I try to find the xapp command in the disassembly. Is it right that it is in the stack.fls file? I cant find a "xapp" string ... Can someone help me? ~chrisude
In a more general sense I'd like to know the same. As to not being able to find the xapp string, which baseband are you looking at? I can verify that the 05.11.07 baseband does have xapp (at offset 62F5AF, 63B217, 37E4D5 (and xapp_get at 513D18, cmd_xapp.app at 632619). Which you're suppose to look at exactly I'd like to know also. So if someone could please give a small intro as to how to find the AT+ commands (main) routine, please fill out. Thanks in advance! ~toomuchjames
I know that the BB bootloader signature checks everything on bootup so a permanent unlock is out of discussion. But can this exploit be used with a payload to downgrade the baseband to an older signed version? --The preceding unsigned comment was added by Clrokr (talk) 02:23, March 14, 2011 (UTC). Please consult this page for more info on how to sign pages, and how to fix this.