|
| Hi,
I've got a PND, sold with WinCE 5.0 Core, but seems to be some stripped Dlls (many applications don't work ).
I've tried to put some Cmonex dll's, but they seems to be designed for WinCE 4.2, and then do not allow the applications to run.
I've wondered that using Microsoft Windows CE Platform Builder, It would be possible to make all the dlls to complete my Windows CE ?
1 ) Is it possible ?
2 ) Is it Easy ?
3 ) How to implement them (In RAM only ) ?
4 ) How to add them to Flahs ROM ?
I'm pretty sure that Cimonex will enjoy this post  |
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| hehehe 
1 ) yes
2 ) yes (click through wizard )
3 ) copy it to wherever you want ... but you must rename coredll, as the default coredll.dll of the system cannot be overwritten. it is loaded before filesys and all that crap on boot, so... the system will only look in rom for it. maybe same for aygshell, it has some bug on 4.2 at least. the rest is OK if you overwrite the default ones.
4 ) see my rom editing document? btw parts of it will be updated soon, getting a cool tool to work for it so some stuff will be easier/faster to do.
the problem is the tutorial lists prerequisites at the start:
You first need to have at least one official rom image from your device's manufacturer or if there is none, then a properly dumped image. You need to have a bootloader on the device that is able to flash your roms that are in the proper format, on which information is available, and you need to know this bootloader, its menu and its general behaviour. This may sound trivial but it really isn't for many CE devices.
.....i can help with that if this isnt done yet Edited by cmonex 2007-07-31 3:44 AM
|
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| Thanks for you fast reply I could'nt ask more fast!
At least, using a "renamed" coredll (coredl2.dll ) would do the trick, making my programs working !! 
I don't have a dump of my device's rom. I've tried to get one with Xda tools, but this didn't worked 
Tried also with pdocread, but nothing worked !
I've heard that on some PDAs, you have to push the joystick while powering-on to enter the flash menu, not yet tested on mine (only got 4 buttons, +, -, "P" and Standby, plus on-off switch for hard reset ).
Could you at least put your Coredll (and other ones ! ) for WincE on your web site ? Edited by napo7 2007-07-31 4:13 AM
|
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| Well, I've did not found a shortcut key to enter a "flash menu". Just found a factory test menu, but nothing to flash or extract ROM yet.
Do you have any instructions to extract the ROM for me cmonex ?
Thanks a lot for your help |
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| Hi,
I've made a Device from Platform builder, the most complete I could, but the Coredll is exactly the same size as the one in my PND Device.
So I think that the Coredll I've made will not help me !
Which DLLs could help me in giving my PND full functionnalities ? |
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| the size does not tell anything useful for us. you need a PE dumper to see if it has more exports than your original coredll. especially as you dont even have a romdump, so the coredll.dll size reported in \windows on your PNA is slightly incorrect... ....to get what original coredll exports, without a romdump, you need to get creative (i can help with this part. )
as for pdocread, the best way to try is
1. to get the handle of OS partition:
pdocread -l
then
2. use that handle to dump
pdocread -h 0xhandle 0 0xsize file.dump
you can also try using the -w option with the above,..
if that doesnt work
you can try
1 ) bkondisk
2 ) bksamsung
if you cant find these: hpcmonex.net/romstuff.html
run them, see what the created .log file in \ says. Edited by cmonex 2007-08-02 6:46 AM
|
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| Tried to make a dump : pdocread -l do works, it gives handles and sizes of parts, but when using pdocread -h, the following error occurs :
C:\>pdocread -h 0xcff93002 0 0x181f800 file.dump
CopyTFFSToFile (0x0, 0x181f800, file.dump )
ERROR: ITReadDisk : read 00000000 bytes - Un pÚriphÚrique attachÚ au systÞme ne fonctionne pas correctement. (which means "a device connected to system do not work correcty."
Then I tried bkondisk and bksamsung, which gives together :
ERROR: kioctl (FLASH, init1 ) - UNKNOWNERROR: 0x00000032
error initializing flash
and
ERROR: kioctl (FLASH, init ) - UNKNOWNERROR: 0x00000032
error initializing flash
Any other ideas ?
PS : By the way, ExecutabilityCheck does not work : it opens and then close immediatly ?
Any idea ? Edited by napo7 2007-08-02 7:36 AM
|
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| well, try pdocread with -w switch. thats your last chance as your device doesnt have the required ioctl's for bkondisk/bksamsung.
a ram dump can get you the kernel as well, but i doubt more than that.
but, if we get the kernel, we can then see if there is another ioctl implemented that could be used for dumping. who knows.... Edited by cmonex 2007-08-03 4:46 PM
|
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| I'll try this next week.
Hope it will help
Eitherway, will I be able to run apps with hex-modifying to use "coredl2.dll" which will be my "home made" dll ?N |
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| yes of course you can do that if the rom modifying doesnt work out. |
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| In facts, almost every apps tells me "xxx is not a valid windows CE application".
I do have all needed DLLs, but they all use coredll.dll.
I'll try to modify some of them. |
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| just have the apps import coredl2.dll instead |
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| By the way, do "peinfo" check for every import to see if the function is present in the DLL, or does he just check the presence of the DLL ?
Do executabilityCheck is better ? |
|
| |
|
H/PC Oracle Posts: | 16,175 |
Location: | Budapest, Hungary | Status: | |
| their purposes are really different. execheck will diagnose the problems for you in an easy to understand way. peinfo will not report the errors but gives more info on a dll...for fun?
so, just use execheck to rewrite the coredll.dll to coredl2.dll (rewrite lib name button )
peinfo is useful in one case: when editing out imports (this is "more advanced" hackin' ) and you run into identical import ordinal numbers from more than one dll while you want to change only one of them. then peinfo will tell you in an easier to read way which one is what you really want to edit.. Edited by cmonex 2007-08-06 9:38 PM
|
|
| |
|
H/PC Newbie Posts: | 8 |
Location: | France | Status: | |
| Well, for the moment, I've been trying to run Tomtom 6 on my PND. All the time I've launched it (without modification ), I've got a "Application Fatal Error", after a nice splash screen.
So I decided to rewrite every import of tomtom.exe
I used dependecy walker, and took the dlls from platformbuilder.
I had to take coredll, ole32, oleaut32, wininet, winsock, ws2 shlwapi and maybe on or two I can't remember !
I rewrite the imports of each DLL to call the "modified" dlls only (i.e. ws2 was calling coredll, which I changed to coredl2, etc... )
After putting all together in the same folder, I've got the same error message
Very disappointing !
Althought, I've got a friend which bought a similar PND, same brand, same OS (it seems ! ), but Tomtom 6 runs fine on his !!!
As I could make a dump of his ROM, I dunno which DLL I should take from it, as every DLLs I've tried did not solved the problem !
Cimonex, do you have any advice for me ?
tomtom 6 was just an example, but almost every app I try finish this way (application fatal error ) |
|
| |
