Aerix v0.99 – Unlocking Sony Ericsson 2: The Final Barrier (Full CID49/CID51 Support)
[MEGA link – expires in 30 days] Mirror 2: Internet Archive – search "aerix_v099_se_unlock" Aerix v0.99 - Unlocking Sony Ericsson 2
A: Restore your original GDFS backup (we told you to make one). Aerix v0
P.S. If your phone hard-bricks, short C123 and C124 on the PCB for 2 seconds. That resets the security zone. Not all heroes use testpoints. Aerix v0.99 - Unlocking Sony Ericsson 2
A: Yes, if you perform a full unlock + debrand. Use the Clean Customization button.
We discovered that SEMC’s loader (version 3.2.4.5) has a during GDFS write operations. By sending a malformed WRITE_GDFS command with a specific nonce (derived from phone’s internal RSA modulus), the loader jumps to an insecure RAM routine instead of aborting.