Here is the highly anticipated secpack for iPhone baseband 04.03.13_G:
With this secpack, any accidentally upgraded 1.1.3 iPhones that have bootloader 3.9 can be fully downgraded to earlier versions. NOTE: starting from OTB 1.1.2, Apple has updated the bootloader to version 4.6.
Brief Steps to Downgrade to 03.14.08_G
1. Downgrade iPhone firmware to 1.0.2, you may have to downgrade in this order: 1.1.3 -> 1.1.2 -> 1.1.1 -> 1.0.2 you need to put iPhone into DFU mode first before downgrading.
If you prefer reflashing on 1.1.1, it’s fine, but keep in mind that 1.1.1 will shutdown WiFi once you issue the ieraser command, so you may have to use MobileTerminal (aka Term-vt100) or initiate a script running in background through SSH. For me, 1.0.2 is my favorite testbench, as the WiFi stays during the whole process.
2. Extract and upload the following files to iPhone, put into /reflash:
ICE03.14.08_G.fls
ICE03.14.08_G.eep
BBupdater
iEraser
Secpack 04.03.13_G
3. If you wanna use SSH (I do), then install these packages:
BSD Subsystem
OpenSSH
If you prefer doing it through Term-vt100, install these packages:
BSD Subsystem
Term-vt100
4. SSH login to iPhone (or use Term-vt100), and enter the following commands in SSH or Term-vt100:
cd /reflash chmod 755 * launchctl remove com.apple.CommCenter ./ieraser ./bbupdater -f *fls -e *eep ./bbupdater -v (you should see version 03.14.08_G) launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist
UPDATE: If you want to do it on 1.1.1:
Write a script similar to the following downgrade.sh:
#!/bin/sh cd /reflash chmod 755 * launchctl remove com.apple.CommCenter ./ieraser ./bbupdater -f *fls -e *eep ./bbupdater -v launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist /sbin/rebootThen issue the command from SSH:
nohup sh downgrade.sh > ~/downgrade.log 2>&1 &You’ll notice the WiFi disappears and you lost SSH connection during the process, don’t worry, wait some minutes, don’t touch your iPhone, let it go, it will reboot once the process is done, the output is at /var/root/downgrade.log.
P.S. script not tested, use at your own risk.
NOTICE
The above steps have been tested on non-OTB 1.1.3 (modem 04.03.13_G, bootloader 3.9, which means it’s upgrade from OTB 1.0.x or OTB 1.1.1), I upgraded one of my iPhones from 1.0.2 to 1.1.3, and then downgraded it back to 1.0.2 without any problems. Read my experience HERE.
UPDATE: Don’t do this on an OTB 1.1.2, there’s no way to flash a baseband with bootloader 4.6 at this time.
Why A 1.1.3 Upgraded from OTB 1.1.2 Can’t Be Downgraded
The OTB 1.1.2 comes with bootloader 4.6 which has changed the version checking algorithm, the algorithm is like this:
if (secpack version > current baseband version)
allow to erase
else
deny it
The above statement indicates with bootloader 4.6, a higher (than current) version of secpack is required to erase the current baseband. So to erase a baseband 04.03.13_G with bootloader 4.6, you have to have a >04.03.13_G secpack. That’s why you can’t downgrade a 1.1.3 iPhone upgraded from OTB 1.1.2, because when an OTB 1.1.2 is upgraded to 1.1.3, the modem is also upgraded to 04.03.13_G, to erase it, a higher version (>04.03.13_G) is required, which means you have to wait till the next baseband update.
UPDATE: Don’t do this on an OTB 1.1.2, there’s no way to flash a baseband with bootloader 4.6 at this time.
Why A 1.1.3 Upgraded From OTB < 1.1.2 Can Be Downgraded
The old iPhone comes with bootloader 3.9, which has a slighly different version checking algorithm, like shown below:
if (secpack version >= current baseband version)
allow to erase
else
deny it
Have you noticed the differences? Yes, the >= is the point, which means with bootloader 3.9, you can erase the current baseband using a newer version OR a current version secpack, so you can use a 04.03.13_G secpack to erase a 04.03.13_G with bootloader 3.9.
NOTE: the bootloader is the last resort to salvage the phone when something really bad happens, so it never gets flashed during an update. The ieraser erases the secpack, not the bootloader.
—
The following contents are copied as-is from George Hotz weblog as a backup purpose for my easy access.
Hardware Unlocking
The following contents are from George Hotz (HERE), it downgrades the bootloader from 4.6 to 3.9 so that you can later downgrade you baseband to previous versions. The contents are copied here as-is for my easy local access:
1. Copy all the files to a directory on your phone. It is imperative you do not shut off the phone after ieraser, or you cannot restore wifi, since the only fls which works on 4.6 is 1.1.3
2. Run ienew. This is ieraser, and it erases your 1.1.2 firmware to allow the testpoint to work.
3. Find an old 3.9 nor dump and create a file called “nor” with the first 0×20000 bytes of the old nor dump. This is the 3.9 bootloader.
4. Copy “nor” into the folder and run iunew. This is iunlocker and runs just like the old one. You will need the A17 testpoint on before running this. See the following for info on this testpoint:
The red line is covering the A17 trace. In order to trick the chip into thinking the flash is erased in the correct section, you will need to pull this high.
Scrape away at the trace with something like a multimeter probe. Then solder a very thin wire to it. Be very careful. Only scrape away at that solder mask above that one trace. YOU DO NOT WANT TO BREAK THE TRACE. This is the hardest step in the whole process; the rest is cake.
Also solder a wire to the 1.8v line. Connect to wire coming from the trace and the wire coming from the 1.8v to your unlock switch. Be careful, you only get one chance to do this right. Thanks again to Nick Chernyy for the picture.
5. The bootloader is now 3.9!!! Run bbupdater or restore phone with the AnySimmable firmware of your choice.
6. Run AnySim and, as usual, enjoy your unlocked iPhone.
The H/W unlocking required files: OTB 1.1.2 Hardware Unlocking Package
The ready-to-go NOR file for Step 3: First 0×20000 Bytes of 3.9 NOR Dump (Bootloader)
120 Comments
sorry my english is poor
I have a otb 1.12 iphone
I try to downgrade modem flowing you
./ieraser OK
but ./bbupdater -f *fls -e *eep
at last it tell me “error:Failed to download .EEP: Could not verify downloaded image.”
I dont know where is wrong??
thx for your help
Sorry, I have no OTB 1.1.2 to play with, so I can’t help you at this point, I said it probably works, of course it might also be a false alarm, better wait for technical people to try it before taking the steps.
Since we have the SECPACK 04.03_13 in hand..
can we fool the BL to think its always a higher version… or is it the secpack is completely encrypted…
OR can we change the BL to the old ‘>’ check instead of ‘>=’ check.. I think that wouldn’t be possible … to modify the BL.. but just some thoughts..
thank you all the same
but
ieraser may be worked and the baseband must be eraser
what shuld I do ?
thx
BR~
Morphius,
Fake baseband version? No, it’s not gonna work because of the encryption :)
Change BL? No, you have to be able to reflash the BL which is the point in H/W 1.1.2 unlocking (downgrading the BL to 3.9) but there’s no software solution yet.
magicwang,
You may want to try a full restore to 1.1.2.
I try to restore to 1.1.2
but it show 1002 error
Sorry, I really can’t help you much on OTB 1.1.2 ‘cos I don’t have one in hand, all my suggestions are based on common knowledge.
ok
i will try it myself
thx a lot!
Don’t upgrade to 1.1.3 yet, wait for some days, if a software solution is out, you can still get your phone back. Otherwise, you’ll have to wait till next baseband update because your baseband will become 04.03.13_G after upgrading.
NO I won’t upgrade to 1.13
I will wait the s/w solution and I know it must be realse soon!
thx!
Hi George..
congrats on your good work !
I have a OTB 1.1.2, Bootloader 4.6
I`ve downloaded 1.1.2otb Pack, to downgrade the bootloader.
I have the 3.9 NORDumper but dont know how to create a file called “nor” with the first 0×20000 bytes.
And dont know what it is the A17 testpoint ?!
Than after all, i have to copy this created nor file to the same folder i copy the 1.1.2otb pack, and run iunew.
Thats it !
Bootloader 3.9 !
As simple as that !?
Can you help here, please !?
Thank you for the very good work !
bolecao
after i put
launchctl remove com.apple.CommCenter
it says
launchctl remove error: No sach process
what should i do
thx a lot
If it says ‘No such process’, either there’s typo in your command, or the CommCenter has been closed. Just go ahead, if the ieraser says ‘Resource Busy’, then you didn’t turn off the CommCenter yet, try rebooting and start from the ground.
after i put
./ieraser
it says
permission denied: ./ieraser
what should i do
thx a lot
ivan, looks like you’re on Windows, you need to make it executable, try enter the following command after the ‘cd /reflash’:
Hey ivan..
you need to set the “ieraser” permission to 775
Bruno Bolescao, refresh the page, I’ve just uploaded it.
yahoo~~~~~~~~
i did it
thanks very much!
george…
I can`t understand the step 3….
Is the 3.9 bootloader file the same NORDumper renamed to nor ?
where can i find this to download…
please help me here…
thank you !!
Bruno Bolescao,
I have uploaded the extracted NOR file for you, just download and expand it, you don’t have to hex edit it, it’s already ready-to-go.
George…
Just downloaded !!
thank you very much !
Now i can downgrade the 4.6 bootloader to 3.9…
Thank you very much !!
Keep it high !
bolescao
George
I really didn’t know why my otb1.12 phone cant downgrade the modem
I have some questions
what the purpose do we downgrade modem for 04.02.13 to 03.04.08?
why George Hotz didn’t downgrade the modem and unlock it ? Did he try it ?
eee……
may be my questions look like a little stupid.
thx
Since the article may confuse people at some point, I have slightly modified it.
George, you are a genius…!!
I was able to downgrade my bb back to 03.14.08 from 04.03.13…
My wife upgraded to 1.1.3 by mistake from OOTB 1.1.1 and I’ve been messing with the phone for a couple of days trying to downgrade the bb…I’m so lucky to have found your blog….now on to my next step—> upgrade to 1.1.1 and unlock back to TMO
keep up the good work
OK good news….but let me tell you the story trail….
a mistake led to the update of iPhone from 1.1.1 (FW 04.03.12_G) to 1.1.3 (iTunes did an automatic upgrade)
lost all my 3rd party apps and the phone was returned to 1.1.3 factory settings with modem firmware 04.03.13_G
for a moment there, I thought I was screwed cause all the other forums and users warned about updating to 1.1.3 since there is no downgrade path to earlier firmwares….still I didn’t give up. I managed using SSH & iBricker to downgrade back to 1.0.2 but still was stuck with modem firmware 04.03.13_G
then I found George’s Blog and followed his secpack downgrade method which got me back to 03.14.08 then it was just standard unlocking stuff….
now I’m at 1.1.2 jailbroken/unlocked running on TMO with EDGE and youtube and all the 3rd party apps ..
Thanks George again and everyone in the development community…
I try downgrade modem again
and I find a problem
ieraser is used to eraser the bl 3.9 phone
and the new file ienew is used to eraser a otb 1.12 phone??
I try ./ienew on my brick otb 1.12 iphone and it show me some different datas
and after doing that at setting–>about,it is only left wifi and blueteeth,(no wifi blueteeth 00:00:00:00:00:00)
the ICCID IMEI MEDOM isn’t on the list
Does it mean that the modem is erasered?
But I still can’t reflash the modem “error:Failed to download .EEP: Could not verify downloaded image”
I will go on tring it
Did you actually decrypt the firmware restore file to get the secpack or did you get it from some kind of hardware dump? I’m currently seeking for a way to decrypt the dmg files in the restore file to get hold of the contained binaries. Do you have the necessary crypt-keys and passwords?
I ran across your site today and i really like both; layout and content. Keep up…
The exploit used to extract the secpack in previous versions have been fixed, this secpack comes from the hardware method by some brave people with the appropriate devices, and the process of retrieving this secpack destroyed 6 iPhones. The dev team also claimed that they’ve got the secpack nearly a month ago, no comments on how they got it though.
Hi George,
I have an iPhone 1.1.2 OTB and accidentally i’ve updated to 1.1.3 using iTunes 7.5.
The problem is that modem firmware was updated to 04.03.13_G as mentioned here in your blog, and the original was 04.02.13_G.
Do you know if there’s a way to downgrade modem firmware to 04.02.13_G or do i have to wait for a while?
Thanks in advance.
Luis, I’m afraid you’ll have to wait till the next baseband update because you need a newer (than 04.03.13_G) secpack. With a proper secpack, the hardware method can downgrade the bootloader from 4.6 to 3.9, and with a bootloader 3.9, you can downgrade to earlier versions of baseband.
where is the directory to put the files into???
/reflash
I don’t find that on the iPhone.
also, is it easier to do the hardware unlock now, or should i just wait for a new unlocking for the baseband. is it possible to use iPhone as a actual phone when it has the bootloader 4,6??
from a curious and anxious 15 year old boy
George, two questions, 1> could you confirm Hardware bootloader downgrade method need to erase modem firmware first, if thats the case, because we could not erase 4.03.13G, even with Hardware method, we can not downgrade bootloader to 3.9. That means even with HW method, 1.1.3 with Bootloader 4.6 could not be hacked.. Why those guys in vietnam claim that they break the iphone with 1.1.3 using hardware method, confusing…
Kristoffer, the /reflash is just my example, I create it manually, you may put the files anywhere as long as its on the ‘executable’ volume. Since /var is mounted as ‘noexec’, you can’t put files in any folders under /var (unless you remount it withouth ‘noexec’). BTW, h/w method is pretty dangerous, especially when you have little experience on such things before. I would suggest you waiting for an easier solution.
Sean, you need to erase it before reflashing, if your OTB 1.1.2 was upgraded to 1.1.3, too bad, you gotta wait for new baseband update that comes with new secpack.
the bbupdater -f *.fls gives me an endless loop, after a while I have to manully stop the process, any reason why?
The bbupdater -f *.fls after completing, returned the following error:
Error: Failed to download .FLS: Expecting checksum 13FB got D064
Done
Can you help pls
Al, maybe your baseband was not erased successfully, try re-erase it before flashing.
thanks for the thing you have done~
i got a problem,i have a otb 1.1.2,but when i using anysim,it is broken,it tells me repair needed,ano no wifi no imei no iccid
i tried to using the way you did,at last it tell me “error:Failed to download .EEP: Could not verify downloaded image.”
is there any other ways to save wo iphone?or should i wait for the new secpark…..
Geez, didn’t you notice the article is NOT for OTB 1.1.2? You gotta wait for a solution to reflash the baseband.
oooo…have to wait…..thank you all the same
Hi,
Jailbreak for 1.1.3 has been released… and it seems it does not upgrade the secpack (not really sure though).
Would it be possible (while the tools to open my iPhone arrive) to jailbreak to 1.1.3 and then when the tools arrive, downgrade to 1.1.1 and proceed with this bootloader downgrade?
Thanks a lot
George,Jailbreak for 1.1.3 has been released.,what about secpark for otb 1.1.2,do you know about it
thanks
Victor, you may jailbreak to 1.1.3 and later downgrade the firmware to previous version. As you speculated, the jailbreak only touches the firmware, so when it’s done, you’ll have a 1.1.3 firmware + current baseband hybrid iPhone.
000000yyy, I don’t know what you’re talking about, the secpack for 1.1.2 has been published weeks ago.
George,i mean the secpark for the otb 1.1.2,that secpark you said may be for NON-OTB 1.1.2 ONLY,i saw it in your blog ,but i cant use it to downgrade my modem,it tells me error:Failed to download .EEP: Could not verify downloaded image
I’m afraid you still don’t know what a secpack is and what it is for, I said the baseband downgrading method may not be used for OTB 1.1.2, did I say ‘the secpack may not be for NON-OTB 1.1.2′ ? I won’t say something like that because a OTB 1.1.2 and non-OTB 1.1.2 require the same secpack to erase. You can’t reflash the OTB 1.1.2 baseband because bootloader 4.6 doesn’t allow you to do so even though you may still erase the baseband.
i think i did not explain it clearly,i mean that my iphone modem is borken,i need ref it,but 4.6 doesn’t allow me to do this
,so i have to down to 3.9
what should i do,using Hardware Unlocking to made bl to 3.9,then reflash the modem? and someone tell me i could up to 1.1.3,it could reflash my modem,but i think it may be dangerous,for the unlock of it,is that right?
the most important thing for me is to down the bl4.9 to 3.6~~~~is there any good ways?
sorry,my english is poor………….
uhm , i accidentally upgraded my phone to 1.1.3 via iTunes , and i’m trying to restore to 1.0.2 but the Baseband version 04.03.13_G (1.1.3’s), on iBrickr i manage to jailbreak the phone but after the phone reboots it still shows the activation screen with incorrect sim warning
any way to downgrade the firmware ?
Hi George!
Just to say this guide works perfectly! Thank you very much!!
But to make it work to me, i had to set all the files to have permission 775.. DUnno why.. :S
Thanks!!
can a OTB1.1.2 upgraded to 1.1.3 be downgraded ?
akihito, to downgrade the firmware, you need to let iPHone enter DFU mode.
Ander, you’re right, the executables NEED to have permission 0755 or 0555 (minimum 0100 for iPhone :), that’s the common knowledge on a Unix system, so I didn’t write it in the article. Sorry, I often forget there’re Windows users out there :)
axlemilio, NO! Don’t do it atm.
sorry to trouble you ,have you seen my wors,could you give me any advise, i just want to repair it soon
thans!!
000000yyy, I’m afraid there’s no solution atm, the leaked jailbreak 113 only activates the iPhone. There’s no solution to your baseband issue unless the method to reflash the baseband with bootloader 4.6 (not the bootloader itself) is found. BTW, the H/W method may also be a way but it’s too dangerous.
thanks so much,i have to try
Hi, George. I just have an OTB 1.1.2 from UK. I unlocked it to use as an ipod, but i tried to use the baseband downgrader, from unlock.no…that’s when my nightmare started. Now i’m trying to downgrade to firmware 1.0.2, so i can use iBrickr to install bsd and openSSH to try to restore the 04.02.13 baseband, since i don’t have wi-fi, IMEI or ICCID anymore. When i found the secpack 04.03.13, i wonder if i can use it, since bootloader 4.6 –> “if (secpack version > current baseband version) allow the further operations”.
Is that possible?
Thank you veeeeeeery much!
No, don’t do that! You can erase the baseband, but you can NOT flash a new baseband in.
Paula- I had the same problem. What I did was, restored using 1.1.3 (unmodded. figuring that it would “update” the modem/bootloader). Then did the task of downgrading. I haven’t successfully unlocked it yet.
George- I’m stuck at where it says failed to download .EEP. I’m assuming that the *fls and *eep command that “*” is a the wild card for the files. Can’t I just type out the file names here?
Better yet, can you post a downloadable script for the 1.1.1 so it can be run in terminal?
Mike, I think you made the wrong choice (upgrading to 1.1.3), now you have to wait for another baseband update that contains new secpack. You can’t flash the baseband when you have a bootloader 4.6.
George,
so, if a 1.1.2 bl4.6 iphone was h/w tp’d, and at the point of the iunew tp success, the phone shut down, and required a restore, and was then left without a bootloader… are you saying there is no way to get a bootloader back onto it at this point? how would apple do it? if i sent them the iphone for restore/repair, how would they do it?
thank you for your time!
Eric Jarvies,
No, iunew utilizes the A17 testpoint to flash the bootloader, when it’s done, the bootloader has been downgraded to 3.9. If you reboot right after iunew, you still have bootloader, but lost the baseband firmware. Since it has been a 3.9, you can always use bbupdater to reflash the baseband firmware even though you have lost WiFi.
The most strange part is that i’m having big problems to unlock it even in 1.0.2fw…iBrikr is not doing it’s job. I already restored 1.1.2, 1.1.1 and 1.0.2 thousand times…well, i guess i’ll just have to wait for the sw unlock, so i’ll can flash the baseband, virginize it and then, unlock.
:-(
Damned baseband downgrader…
Paula, you said (in your previous comment) you have a OTB 1.1.2, so its baseband is 04.02.13_G, bootloader is 4.6, the problem is not in the firmwares, but the bootloader. Downgrading firmware from 1.1.2 to 1.0.2 does not help unlocking, it just downgrades the operating system, not the baseband. Since there’s no way to reflash a baseband that has bootloader 4.6, you can’t downgrade baseband, can’t virginize, can’t do whatever you feel interesting things. Just use your phone as an iPod, wait for the next update, pray dev team could find a way to break into this bootloader 4.6 ;) or use a TurboSim.
Yeah, George…that’s my idea, but i’m not being able to unlock it anymore in 1.1.1 nor 1.0.2. iBrikr and appinstaller are useless at this time. I used a tutorial that suggested to use wINstallerGUI ( the activation button ), and that’s when my truble began. Since then, i Brikr and AppInstaller aren’t working. The far i can go is using iBrikr to “free my iPhone”, then, when it reboots, i get the loop reboot, with blue blink, and the script running, and then, here comes the loop again. So i put it in DFU mode and reinstall 1.0.2. I tried to reinstall all the firmware versions, then downgrade ’til 1.0.2. All attempts failed…
Paula, I think you didn’t get the point: if you have (or had) an OTB 1.1.2, you can NOT unlock it atm no matter what you do unless using TurboSIM. Are you trying to activate it or unlock it?
Sorry, George. I got u confused. I know that i can’t unlock it, i mean, i won’t have it working as a phone. I wanted it as an iPod, until Dev Team releases a sw unlocking. But all my attempts to restore the fw ( i tried 1.0.2 and 1.1.1 ), i can’t jailbreak it and activate…iBrikr and AppInstall.exe processes all failed.
Sorry bothering and confusing you. :)
Ah, now I see ;)
i’ll just give up…sit, cry, pray and wait!!!
LOL,
thanks a lot!
Hi, i have a OOTB 1.1.2 /BL 4.6 UK iPhone. Its jailbroken and activated.
Accidentally i updated it to 1.1.3, what got me to the basband 4.03.13_G.
Is it possible for me to downgrade my bootloader using the hardware method?
Thanks so far.
Patrick,
No, you can’t, you need a newer (than 04.03.13_G) secpack.
SO I tryed the HW hack. now my phone says it needs repair. I tried restoring with 1.1.3 but it keeps coming up with a 1101 error when I’m restoring (using mac or PC) and itunes says that its unable to read sim card. Is there any way to restore at least wifi?
Hi George! Congrats for the article and patience to explain sometimes over and over…:)
Well… It’s pretty clear that Patrick(above) is as much screwed as I am. I have a 1.1.2 OTB 4.6 Bootloader and updated to 1.1.3 via ITUNES and got the baseband upgrated to 4.03.13_G. So myself, Patrick and others screwed people have to wait until the next baseband release, according you so clearly described. Just a question remains…
In my case, I have used TurboSIM to unlock and after Ibrickr to 1.1.3 I got the “Itouch” functionalities , but the phone is dead. It didn`t even says that there is a Simcard. Above in one of responses you adivises to try a TurboSim. This TurboSim you cites, must be a 1.1.3 powered or you see there is another solution to my case by my current TurboSim?
Thanks!
Mike & Balacobaco,
For the H/W unlocking, I would suggest you to ask the original author George Hotz through the link in the article ‘cos I didn’t H/W unlock my phone this time :) The contents are copied as-is from Geohotz’s site as a backup purpose in case I need it later. I only used the H/W method to unlock my 1.0.2 which was months ago.
George,
Thanks anyway!
For those who have the same problem, I’ve found some related article about “manual unlock” and “lockdown”. Aparently all the current *Sim (TurboSim, StealthSim, etc…) doesn’t work wih 1.1.3. Some gurus say that can be done (maybe) doing this manual unlock…I really don’t know. :(
As far as it is, aparently we must hold until new baseband is released to perform the downgrade.
Meanwhile, let’s enjoy our expensive and oversized IPOD!
Thanks!
Balacobaco,
I’ll say the firmware 1.1.3 DOES work with *SIM as long as you don’t have a 04.03.13_G modem, I tried it on a 1.1.3 + 04.02.13_G and it worked. But with the new baseband 04.03.13_G, I have no idea whether the *SIM can work, as I didn’t try it on a 1.1.3 + 04.03.13_G yet.
George, I need the extracted NOR.
Please help me
Thanks
我用硬解的方法把bootloader从4.6降到3.9,然后恢复到1.1.1,Modem降到1.1.1的Modem,用anySIM1.1解锁不成功,然后升级到1.1.2下面用anySIM1.2.1u解锁成功,我想问一下,这以后恢复1.1.2的固件或者降到1.1.1(包括Modem)还需要重新解锁吗? 或者要重新解锁的话还要不要还处? 还一个问题,现在降到3.9了能直接用itunes升级到1.1.3而不用解锁吗? 求解,谢谢了!
我的是OTB1.1.2 :)
mistletoe,
对于解锁,如果升级时连带Modem也升级了,就需要重新解锁,否则就不需要。降级则完全不受影响,不过有可能在某些版本的Firmware下不能通话(系统的原因)。
对于1.1.3 Jailbreak,你看错文章了,这个是讲降级的,你该看另一篇”Official Jailbreak 1.1.3 Issues”。不过可以简单告诉你,不能用iTunes升级到1.1.3,需要用软件方法来“只升级Firmware,不升级Modem”。
你说的”降级则完全不受影响” 意思是说就算我现在 固件连同Modem降到1.1.1或者1.02 也不需要再重新进行解锁?
“不能用iTunes升级到1.1.3,需要用软件方法来“只升级Firmware,不升级Modem”。 1.1.3不能像解锁以后的1.1.1升级1.1.2一样 升级1.1.3以后再把固件降到1.1.2,再进行软升级到1.1.3 而不用再解锁? (这样的话固件包括Modem都是1.13的)
这么晚还没睡啊 难道你在国外那边是白天? :)
降级问题:完全不成问题,假如降级后不能打电话,不是Modem的问题,是系统的问题。我的04.02.13_G在1.1.1就不能打电话,升级到到1.1.2就可以。
升级到1.1.3的问题:请仔细看我刚才说的那篇文章,不是这篇,没有说要你用iTunes,也绝对不能用iTunes。
睡觉问题:我和你一样在中国,既然你现在没睡,我也可以啊。
:)
Hi George
Do you have any information you could give us about why the 04.03 can’t be patched like 04.02 has been for a sim unlock with 39BL.
Thanks
I have the same problem of that guys http://www.hackint0sh.org/forum/showthread.php?t=24730
Are there something to solve this problem?
Thaks in advance!
Hi George,
I have same problem than Balacobaco, is a 1.1.2 OTB 4.6 Bootloader and updated to 1.1.3 via ITUNES (a bib deal…) and got the baseband upgrated to 4.03.13_G.
I had downgraded and jalibreak to 1.1.1. again, but No works the phone with the newer Turbosim.
Any idea to have a phone?
Aptitud, I’m afraid you’ll have to use it as an expensive iPod for quite some time till people find out how to deal with the bootloader 4.6.
Hey,
I have an otb 1.0.2 and accidentally upgraded to 1.1.3. I’ve been able to downgrade to 1.1.1 but the firmware remains 04.03.10_G. ive tried downgrading but it remains the same. Anysim wont work with this. any advice. i want to unlock my phone to use with tmobile
Dear George,
I have a BL 3.9 iPhone here with no wifi, IMEI or ICCID at all. I’m trying to reflash the baseband with your method using the 04.03.13_G secpack. Allthough I do unload the commcenter, I keep on getting replies from BBUPDATER “Failed to initialize the comm layer: (is it open by another app?). I even unloaded the commcenter using UIctl, but still the same result. Do you have any idea what is going on here?
Thank you for your help.
Thanks George,
any idea about remaining time to people find out how to deal with bootloader 4.6?
I have really a expensive and heavy ipod… jaja
Is there any way to HARDWARE downgrade the bootloader from 4.6 to 3.9, my baseband is 4.3.13_G. I have the iPhony wide open on my desk.
I’m not George Hotz :) Please check his blog at http://georgehotz.com/ for H/W unlocking details.
THANK YOU SO MUCH!!!
Seriously man.. This worked like a charm!
Hi!
I have a question. If bootloader 4.6 lets you erase your baseband, then there must be some other kind of check, besides the secpack_ver >= baseband_ver, isn’t it? Or am I missing something? I’m asking because I erased unintentionally the baseband on a 1.1.2 OTB phone. I’ve read that some people in the same situation have restored the baseband by upgrading to 1.1.3 from iTunes, and I’d like to know if you (or anyone reading this) know anything in this respect. I know I’d be trapped with 4.03.13_G until a new baseband is released, but at least that way the only thing missing would be the phone functionality.
Thank you all in advance for your answers!
Hi there,
i hve an iphone that i accedinetly upgaded to 1.1.3 thru Itunes. i manged to bring it back to 1.1.1(3A109a), firmware is 03.14.08_G, IMEI 011300004719986. i ran Isim and it unlocked but somehow i am not getting connecting to any of the networks. i tried with alternate sim cards but did not get connected also. Can you help.
thks
Hi guys,
I have an 1.1.2OTB, so i try a hardware unlock everything looks good after iunew (downgrade to 3.9) but after restart the phone i lost wifi, no imei and no modem firmware, so i googled i i found that you need to restore to 1.1.2 to recover the wifi, no luck after restore, so restored to 1.1.3 and no luck,, my only alternative it was to recover to 1.02 because i dont have wifi to jailbreak it , well i done this and use ibrick to upload terminal vt100 and bsd subsystem files to try a baseband downgrade, well i try … but when i execute bbupdater -f *.fls -e *.epp the phone try to flash the baseband with no luck its says “bootloader to old, upgrade to 1.8 and try again” after 10 tries, so now im lost :S, a try to view the actual baseband (bbupdater -v) and the phone respond trying to “pinging basebband time out” so i asume that i dont have it…. well this is good to downgrade the baseband but i dont know why i cant flash it. please help!!! PS: i asume to that i have now the 3.9 bootloader because the hardware dump work ok with no errors, im all right? tks again
Thanks George, this certainly saved my bacon.
Didn’t use VT100 had issues typing in the commands on the iphone, so just used Terminal on my Mac and ssh’d into the phone, then copy and pasted you commands.
Anyway, thanks a million again.
george
i had a 1.1.2 OTB and the vry first time i connected it to the laptop i upgraded it to 1.1.3 04.03.13_G( my bad)….the serial says 48 so im thinkin its a 4.6 bootloader….
help me…….
i m trying to downgrade it but it keeps giving me an error(1) for both 1.1.1 and 1.1.2 downgrade…
HEELLPPP
Hi George (and others),
I have a jailbroken and activated OTB 1.1.2 (week 46).
Version: 1.1.2 (3B48b)
Serial: 7V746B….. (week 46)
Modem firmware: 04.02.13_G
Bootloader: 4.6
What options are there to unlock this device and use it in the EU (Netherlands)? (SW/HW?)
我的是OTB1.1.2的,但我硬破把Bootloader 降到了3.9可以用你这个方法操作么?谢谢
Yusuf, enter DFU mode first, you may downgrade firmware, but you can’t downgrade modem.
G, no software unlock for your OTB 1.1.2 yet.
dleo, might be, but nobody tried yet.
yes i did enter the DFU mode but still i get the error(1) adn i cant not downgrade firmware. how should i go about tht???
can i give it for a hardware unlock, by professionals ???
and the serial says 48….am i right, is it the 48th week and is my iphoen a 4.6 bootloader?
thank u
OTB1.1.2的,但我硬破把Bootloader 降到了3.9
更新前
# ./bbupdater -v
Resetting target…
pinging the baseband…
issuing +xgendata…
firmware: DEV_ICE_MODEM_04.02.13_G
eep version: EEP_VERSION:208
eep revision: EEP_REVISION:1
bootloader: BOOTLOADER_VERSION:3.9_M3S2
Done
更新后
# ./bbupdater -v
Resetting target…
pinging the baseband…
issuing +xgendata…
firmware: DEV_ICE_MODEM_04.02.13_G
eep version: EEP_VERSION:208
eep revision: EEP_REVISION:1
bootloader: BOOTLOADER_VERSION:3.9_M3S2
Done
Yusuf, sorry no idea, afaik, you can always downgrade the firmware (not modem) regardless of whether it’s bl 3.9 or 4.6 as long as you enter the dfu mode.
dleo, 你没明白我的意思,我知道怎么硬解,但你的想法没人试过,我也不知道,手里从来没有原生1.1.2.
ok then….can u guide me how to downgrade it…and wat softwares wud i need.
thanks…appreciate it aalot
Yusuf, I said I have no idea, because DFU mode is the only point, if you can’t get it working then I really can’t help.
sorry我贴错了,事实上我成功了的
# ./bbupdater -v
Resetting target…
pinging the baseband…
issuing +xgendata…
firmware: DEV_ICE_MODEM_04.02.13_G
eep version: EEP_VERSION:208
eep revision: EEP_REVISION:1
bootloader: BOOTLOADER_VERSION:3.9_M3S2
Done
# ./bbupdater -v
Resetting target…
pinging the baseband…
issuing +xgendata…
firmware: DEV_ICE_MODEM_03.14.08_G
eep version: EEP_VERSION:208
eep revision: EEP_REVISION:1
bootloader: BOOTLOADER_VERSION:3.9_M3S2
Done
现在我已经用AnySIM 1.1.3,Official 1.1.3 Upgrader成功升级到了1.13了,谢谢了
Dude! I did all the parts but when I typed ./bbupdater -v the version that command reported back was the same version as before. what can I do?
Hi,I have a iphone which the baseband was 04.01.13_G and was jailbreak. Last week I have tried to upgrade to 1.1.3, but everything went wrong and now I have the baseband 04.03.13_G!! But the phone is blocked and is not working properly. I have tried to downgrade to 1.1.1 but it is not working and I need your help.Please, could you tell me what to do, and how to do it properly?Many Thanks for your help!
Hi to George & the rest of the community!
I am one of the screwed ones: I’m running 1.1.1 on an iPhone (OOTB 1.1.2.) with 04.03.13_G and Bootloader Version 4.6_M3S2 and at the moment there is no way for me to use the phone functions even though I originally bought a TurboSim aswell. =(
Now here is my, probably silly, question:
For those of us who would like to expand there 8GB iphones to 16GB (would 32GB ipod Toch work?) Would putting in a new memory with 16GB mean getting rid of the baseband/bootloader problem?
Thx for any suggestions
and an extra big THANK YOU to the people working on the matter!
Hello to all, I was on the same problem, I have a OTB 1.1.2 (Bootloader 4.6) and I upgraded to the 1.1.3 firmware (that installed the 04.03.13_G base band), with no luck to downgrade…. until now.
I followed these instructions, but first I needed to do the following:
1. I used the IPHUC method to downgrade to firmware 1.1.1 and the activation method. (All the time I was dealing with the warning: Sim Incorrect).
2. I followed these instructions: http://www.iclarified.com/entry/index.php?enid=649 that tells you to add a resource and install it (GeohotUnlock) and It worked!! Now I have a a 04.02.13_G unlocked.
I hope this helps!!
Wow thanks Felipe! That really looks good!
I’ve just got one little question before I start: Do I have to soft-upgrade my phone to 1.1.2 in order to use the “iclarified” method?
I’ll let you guys know if it worked tomorrow.
@Felipe: Would you be prepared to give out your icq- adress or something in case I have any questions, please.
Thanks again
greets OMG
OMG, I didn’t do the upgrade to 1.1.2, actually, I thought that, and I was waiting for an error, but nothing happens. (I followed the instructions using the 1.1.1 jailbreak and that correct the base band from 04.03.13_G to 04.02.13_G). That method also worked without upgrading to 1.1.2.
After the GeoHot Unlock install, I did the OktoPrep Install, to get to the upgrade 1.1.2 (using then the jailbreak 1.1.2), that worked too. So now I did the software upgrade to 1.1.3 and still have the 04.02.13_G and it worked, and I remain unlock and happy =)
HI help yesterday i tried the method of geohot with the gunlock and all of that then after that, i dont have signal i used the brick tools and then i reboot my iphone, it says need rapair, no wifi, no sound, and now im trying to restore to 1.1.3 or 1.1.2 or 1.1.1 or 1.0.2 and it says the iphone cant be restored, and it shows the error 1012 help me please im desperated. my mail is supersmashbrosgo@gmail.com help me im so sad
It’s unlocked =)
Miguel, the same happened to me. So the thing I did was:
1. Normal restore from iTunes using the Update to 1.1.3. (That should restore your phone with the latest update). If you can restore it (that means that you should have the screen for activation), then I don’t know more.
2. If you get the restore to 1.1.3, then you need to do the iPHUC method in order to do at least downgrade just the firmware to 1.1.1, and put the jailbreak 1.1.1.
3. After you jailbreak 1.1.1(you should have the 04.03.13_G still), you can do the GeoHot method: http://www.iclarified.com/entry/index.php?enid=649
4. After that you should have the phone, wifi and everything working. (you should have now the 04.02.13_G now).
5. You can do the jailbreak 1.1.2 then the jailbreak 1.1.3 (via App Install). and that shoudl keep your phone working.
Latest news: 1.1.3 OTB is now fully unlocked.. All iPhones with 1.1.3 OTB or upgraded from 1.1.2 OTB to 1.1.3 can now be unlocked, even the 1.1.3 16gb version of iPhone.. check this URL for more information: http://zibree.blogspot.com/2008/02/ziphone-updated.html
Old news :) I’m sure you didn’t check other NEWER articles on the blog, this article was posted on Jan 18 ;) Thanks anyway.