I am not a developer, coder or hacker ...etc. I had my Leo in 9/2012. So I couldn't see Cotulla's and DFT's works in their own times. I wanted to see these excited days but I was using UIQ based devices those days. But I am using Leo for now and my friends know very well; I am very snoopy;)
I am not going to talking more. I created my own 2.08.HSPL a few days ago and I have been using my own modified aMagldr for a long time. I didn't know how to flash unsigned SPL image via Cotulla's hspl. Because, Cotulla was allowed only unsigned OS and SPLASH images, he wasn't touched SPL and RADIO images. So with hspl we couldn't flash unsigned SPL and RADIO images.
A few days ago, I saw Robbie P's "Bootloader unlocked S-off HD2, HTC developer device" topic in: bootloader-unlocked-s-off-hd2-htc-developer-device-t107.html And I wanted to learn how I can dump HSPL image. I did a research and I wrote this tutorial: how-to-dump-spl-t125.html Also, I could dump Cotulla's 2.08.hspl image. After that I understood which codes was changed by Cotulla and I created my own HSPL as I said above.
Our CustomRUU and AdvancedRUU PC apps, don't flash spl and radios(signed or unsigned). There was another method for it and I tried it. I convert my hspl.nb to leoimg.nbh with a nbh creator and I copied it SDCard and tried to flash via Cotulla's hspl. I got a "flash-loop" so I removed my sd card. But When I turned on my phone, It gave me error and didn't open. I could run my modified spl but I couldn't flash Cotulla's hspl via HSPL4 tool anymore. It gave errors too. At this stage, I tried to flash an unsigned OS image (my modified aMagldr 1.13.05) via AdvancedRUU. And hspl forgot to unsigned spl flash and it worked without a problem:D I put this trick name is "GEZİ Vulnerability"
For information what is GEZİ, please look: http://en.wikipedia.org/wiki/2013_protests_in_Turkey
Pictures:
http://n1309.hizliresim.com/1f/q/sxq54.jpg
http://k1309.hizliresim.com/1f/q/sxq6k.jpg (from 2.08.hspl v1.0)
http://r1309.hizliresim.com/1f/q/sxq85.jpg (from 2.08.hspl v1.0)
http://n1309.hizliresim.com/1f/q/sxq8v.jpg (from aMagldr 1.13.06)
Video:
http://youtu.be/SEj3hrKHUwg (Song: Lana Del Ray - Summertime sadness)
2.08.hspl changelog:
v1.03b (will release)
-Added MFG (Manufacturing/Engineering) feature. So, we can use rtask commands. (For example Sim unlocking, Imei changing etc...)
-Probably not work with aMagldr:(
-Other 1.03 features.
(I posted it on xda for testing. But jtag-guy didnt respond until now. So I will wait testing summary for release)
v1.03
-Removed radio flash protection again. So we can flash shipped radios.
-Fixed/updated "info 7" mtty command.
-Updated Device/Drivers name on Windows mtty interface.
-Added Leo type 512/1024 instead hx/ss strings. With this, you can see your Leo type on spl main screen.
-Updated/removed some strings.
v1.02 (not released)
-Added radio flash protection. With this, users cant flash any shipped or modified radio. This makes Leo unbrickable. (I dont think release it. But if anyone wants it, I will send it.)
v1.01
-Fixed backward compability. - Now you can use cotulla's HSPL4 tool for hspl & unhspl
-Added version info & build date on spl main screen. - Now you can see version number and build date on spl screen.
-Removed unneeded strings.
Initial Release (v1.00):
-Build from original 2.08.0000 spl image (thanks to cotulla, credits symbuzzer)
-Added&Modified some strings for showing walkthrough of GEZİ Exploit (credits symbuzzer)
Features:
-Same as cotulla's 2.08.hspl. But now, we know how to flash our modified hspl's
-You can hspl & unhspl again with Cotulla's HSPL4 tool from v1.01
What will be in next releases:
- I will try to add flashing unsigned radio utility, but I need help.
- I will try to add your requests if I can
INSTALLITION TUTORIAL IN 3RD POST