1 / 9

PRL Hacking:

What your wireless carrier doesn’t want you to know. PRL Hacking:. by The Prophet. What Is a PRL? It Matters In Montana.

tonya
Télécharger la présentation

PRL Hacking:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What your wireless carrier doesn’t want you to know PRLHacking: by The Prophet

  2. What Is a PRL?It Matters In Montana On CDMA handsets, the Preferred Roaming List is a binary file that controls which cellular and PCS systems you are allowed to use. You can only use the systems your carrier has specified, even if others are available.

  3. How Are PRLs Released? • On new phones • Over the air (OTA) upgrades • PST and data cable • This guy will break your PRL if you piss him off Wireless carriers can change PRLs (and your coverage) over the air without prior notice.

  4. How Do I Hack My PRL……and really tick off my wireless carrier? Before you get started, know the consequences: You will definitely void the warranty on your handset. Changing your PRL probably violates your carrier’s Terms of Service. Some people claim that this is illegal. It might be in Pennsylvania (where programming phones in any way at all is technically illegal), but there are no specific laws against PRL hacking.

  5. Downloading Your PRL • Using BitPim, unload the PRL: • Beware of decoys! On Sprint handsets, the files in /nvm/PRL are present, but often blank. • On most Sanyo handsets, the real PRL is in the /nvm/nvm/nvm-0019 binary file. • Using a hex editor, truncate the first 86 bytes. The starting offset should be 0F. Also truncate the nulls at the end. • You can now use your favorite PRL editor and/or disassembler.

  6. What’s Inside A PRL? • Acquisition index: Instructs the handset which channels to scan for each carrier. • Geography: PRLs can be split into areas. • Priorities: The order in which available systems are scanned. • Home Systems: System IDs that are not marked as roaming. Generally, these are the systems operated by your carrier. • Roaming Systems: System IDs that are marked as roaming. Generally, these are systems operated by other carriers. • Negative systems: System IDs upon which you are not allowed to roam.

  7. What Can I Change? • Unlike politics, essentially everything… • …but be careful! Your carrier will catch on in a hurry if your phone is doing something it should never be able to do. • The most useful things to change are System IDs, roaming priorities, and digital vs. analog preference. • You can use any PRL editor – I like Nokia’s the best.

  8. How Do I Upload A PRL? • Carefully! You can fry your phone if you make a mistake (like uploading an empty PRL), and your warranty will be null and void. • In general, you will need the Phone Service Tool (PST) provided by your handset manufacturer. These tools are not sold, but are only provided to cellular carriers. You may be able to find a copy for your handset on the Overnet file trading network.

  9. Acknowledgments • XFF and Cinema for the excellent information provided on WirelessWavelength.com • JaminMC, who figured out how to create custom PRLs. • Justalurker, who developed a methodology for PRL interpretations and stood his ground with Verizon (despite threats of litigation).

More Related