Re: [Barry-devel] Regarding Blackberry data recovery.
Status: Beta
Brought to you by:
ndprojects
From: Chris F. <cd...@fo...> - 2012-01-06 11:30:37
|
On Fri, Jan 06, 2012 at 04:34:00PM +0530, Rakesh Sharnagate wrote: > Hi Chris, > > One last question I want to ask: > Which Initialization USB commands are required to extract records from any > database. They are pretty much all Bulk transfers, except for non-database things like setting the USB power levels. The Bulk transfers are arranged into packets, the format of which you can find in protostructs.h, including a socket number, size, command, etc. Some of these commands have sub-commands, and some command numbers are dynamic, such as tableCmd. For example, if you run 'btool -vd Memos' you'll see the USB traffic, for each stage: probe, mode selection (RIM Desktop), command code discovery (Database Access), DatabaseDatabase retrieval (a large block with a list of databases in the device... easy to find in the hex data), and then the dump of all records in the Memos database (using command 0x40 and the Database Access code number from the earlier command code discovery). You'll see sequence packets scattered throughout (command code 0x13). You can find the probe code in probe.cc. Look at controller.cc and m_desktop.cc for the next stages. But you'll have to match the packets against the right structs in protostructs.h to know what the bytes mean. Not all fields are understood yet, but enough to make it work. For database access, focus on the Packet struct in protostructs.h, and follow the other structs that are used in the unions. - Chris |