Nokia Unlock Codes & Box Serials Explained

Added on 8/02/04

The history of unlock codes, Version 1, Version 2, and Griffin Nokia unlock codes. What are the differences, when to use them and why they exist?? Read This article to find out!

Ok a lot of people have requested to read an article on this topic and I will share my views on why there are different variants of Nokia unlock codes.

It will be easier to explain this chronologically so prepare your self for the history of Nokia unlock codes! When unlock codes originally appeared they were in the form of software as they are now but the software was dongle protected. The dongle actually contained the program code which calculated the Nokia unlock codes and the software acted as a front end to display the codes. The dongle's calculated only one type/variant of unlock codes (known today as version 1 codes). These codes worked great for many months, but I guess Nokia got a little unhappy with this situation and as a result more and more people were reporting that these codes were not working on the odd 7650 and 3510i's.

What is a Dongle?Nokia Dongle

A dongle is a small piece of hardware designed to protect software. It can come in various forms, commonly either USB or parallel port. The dongle for the original DCT4 unlock code calculators was a parallel port device. If the dongle was not plugged into the LPT port of your computer the software would not run. The actual program code that calculated the unlock codes was actually stored in a small micro chip within the dongle. The software itself only acted as a front end and retrieved the codes from the dongle itself.

And so came the release of some new unlock code software, again dongle protected. The new software produced a different variation of unlock codes. These so called newer codes could still unlock all the old DCT4 handsets but could also unlock these awkward 35101i's and 7650's. A lot of the GSM traders loved this as they had just made loads of bucks selling version 1 dongle's and now they began to sell these newer dongle's/software at an extra high price! This newer software calculated codes that today we call version 2 codes.

Sadly no one really analysed the difference between these two variations of unlock codes, well not until some considerable time had past. Or if they did no one announced it publicly (for money reason I guess). I will give you an example and lets see if you can spot the difference:

IMEI: 111111111111111
MCC+MNC: 23433
Orange UK
Type: 2

#pw+239555457767356+1# Version 1 codes
#pw+229555457767356+1# Version 2 codes

THAT'S RIGHT! The only difference between the two codes is that the 2nd digit has had 1 subtracted from it (zero goes to a nine). Of course eventually this was spread around the forums and many people that had purchased the original software and then upgraded to the new software felt a little cheated! Over time the price of the unlock code software became lower and lower (about £30 towards the end).

As always within the GSM scene someone managed to extract the code hidden within these dongle's. As a result a small DOS based program was released into the GSM scene, namely:
dct4nck.exe by jozso

This was free software and meant absolutely anyone could calculate their own nokia unlock codes! To use it you had to be a little familiar with DOS command lines. For those that are the usage of this free software required three parameters, as you would expect: 1) lock type, 2) IMEI, 3) provider
Although there is also a mysterious optional 4th parameter called box serial, which we will discuss later.

The screen shot below shows an example using dct4nck, the optional 4th para mater [box serial] can also be seen:

dos dct4

By default this program generated version 1 codes. Although it was free it was not very easy to use. Therefore a flood of shells that acted as a front end to dct4nck became available. Many of these shells you will find in my downloads section. At this point I would like to make clear that all free DCT4 unlock code calculators (including those in my downloads section) use dct4nck by jozso in the background. At present the actual DCT4 unlock code algorithm has still not been made public! These shells could easily manipulate the output of dct4nck to produce version 2 codes. So again for a few months everyone was calculating DCT4 codes without problems.

Nokia decided to fight back again! But this time they were a little more creative. Nokia realised that for us to calculate the correct unlock code we (us unlockers) required the MCC+MNC (Mobile Country Code + Mobile Network Code) for the network the handset was locked to.
e.g. MCC+MNC for Orange UK = 234 33.

For a long time these provider codes have been public knowledge and there are many web sites that list these provide codes like this site:

http://www.gsmworld.com/roaming/gsminfo/index.shtml

Traditionally these codes have always been 5 digits in length ( 3 digits for the country and 2 digits for the network within that country). For some networks Nokia started to used extended MNC (Mobile Network Codes). This meant that the full MCC+MNC could now be as long as 8 digits. The GSM gurus out there soon cottoned on to what was going on and software utilities were developed that can read the extended MNC value directly from the phone. To explain this with an example may help:
Virgin in the UK used to use the MCC+MNC 23400 (5 digits), when version 2 unlock codes began to fail on Virgin 3510i's the reason was because virgin (in conjunction with Nokia) had adopted a new extended MCC+MNC of 234 00001.

So long as we kept an updated provider list of MCC+MNC codes unlocking Nokia's was again very easy!

Nokia did throw up one final surprise for AT&T 3650 owners in the US. For a long while no one could unlock certain AT&T 3650's! The reason for this was Nokia changed the MCC+MNC for the AT&T network. Rather than use an extended MCC+MNC Nokia changed it to a completely random 5 digit code (24407 instead of 31038). But to add to the confusion this new code was only applicable to certain 3650's within a particular IMEI range. But after time the solution was found to be:

If you have a 3650 locked to AT&T (USA) use the following network codes to calculate the correct unlock code:
Use network code 24407 if your IMEI starts with: 351102500
Use network code 31038 if your IMEI starts with: 351102501
Use network code 31038 if your IMEI starts with: 351102502
Use network code 31038 if your IMEI starts with: 351102503

For 3650 AT&T USA always use code 1 out of the 7 generated!

Vodafone Sweden also tried something different but the solution to unlocking their handsets proved to be as simple as entering code 4 followed by code 1.

So we have pretty much come to present day. Nokia have tried to counter the easy ability in which their handsets can be remotely unlocked and to some degree its worked but those that keep up to date with the latest software / shells continue to unlock Nokia's easily!

What Box Serial Numbers are Used These Days?

So what's all this stuff you have been hearing about these newer box serials and code variants all about? Well to this day so long as you are using the correct MCC+MNC version 2 codes still work just fine! There have been rumors that the new 3200 and 1100 cannot be unlocked with version 2 codes. It is for this reason that people have been releasing newer code variants. These code variants come about from using different box serial within dct4nck.exe by joszo. Remember the mysterious 4th parameter I mentioned above used in the dct4nck DOS program? Well this is where they come in to use. Below is a list of code variants and what box serial is used to calculate them:
32820 - v1
33820 - v2
33552 - Griffin Clip
32819 - Griffin (old)
34144 - Griffin (new)
33821 - prodigy codes
32779 - original codes

Any of the variants above other than version 1 codes will unlock any Nokia on the market! Whether any of these newer variations will prove to be more successful than version 2 codes is yet to be proved or disproved.

Those that are wondering where the terms Griffin and Prodigy come from:
Prodigy is the name of a DCT4 flasher that also generates codes Nokia unlock codes.
Griffin is also the name of a DCT4 flasher that includes an unlock code generator. Griffin also produce a "clip" that when linked to a computer produces Nokia unlock codes.

So part of the reason we see many different variants is due to these DCT4 flasher manufactures that choose to include Nokia unlock code calculators in their software that produce different codes to those that we are familiar with (the reason they have done this is unclear).

A software utility has recently been released that can deduce the box serial used from any unlock code. Download DCT4Key.

dct4key

With the release of this utility it is no doubt that further working box serials / code variants will be released. As mentioned previously the value of these different variants is yet to proved.

I was recently advised that any box serial beginning with 33 or 32 will unlock Nokia phones successfully! I think this is probably true, although I have not been able to test this theory personally.

Why do Box Serials Exist at All?

So why are there different box serials at all? I heard a very interesting theory which I believe to be true.

Apparently Nokia distributed 2000 original unlock code dongle's around the world. These are the dongle's Nokia supply directly to the mobile networks so that the networks can calculate unlock codes for their customers. The dongle that was originally sold to by GSM traders around a year ago was a clone from an original Nokia dongle (presumably one stolen from a network provider). The dongle that was originally cloned calculated what we call version 1 codes.

The theory is that EVERY Nokia phone can accept 2000 variants of unlock codes. So for example a phone with IMEI 123456789012345 and provider 12345 can accept 7 x 2000 unlock codes!

Nokia realised that one of their dongle's must have been cloned. So Nokia analysed codes that were being posted by unlockers on the internet (they also look in forums!). They then discovered which one of their original dongle's had been cloned. Nokia then just 'deactivated' that dongle ID/serial in their NEXT firmware/software updates. This is what happened when unlock codes began to fail for 3510i's and 7650's.

So each network is issued (by Nokia) with an unlock code dongle with a unique serial number. If Nokia feel that a particular dongle has been lost or cloned they can make it useless to unlock future handsets. But the GSM hackers have out done Nokia by finding the source which generates unlock codes for ANY serial number. It's as if we have all 2000 dongle's at our disposal!

Will Nokia find a way to fight back? We will have to wait and see. I hope so or things will begin to get a bit dull and a bit too easy :-))

I would like to finish off by thanking you for taking the time to read this in-depth article. If you have any feedback or spot any errors please feel free to contact me. And finally if you would like to use this article please ask my permission!! I normally say yes and all all I ask is that you supply a link back to my site and say thanks to me! It took me a considerable time to write this :-)).

Dan
Author of www.UnlockMe.co.uk

divider

Terms And Conditions