeRUS RomATv1.8 to extract its contents [RomATv1.8 download here]
Application executable packed by corporate packer. Antiviruses may report this as a threat. Add the executable as an exception!
So dont post about this being virus infected and all crap...its aint a virus designed to screw your pc
There is also option for Superpage Dump,
It will also produce a similar file which can be extracted later
thanx to jnx_r for this awsme tut :)