UPDATE: All questions please go to Hackint0sh.
NOTICE: For bootloader 4.6 only. If you do try it on a bootloader 3.9, you will get these messages:
geohot's 112 otb unlocker... Waiting for data... Attempt... Attempt... Got Header: 77 0b cc Bootloader version: 3.9_M3S2 Incorrect bootloader version
UPDATE: There’s a catch in the article. If you downgrade to 1.0.2 then unlock your 04.03.13_G (BL4.6), your baseband will be downgraded to 04.02.13_G, and you can’t upgrade to 1.1.3 with iTunes because it will update your baseband to 04.03.13_G and will again lock it. In order to use 1.1.3 + 04.02.13_G (BL4.6), you have to update to 1.1.3 first, then do the unlock under 1.1.3, that means you need to enter Airplane Mode and use Term-vt100 (SSH will not work).
The following contents are basically from the instructions.txt bundled in the Geohot’s unlocking package. I made some modifications to make it more clear.
1. Downgrade Firmware
Put iPhone into DFU mode then use iTunes to downgrade firmware to 1.0.2 (there will be an error 1013 at the end which is normal).
Why downgrade to 1.0.2 ?
Because only on 1.0.2 the WiFi will be alive when CommCenter is shutdown, so you can use SSH which is more comfortable than operating directly on iPhone. If you prefer unlocking on 1.1.1, you may have to use Term-vt100 instead of SSH and enter the commands on iPhone and you may need to turn on Airplane Mode.
After the firmware downgrade, install the following packages:
BSD Subsystem
OpenSSH
2. Get Files
Get these files:
Unlocking tool: OTB 1.1.2 & 1.1.3 Unlocking Tool
Baseband: ICE04.02.13_G.fls
Extract and put all files into a folder, say /unlock, on iPhone.
3. Unlock It
Now SSH login to iPhone, issue the following commands to unlock:
launchctl remove com.apple.CommCenter cd /unlock chmod 755 * ./gunlock secpack ICE04.02.13_G.fls launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist
NOTICE: 1.1.3 unlocked with 04.02.13_G.fls as well.
What does this mean?
This means your modem is downgraded to 04.02.13_G after the unlock even if you were on 04.03.13_G before.
4. Jump Out of Brick Mode
If iPhone is in brickmode after the unlock, get the elite team bricktool From Here and use it to get out (bricktool d).
Enjoy your OTB 1.1.2/1.1.3 unlocked iPhone.
45 Comments
There is some problems in this method yet… (for me)
不知道这次是个什么原理啊?
为什么1.13的也能解了,貌似程序要eraser baseband。secpack匹配了??
If you look at the code there is no real point in running it on BL 3.9. It’s basically anysim modified to work on BL 4.6.
Thank you very much. You are the One….
Thank you very much. You are the One…. It work in my 1.1.3+04.03.13(now 04.02.13) iPhone…
Do you also know what this means:
Waiting for erase to finish…
02 00 06 08 06 00 01 00 00 3F A0 00 EC 08 03 00
Okay, lets try that again…
Sending secpack… 02 00 04 02 06 00 01 00 00 00 00 00 0B 02 03 00
Erasing: 0xA0020000-0xA03BFFFE 02 00 05 08 02 00 00 00 07 08 03 00
Waiting for erase to finish…
02 00 06 08 06 00 01 00 00 3F A0 00 EC 08 03 00
Hmm… what did you do?#
Not sure i understand this part:
“After the firmware downgrade, install the following packages:
BSD Subsystem
OpenSSH”
and this part:
“Now SSH login to iPhone, issue the following commands to unlock:”
I know what SSH is, but how do you login to the phone with it? what do you use for an IP address/etc.?
Congrats for finding the hole :D
Greetings from Germany,
Takeo / http://www.macbug.de
good lookin george but u think u can find a software\jailbreakme.com type jailbreak for 1.1.3 they already got a safari n i aint neva had a jailbroken phone cuz of da lame ass wifi problems and all dat but i know it wouldnt be dat hard so if ud try it would be greatly appreciated
they already got a safari exploit* my bad G
http://www.hackint0sh.org/forum/showthread.php?t=28290
theres tha thread i seen but u prolly been known bout it but wateva project u a part of always gets finished and released so plz work on it
and good lookin on dis unlock u r tha iphone god
YeP! Congrat-! That’s wha we were waitin’ for!
Oh com’n, I’m not George Hotz :)
Hello George,
Great work!! It worked for me like a charm.
But Is there any link of tutorial how I can update/upgrade to 1.1.2 or maybe even 1.1.3 after I unlocked it?
Because I had to downgrade to 1.0.2 for making this possible.
I wonder if that is possible with iTunes. I hope you can answer my question.
Chant
heyy…yusuf here again….
will this work fr me….i upgraded it to 1.1.3, 4.6, 04.03.13_G
should i go along with it????
HEEEELP!!!
I’ve tried the unlock on a 1.1.2 otb without downgrade to 1.0.2 (using the vt terminal). Everything was fine and I got the messege “enjoy your unlocked iphone” . I exited the VT and the Sprinbotad was hanged (I have the litle wheel turning around…)
I rebooted the phone (Power+home button for a couple of secs) and now i’m stucked with the apple logo and the little wheel turinig around)
Any help would be REALLY appreciated!!!
Thx on advance
Chant, your modem will not be downgraded when you go to 1.0.2, so you just update to 1.1.2 with iTunes.
i have a 1.1.3 with a bootloader 4.6, 04.03.13_G
can i downgrade it and proceed with this unlocking method???
Once I unlock this on 1.1.2 can I do the Dev 1.1.3 Soft Upgrade?
Will this work with the new 16GB iphone?
how do i copy the files onto the iphone?
Everything works fine.. until I tap one number on the keypad of the phone to make a call and then it goes back to the start screen.. but if I use the simcard that came with the iphone I can tap any number I want :S…
does anyone know why is this happening? or even better any solutions?
I downgrade from 1.1.3 to 1.1.1 and used the tty,
When finished got this messages:
Enjoy your unlocked iPhone
So everything looks like ok but when I access to carriers says “ERROR”
I fixed the problem… if this happens to you just install iWorld and select your country
I try on my iphone but what exactly do because my iphone was upgrade it to 113 with bl 4.6 (first was 112 otb) and after i try this method the iphone stays in the 102 version but with the bb of the 112 firmware and the bl still in 4.6 so what`s the deal.
I have to do TP anyway
George u gotta claim money from http://11246unlock.com/
theres money waitin for u … go get it ..
you rock dude …
just got a 16 gb iphone and cant bring it to 1.0.2 , help
George i need help !!
I hav OTB 1.1.2 and had jailbroken to 1.1.1. I waited for this unlock since Dec. Yesterday i installed unlocking software. It said your phone is unlcoked. But i dint. So i tried upgrading to 1.1.2, it dint work. Then again i tried to upgrade 1.1.3 (both thru installer ). Both dint work. Then i restored it, and tried to jailbreakin process again from sctrach , on first try it went till installapps thru safari. but phone dint restart. So i tried the process again , then after that i got stuck on activation menu on third try im stuck on recovery screen. iBricker doesnt detect my iphone. Right now my phone is in recovery screen (itunes logo n cable logo ) . Please help…. i had done this itunes 7.6. Please help.
i need help ..
I hav OTB 1.1.2 hailbroken to 1.1.1 before. .. then yesterday i tried installing unlock software out by Geohot through iClarified tab in installer .. it said unlock succesful,but it dint .. so tried upgrading to 1.1.2 n 1.1.3 . both dint work … so i tried the the whole jailbreaking process again frm scratch … iv tried many time .. im jus stuck at activation screen … even after i install installapp .. it doesnt restart n stucks at activation screen .. iv tried many many time … my process is just stuck there ..iv tried by itunes 7.5 n 7.6 .. both dint help me .. pls HELLPPPPP MEEEE .. mail me : kooooomar@hotmail.com
I’ve managed to do everything you say here, and It seems like it was unlocked but what do I do now? I tried inserting my SIM but my Iphone doesn’t detect any network carrier… did I do something wrong? Do I need to do something else?
Hi George !
First of all, I want to say Thanks you. YOU ROCK MAN! I just unlocked 1.1.2 OTB using your patch. It works everything perfect. My firmware stays at 1.1.2, If I want to update 1.1.3, How should I go? iTune? if i go through with iTune, will it change my modem and become locked again?
Thanks
HI help yesterday i tried the method of geohot with the gunlock and all of that then after that, i dont have signal i used the brick tools and then i reboot my iphone, it says need rapair, no wifi, no sound, and now im trying to restore to 1.1.3 or 1.1.2 or 1.1.1 or 1.0.2 and it says the iphone cant be restored, and it shows the error 1012 help me please im desperated. my mail is supersmashbrosgo@gmail.com help me im so sad
Hi…I’ve tried to do this and I stucked my phone. It is an OTB 112 and I jailbraked to 111. then I tried to do the new method without DG to 102. Anyway, my situation is: I turn on the phone and within few seconds I receive the following message: REPAIR NEEDED: “Iphone can not make or receive calls. http://www.apple.com/support“. Then When I go thru Settings=>General=>About…I can see the following: Wi-Fi adress (n/a), Bluethooth (0:000, etc), IMEI (empty), ICCID (empty) and Modem firmware (empty). I’m desperated, what should I do now?
hello!!! i want to fix my iphone
Someone nows how to unbrick the phone i have tried all iphuc carnaval independence ibrickr all of that and i cant make nothing i have the repair needed screen and when i slide to emergency my keypad *#307# and it says cant make calls i have trie to restore to all the firmwares and nothing please help me
@Leonardo
I did in a similar situation just a regular Restore (not a Shift-Restore). That brought the iPhone back to the factory settings and the annoying message was gone.
Good luck.
SOMEONE HELP ME PLEASE
i’m in trouble…i’ve an iPhone with the new BL 4.6 updated at 1.1.3, i was trying the Geo unlock…but…argh! With 04.02.13 doesn’t work… after i tried to change the .fls files into the procedure… the 04.03.13_G.fls i’m an idiot and when nothing were working, i’ve stopped the unlock…and restore?? yeah! at this time i lost my emai, my ICCID…and i’ve now a bricked iphone with “repair needed” screen…and now at any restore it says to me: “error 1012″…or error “1011″…or “Incorrect SIM inside the phone”…and i can’t activate my brick!!! i know the prob is the BaseBand…but i tried all (and i say all!!) the post in all forums…nothing…no ibrickr, no Carnaval, no iNdipendence….what i’ve to do??? pleaseeeeee! i’m so….so…i don’t have words to describe…
Greetings to all! especially our Big host Geo!!! (ur a genius)
Miguel i have the same problem with my 1.1.2 BL 4.6…
i tried the Geounlock procedure from hackthatphone.com worked well until i inserted my SIM (but there was no network signal)… i tried the same procedure again, but during the commands scrolldown on term-vt100 it FREEZED! (here’s my mistake: coz i disconnected the iphone.. and lost my baseband) the sysmptoms are the same as u describe above.. “error 1012″…or error “1011″…or “Incorrect SIM inside the phone”
so im bearing with u here..
plz contract me if u find a solution (my email: tarek_mca@yahoo.com) and giv me urs if u want
George: plz help too.. appreciate it!
and GREAT WORK!
i got an iphone and it is locked on 1.1.3 i think
i want to put it back to 1.0.2 is there anyway to do this easily withought using the iphone because mine is locked
Hi all!!!!!!!!!!!!!!!!!!!!!
How upgrade bootloader 3.9 to 4.6 in iphone?
You can’t (at least atm).
ok..i’m completely lost hahah. j/k somewhat - learning things the hard way like all of you - I have the 16gig w/04.03.13_ and not getting anywhere. i’ve tried downgrading the firmware to 1.1.1 and noticed that Baseband is still 04.03.13. been searching around and arrive here. so is it safe to say that i need to downgrade the baseband with the method described above? i’m going the oldskool method with a “stealth sim” and want to downgrade to 1.1.1 and up to 1.1.3 again with i guess 04.02.13. i unlocked my friend’d phone and felt GREAT but hers was alread 04.02.13 and i’m super jealous and left without the phone func.
is this the way to go?!?
oh yah.
i also get the message incorrect SIM. ??? what to make of this? any help would be great. cheers,
You don’t have to follow the steps here, there’re are way easier method now, try googling for iPlus.