Motorola 2way Radio Secrets

By Hoffis

Before starting , run your software, read the radio and save the file to disk. Make backups of the software as well as the file you just saved to disk.

This file I will be referring to as the "Radio's codeplug data file".

* First I need to tell you a little about how I think the software works.

The Motorola software reads the radio's information (codeplug data) and allows you to make changes. This information includes the radio serial number, model number, ROM version number, information about the channels (freq, signl, etc.). Once you read a radio you could change the model number or serial number and reprogram the radio to add channels, signaling, etc. but Motorola has taken several precautions so this can not easily be done.

This is what I have found out:

* The first thing you need to do is to disable the encryption process when writing to disk. This will allow you to look at the radio information file that was written to disk and allow you to make the changes you like.

Now lets take a look at another very interesting file called GP300.mdf

This is where all the model numbers are stored. It also contains information like how many channels, what range of frequency, how many watts of output power, etc. for each model.

* The gp300.mdf file is probably the most useful file. It contains the information about all the models. You can change it to allow all models to have 16 channels. You can even change your radios model number for a number not on the list, and change the radio's codeplug data to that same non-existent model number, and you have yourself an Electronic Lock. Now if someone tries to read your radio they will get an Error 21 radio not supported. So lets get started.

If you need more information about this, post a note to alt.2600 or alt.hacker with the subject line "Looking for Hoffis" and I will get in touch with you. Don't forget to mention my name in the post.

Well That's all for now. I plan on making a more detailed FAQ but since there are some things I still haven't found out, I will wait until then to release the complete thing.

I know this doesn't work on ROM version 3 radios but I have seen this work on some ROM 4 version radios.

This is what I am trying to find out :

If you have worked with these programs let me know what you have come up with. If you have some programs you would like to share or other information, use the above method to post a note.

See you around.


march 23 1997