Skip to content

Latest commit

 

History

History
50 lines (34 loc) · 7.17 KB

README.md

File metadata and controls

50 lines (34 loc) · 7.17 KB

Discussion forum 4PDA | Telegram Group | Chinese Mod collection | Japanese Mod collection

Introduction

Web-based client-side Quansheng firmware patcher written in Javascript and HTML. It is based on the discoveries by the many contributors in the uvmod-kitchen by writing Python in Java code and analyzing modded firmware binaries for my enhanced UVMOD RX-TX patcher by making diffs from unpacked binaries to get the results for changing/replacing the propper offsets bit strings in heximal for example based on Tunas1337 UV-K5 Modded Firmwares. This patcher implements the same functionality not limited to RX only but also TX in a modular and flexible javascript structure. This is an enhanced RX-TX UVMOD based on whosmatt UVMOD src. The first TX features were much earlier written and released here thats why the name UVMOD RX-TX.

How it works

On the website you can generate a patched firmware image by selecting the patches of your choice. The patcher encode, apply the patches to modify and then decode the firmware on a binary level and can accept user input to customize variables. A custom base image can be supplied (uploaded) to allow support for mods that are compiled and linked directly into the firmware. The mods (patches) will be applied in the range from the first mod on top to the last mod on button. The later mods on the webpage can overwrite the mods function standing on the top of the online patcher and run in the direction down of the mods collection. eg. Mod TX and RX from 18-1300MHz will get overwritten if you select it together with Disable TX Lock from 50-600 MHz, Enable TX everywhere except Air Band, ...and so forth... because this functions are in contrast to each other. Do not select Mods (patches) with contraindicated features and functions! Use it wisely and choose your selected mods carefully before apply, download (save) and flash the firmware into your transceiver.

Copy and Host it, upload it on your own Webspace

Simply download the latest files in a zip file and extract it, upload it to your own webspace hosting.

Unpack/Pack and Encoding Firmware binaries

Firmware version spoofing on modded firmware v2 for v3, v4 uv-5r plus
You must have Python installed.

  1. Download file qsfirm.py and place it into the same folder with yourfirmware.bin
  2. Run command: qsfirm.py unpack yourfirmware.bin fw.dec.bin fw.ver.bin
  3. Optional: At this point you can use binary compersation diff and merge tools Binary diff Tool, WinMerge, hexcompare, HEXCMP.
    For search replace pattern, they are likely firmware version independend, you may use patch creater w/o installed Python dist. requirements to unpack/pack. Applying even on a packed firmware bin such as diabolo 2oo2 universal patch engine or others see eXe stuff forums. They may produce false positives alerts like unwanted Patch Tool risk once compiled as an exe patcher file. PE packer, crypter like PEcompact and co. can eliminate these wrong alerts. See unpacking and hacking forums about this topic. Completely Disabling AV software such as windows defender with all protection features and levels will be a temporary solution or run it in a virtual machine enviroment (VM) isolated if you afraid.
  4. Edit file fw.ver.bin in a hex editor like HXD to change the fw version where it should be flashed over. For example for v4, replace it with 4.00.01. With a * instead of a number makes it universal for all fw versions flashable.
  5. Run command: qsfirm.py pack fw.dec.bin fw.ver.bin yourfirmware_mod_v4.bin

Mod development

Clone this repository and execute python3 -m http.server or python -m http.server in the root directory for an instant local web server, allowing easy testing.
Mods are defined in mods.js, with an example mod to outline the pattern.
Also refer to the helper functions and documentation in modframework.js.

The supported format for binary data is in the format of a hex string without separators. You can use find and replace to remove all \x from a regular hex string or directly export the correct format from a bytes object in python using print(''.join('%02x'%i for i in BYTES_OBJECT)).

You may try one of these Java to exe convertors, compiling a java program into an executable. AutoIt and other scripting tools etc.. Most patches are also in Python available to create an offline application.

Disclaimer

This project was created for research and amateur radio use only, we are not responsible for improper use of this code which might lead to unauthorized transmission, reception or any patent infringments.

The firmware produced with this website is released WITHOUT ANY WARRANTY: Anyone flashing a modificated binary image obtained from the sources made available through this repository and Website configurator does so at their own risk. We always test all the code on our devices before publishing it on the repository, however we cannot guarantee the absolute absence of bugs nor of potential side effects. Mods flagged with Experimental are not fully tested.

Credits, rules and trouble maker...

"I'll take in account an EU Country block on a new DNS domain cause of different law regulations in whosmatt location. Threatens me with reference to DCMA is a taboo that's absolutely frowned upon among open source coding communities. A No-Go by doing shared code works. Sadly to be afraid from TX mods and freq limits >999MHz, 4 freq digits in MHz range will never match on the LCD screen, not to talk about changing the way how the direct keypad input should be changed to accept numbers higher than 999.999,(99). However he's desided to use my TX unlock code and maybe sooner or later my Tunnas1337 diffs done for TX and RX from 18-1300MHz Mod without paying propper credits back."

Credits and thanks to whosmatt!