# المنتدى منتدى البوكسات الأصلية والبرامج المحمية .:: Original Boxes ::. قسم أرشيف البوكسات ( Archive Boxs) قسم Cyclonebox  Cyclone STOP THE UNSTOPPABLE!! NEW RAPIDO ENCRYPTION, 1ST SD/CMLA/SX BACKUP, MORE!!!!

## hassan riach

Hi to all, new Update for *Cyclone Box* is Ready.
We are sorry for problems caused by previous release.
In this version we implemented new encryption routines for New MCU RAPIDO Phones. That means you can now: 
- Read correct LOG file for SL3 SP Unlock (sorry, discard previous ones!)
- Direct SP Unlock of SL2 New hash (479cc based) phones (6760, 6120c) using NCK Calculation
- Direct SP Unlock of SL2 New hash (479cc based) phones (6760, 6120c) using RPL Calculation
- Absolutly *FIRST IN THE WORLD* - Superdongle Key Backup for new hash - no other tool support it
- Absolutly *FIRST IN THE WORLD* - Standalone SX4 authorization without Superdongle key corruption
- Absolutly *FIRST IN THE WORLD* - CMLA/WMDRM Key backup
- Absolutly *FIRST IN THE WORLD* - 1:1 Original Nokia RPL Backup (w/o risk of DAMAGING phones!)
- Security analysis
- The new encryption works also for old rapido phones (CAEEBB based) which noone tool could properly decrypt Superdongle/etc data
- More ..  *Supported hashes:* 
68597B9162BAB81AF74C56E78EA2588F
EA81B32860B86EF4231A11831045F3E6
8E309B54DA1ADDE27C2A035D63AACACD
916F75217F32081248B15C38DFC8E81B
DA550B5BAAB517409088A3E4F3EB53AC
B8C3ADECFC997FCD8081D3DEAF870B8C
479C6DDE3942E12C429C1D6ADED80371
C70CB07324056BC66A824347F40DB2D5
B1A9CEADB5CE9CF9FB4F442150AA8E09
46802B476C93A05CBAF76A64752086A9
1B0D74C532CA1C6133940C740E8C786E
25B977A055BE9B5DEC0C38A2A279C695
700370BCF8AFBAB25DD62DBD124FD9CE
9DDBFCFE6E73CED7D8C6268C8EB85723
7B045400E1752022F9EB80B0DEA9C65D
928E5FFB88D81E5F74729A212AB9D12E
F2D76DFAFD66C7F195F278417DF05888
CAEEBB65D3C48E6DC73B49DC5063A2EE
FCB5C510AF7F09F313D9BDE85A707CC0
9A28E119033B91D14D22838C86D0D53C
F682624FFB08F6D955DBE7D9C0485084
55DF9CBCC80B17225043DDA1CC783C97
38F312750F686F9FC9B1B3778774A195
BAF3A9C3DBFA8454937DB77F2B8852B1
A5404AE83A594ECADEE532F0C236BFA6
E9EFF4BFAA5393217CA6B17755FC3E14  *And small tests*  *Nokia 6760 479CC Direct unlock*  
Quote:
BB5 Unlock Started...
MCU Version V 09w17.03.45
MCU Date 20-10-09
Product RM-573 (Nokia 6760 Slide)
Manufacturer (c) Nokia
IMEI 355203035769745
Mastercode 461474133
Simlock Server SIMLOCK SERVER
Simlock Key 5050200000000000
Simlock Profile 8000000000000000
Simlock Key Cnt 1
Simlock FBUS Cnt 8
Simlock [1,1] State: CLOSED Type: MCC-MNC Data: 50502F
Reading Security Block...
Security block OK and saved to "RM-573_355203035769745_5112011_60929 AM.SecurityBlock.PM"
"16200007748E005298591CBC3DA4B4F4FEF358A2.C0005311 " Exists, That is good...
WARNING: Stored CYC file is probably corrupted
Reading CYC file from phone...
Booting CMT...
CMT_SYSTEM_ASIC_ID: 000000010000022600010006400C192101051103
CMT_EM_ASIC_ID: 00000296
CMT_EM_ASIC_ID: 00000B22
CMT_PUBLIC_ID: 16200007748E005298591CBC3DA4B4F4FEF358A2
CMT_ASIC_MODE_ID: 00
CMT_ROOT_KEY_HASH: 479C6DDE3942E12C429C1D6ADED80371
CMT_BOOT_ROM_CRC: 4B9B7510
CMT_SECURE_ROM_CRC: 3E691FF8
CMT Ready!
New_RAPIDOv11_2nd.fg, Type: 2nd Boot Loader, Rev: 512.10.48.1, Algo: BB5
Flashbus Write baud set to 1.0Mbits
Flashbus Read baud set to 98Kbits
Using NEW BB5 FLASHING PROTOCOL
Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding
Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit
Box TX2 Data Pin set to: Service Pin 3
FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM
FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC
FlashChip[0,CMT]: 0x0400000000000000, Unknown, NOR
FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR
FlashChip[0,CMT]: 0x00EC004000000121, Samsung, ONENAND
Requested Algorithm: XSR 1.5 (CMT)
Sending Auxiliary Loader...
Auxiliary Loader Sent!
Loader: RAPxx CommonBoot v1.04 (C) 2011 KarwosLabs 
Custom loader running OK! Working...
Readed OK, Saving to "16200007748E005298591CBC3DA4B4F4FEF358A2.C0005311 "
Checking for Rootkey Hash support with selected Unlock Method...
Selected Unlock Method: NCK Calculation (new method)
Performing new SL2 Algo...
#pw+238228650439154+1#
#pw+976749305397276+2#
#pw+510431019060809+3#
#pw+978446698302394+4#
#pw+744747389804508+5#
#pw+645730839742156+6#
#pw+867417704847922+7#
Sending NCK Codes..
NCK[1] - ACCEPTED
NCK[2] - Too fast between tries (bruteforce protection)
NCK[3] - Too fast between tries (bruteforce protection)
NCK[4] - Too fast between tries (bruteforce protection)
NCK[5] - Too fast between tries (bruteforce protection)
NCK[6] - Too fast between tries (bruteforce protection)
NCK[7] - Too fast between tries (bruteforce protection)
MCU Version V 09w17.03.45MCU Date 20-10-09
Product RM-573 (Nokia 6760 Slide)
Manufacturer (c) Nokia
IMEI 355203035769745
Mastercode 461474133
Simlock Server SIMLOCK SERVER
Simlock Key 5050200000000000
Simlock Profile 8000000000000000
Simlock Key Cnt 0
Simlock FBUS Cnt 0
Simlock [1,1] State: OPENED Type: MCC-MNC Data: 50502F
Simlock NCK #pw+238228650439154+1#
Unlock finished! Time taken 12.219s  *5230 Standalone SX4 Auth + security analyze*  
Quote:
MCU Version V ICPR72_10w04.5
MCU Date 22-03-10
Product RM-588 (Nokia 5230)
Manufacturer (c) Nokia
IMEI 353763044825673
Mastercode 4253371033
IMEI Spare 3A35670344286507
IMEI SV 3335670344286517F1000000
CNT 20.0.005_001_U389
PSN 01458E4AA
Product Code 059B139
Module Code 0204359
Basic Product Code 0584528
PSD 0000000000000000
LPSN 0
APE SW V 20.0.005
APE Variant V 20.0.005V 20.0.005 20.0.005.389.01
APE Test rm588_ENO_x_09wk43v0.050
APE HW 256
APE ADSP 256
RETU 16
TAHVO 22
AHNE 11
HW 0512
RFIC 17141716
DSP simon_ICPR72_10w05
Simlock Server SIMLOCK SERVER
Simlock Key 2140700000000000
Simlock Profile 8000000000000000
Simlock Key Cnt 0
Simlock FBUS Cnt 0
Simlock [1,1] State: OPENED Type: MCC-MNC Data: 21407F
Simlock [2,1] State: OPENED Type: MCC-MNC Data: 21402F
Simlock NCK #pw+6SHl74219804726+1#
Started Phone Security Analysis...
MCU Version V ICPR72_10w04.5
MCU Date 22-03-10
Product RM-588 (Nokia 5230)
Manufacturer (c) Nokia
IMEI 353763044825673
Mastercode 4253371033
Reading Security Block...
Security block OK and saved to "RM-588_353763044825673_10052011_221449.SecurityBlock. PM"
Step 1 : Testing SIMLOCK
SIMLOCK SEFLTEST PASSED OK!
Step 2 : Testing SECURITY
SECURITY SEFLTEST PASSED OK!
Step 3 : Analyzing Security Block
WARNING: "1CC001140C9B005273D956C28676BF92A6877017.C0000805 " Not Exists, Will read it...
Reading CYC file from phone...
Booting CMT...
CMT_SYSTEM_ASIC_ID: 000000010000022600010006400C192101051103
CMT_EM_ASIC_ID: 00000296
CMT_EM_ASIC_ID: 00000B22
CMT_PUBLIC_ID: 1CC001140C9B005273D956C28676BF92A6877017
CMT_ASIC_MODE_ID: 00
CMT_ROOT_KEY_HASH: 479C6DDE3942E12C429C1D6ADED80371
CMT_BOOT_ROM_CRC: 4B9B7510
CMT_SECURE_ROM_CRC: 3E691FF8
CMT Ready!
New_RAPIDOv11_2nd.fg, Type: 2nd Boot Loader, Rev: 512.10.48.1, Algo: BB5
Flashbus Write baud set to 1.0Mbits
Flashbus Read baud set to 98Kbits
Using NEW BB5 FLASHING PROTOCOL
Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding
Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit
Box TX2 Data Pin set to: Service Pin 3
FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM
FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC
FlashChip[0,CMT]: 0x0400000000000000, Unknown, NOR
FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR
FlashChip[0,CMT]: 0x00EC004000000231, Samsung, ONENAND
Requested Algorithm: XSR 1.6 (CMT)
Sending Auxiliary Loader...
Auxiliary Loader Sent!
Loader: RAPxx CommonBoot v1.04 (C) 2011 KarwosLabs 
Custom loader running OK! Working...
Readed OK, Saving to "1CC001140C9B005273D956C28676BF92A6877017.C0000805 "
Checking SUPERDONGLE...
SUPERDONGLE FOUND AND CHECKSUM OK! PASSED!
Checking SIMLOCK...
Failed to decode Security Section, Box Reported: Security Section Not Found (SL3 phone?)
Checking MCU&DSP TIMESTAMPS...
MCU&DSP TIMESTAMPS FOUND AND CHECKSUM OK! PASSED!
Checking CMLA KEYS...
CMLA KEYS FOUND AND CHECKSUM OK! PASSED!
Checking ECC KEYS...
ECC KEYS FOUND AND CHECKSUM OK! PASSED!
Checking DIV KEYS...
DIV KEYS FOUND AND CHECKSUM OK! PASSED!
Analyze finished!
SX4 Authorization / SD Repair Procedure Started....
"1CC001140C9B005273D956C28676BF92A6877017.C0000805 " Exists, That is good...
MCU Version V ICPR72_10w04.5
MCU Date 22-03-10
Product RM-588 (Nokia 5230)
Manufacturer (c) Nokia
IMEI 353763044825673
Mastercode 4253371033
Reading Security Block...
Security block OK and saved to "RM-588_353763044825673_10052011_221503.SecurityBlock. PM"
SX4 Status: Not authorized (74)
Started mutual authenthication with card...
Receiving Phone Seed 1...
Phone Seed 1 Received
Sending calculated Data 1, and expecting Seed 2...
Calculated Data 1 accepted, Phone Seed 2 Received
Sending calculated Data 2
Calculated Data 2 sent, Checking Authorization Status again
Authorization successfully finished!
Looking for Virgin PM In Database...
Found, writing...
[1,0] Written, Length: 114 bytes, Status: OK
[1,2] Written, Length: 98 bytes, Status: OK
[1,4] Written, Length: 110 bytes, Status: OK
[1,6] Written, Length: 98 bytes, Status: OK
[1,8] Written, Length: 110 bytes, Status: OK
[1,13] Written, Length: 98 bytes, Status: OK
[1,16] Written, Length: 98 bytes, Status: OK
[1,18] Written, Length: 98 bytes, Status: OK
[1,20] Written, Length: 98 bytes, Status: OK
[1,22] Written, Length: 16 bytes, Status: OK
[1,23] Written, Length: 4 bytes, Status: OK
[1,24] Written, Length: 84 bytes, Status: OK
[1,25] Written, Length: 4 bytes, Status: OK
[1,26] Written, Length: 110 bytes, Status: OK
[1,28] Written, Length: 98 bytes, Status: OK
[1,29] Written, Length: 10 bytes, Status: OK
[1,31] Written, Length: 98 bytes, Status: OK
[1,33] Written, Length: 36 bytes, Status: OK
[1,34] Written, Length: 80 bytes, Status: OK
[1,35] Written, Length: 16 bytes, Status: OK
[1,37] Written, Length: 4 bytes, Status: OK
[1,39] Written, Length: 36 bytes, Status: OK
[1,44] Written, Length: 182 bytes, Status: OK
[1,45] Written, Length: 182 bytes, Status: OK
[2,0] Written, Length: 448 bytes, Status: OK
[309,0] Written, Length: 4 bytes, Status: OK
[309,1] Written, Length: 2 bytes, Status: OK
[309,2] Written, Length: 12 bytes, Status: OK
[309,4] Written, Length: 12 bytes, Status: OK
[309,5] Written, Length: 12 bytes, Status: OK
[309,7] Written, Length: 12 bytes, Status: OK
[309,8] Written, Length: 12 bytes, Status: OK
[309,17] Written, Length: 12 bytes, Status: OK
Write PM Finished, Record written OK: 33, Record written NOT OK: 0  *Nokia X6*  
Quote:
MCU Version V ICPR72_10w04.5
MCU Date 22-03-10
Product RM-559 (Nokia X6)
Manufacturer (c) Nokia
IMEI 352006046910791
Mastercode 134767774
IMEI Spare 3A25000664197009
IMEI SV 3325000664197019F4000000
CNT v 001_000, 17-03-10, vanilla, RM559rRM559_002_001_M004, 
PSN CSF672051
Product Code 059B8W2
Basic Product Code 0589312
PSD 0000000000000000
LPSN 0
WLAN MAC A04E047F2AB8
APE SW V 20.0.005
APE Variant V 20.0.005V 20.0.005 20.0.005.360.02
APE Test rm559_ENO_A_09wk28v0.440
APE HW 256
APE ADSP 256
RETU 16
TAHVO 22
AHNE 11
HW 1123
RFIC |Vapaus_5.1 | Aura_?.?
DSP ICPR72_10w05
Simlock Server SIMLOCK SERVER
Simlock Key 2140400086388183
Simlock Profile 8000000000000000
Simlock Key Cnt 0
Simlock FBUS Cnt 0
Simlock [1,1] State: OPENED Type: MCC-MNC Data: 21404F
Simlock NCK #pw+>FKT72534805121+7#
Started Phone Security Analysis...
MCU Version V ICPR72_10w04.5
MCU Date 22-03-10
Product RM-559 (Nokia X6)
Manufacturer (c) Nokia
IMEI 352006046910791
Mastercode 134767774
Reading Security Block...
Security block OK and saved to "RM-559_352006046910791_10052011_220737.SecurityBlock. PM"
Step 1 : Testing SIMLOCK
SIMLOCK SEFLTEST PASSED OK!
Step 2 : Testing SECURITY
SECURITY SEFLTEST PASSED OK!
Step 3 : Analyzing Security Block
WARNING: "1A60010D468C0052CBA704F8193E26C1B8325289.C0000805 " Not Exists, Will read it...
Reading CYC file from phone...
Booting CMT...
CMT_SYSTEM_ASIC_ID: 000000010000022600010006400C192101051103
CMT_EM_ASIC_ID: 00000296
CMT_EM_ASIC_ID: 00000B22
CMT_PUBLIC_ID: 1A60010D468C0052CBA704F8193E26C1B8325289
CMT_ASIC_MODE_ID: 00
CMT_ROOT_KEY_HASH: 479C6DDE3942E12C429C1D6ADED80371
CMT_BOOT_ROM_CRC: 4B9B7510
CMT_SECURE_ROM_CRC: 3E691FF8
CMT Ready!
New_RAPIDOv11_2nd.fg, Type: 2nd Boot Loader, Rev: 512.10.48.1, Algo: BB5
Flashbus Write baud set to 1.0Mbits
Flashbus Read baud set to 98Kbits
Using NEW BB5 FLASHING PROTOCOL
Default Transmission Mode Requested by Loader: Dual Line, 32 bit, Overriding
Transmission Mode Requested: Dual Line, 32 bit, Accepted: Dual Line, 32 bit
Box TX2 Data Pin set to: Service Pin 3
FlashChip[0,CMT]: 0x0000000000000000, Unknown, RAM
FlashChip[0,CMT]: 0xFFFF000000000000, Unknown, MMC
FlashChip[0,CMT]: 0x0400000000000000, Unknown, NOR
FlashChip[1,CMT]: 0x0000000100000000, Unknown, NOR
FlashChip[0,CMT]: 0x00EC005800000121, Samsung, ONENAND
Requested Algorithm: XSR 1.6 (CMT)
Sending Auxiliary Loader...
Auxiliary Loader Sent!
Loader: RAPxx CommonBoot v1.04 (C) 2011 KarwosLabs 
Custom loader running OK! Working...
Readed OK, Saving to "1A60010D468C0052CBA704F8193E26C1B8325289.C0000805 "
Checking SUPERDONGLE...
SUPERDONGLE FOUND AND CHECKSUM OK! PASSED!
Checking SIMLOCK...
Failed to decode Security Section, Box Reported: Security Section Not Found (SL3 phone?)
Checking MCU&DSP TIMESTAMPS...
MCU&DSP TIMESTAMPS FOUND AND CHECKSUM OK! PASSED!
Checking CMLA KEYS...
CMLA KEYS FOUND AND CHECKSUM OK! PASSED!
Checking ECC KEYS...
ECC KEYS FOUND AND CHECKSUM OK! PASSED!
Checking DIV KEYS...
DIV KEYS FOUND AND CHECKSUM OK! PASSED!
Analyze finished!  *Where from download?*
الروابط تظهر للاعضاء فقط[ للتسجيل اضغط هنا ] 
(Firmware v1.61 required)

----------


## Shamseldeen Victory

شكرا ياريس (مثبت لفترة)

----------


## narosse27

*بارك الله فيك<*

----------

