• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Downgrade 3G Baseband from 2.30 to 2.28

    For those who have wanted to unlock their iPhone 3G but have updated to the 2.30 baseband, hope is now here. Thanks to the work of dev pH, a tool has been created to downgrade your baseband, and allow a unlock to occur once again.

    only works for baseband 2.30 and bootloader 5.8

    (im sorry if the original post didnt clarify enough because doerrfan decided to reword things when he moved it )

    to check your bootloader version, visit:
    Baseband Commands - The iPhone Wiki

    (run at+xgendata in minicom)

    To run the pHaseBanDowngrader, connect via SSH to your iPhone and copy the downloaded folder (phasebandowngrader) into the folder "/Applications" on your iPhone.
    Note: The folder MUST named phasebandowngrader with lowercase letters!

    To run it, open MobileTerminal and type "login". The user is "root" and password is "alpine" by default. Then type: "cd / Applications/phasebandowngrader/", then, to run the downgrader, type "./phasebandowngrader"
    METHOD 2 (found by tattoo Jack)
    For other people who still needs a full instruction, here is an update to Tom's instruction.

    Download BBUpdaterExtreme here:
    RapidShare: Easy Filehosting

    Download BSPatch Here:
    GBAtemp.net :: Downloads :: ROM patchers & header info :: bspatch

    Here's where you'll need some command prompt skills. Extract the BSPatch program and iPhone_3G_02.28.00_baseband.zip and all related files into a folder you can remember (ex. Catcher). Also, place the ICE2_02.28.00.fls and downgrade.patch in the same folder (downgrade.patch is from Master geohot above found here: http://lpahome.com/geohot/downgrade.patch)

    Open your command prompt by hitting start, then run, and type in "cmd" without the quotes and hit enter. In the command prompt, you'll need to type

    cd Catcher

    "Catcher" is the example directory but you can replace it with wherever you've placed the BSPatch and ICE2_02.28.00.fls files in.

    Now type in:

    bspatch ICE2_02.28.00.fls patchedbaseband.fls downgrade.patch

    In the example folder, there will now be a new file called patchedbaseband.fls, which is pretty self explanatory.

    Copy that file back to your desktop or a folder that you can easily find and also copy ICE2_02.28.00.eep and BBUpdaterExtreme into the same place.

    Rename patchedbaseband.fls to ICE2_02.28.00.fls.

    Now that you have your patched baseband, your BBUpdaterExtreme and the .eep file in one place, you're ready to move them onto your phone.

    You'll need to know how to SSH into your iPhone, and I'm not going to go into detail about that, but you should be able to find that information easily.

    (you can also use DiskAid or Iphone Browser to upload the files instead of SSH)

    Copy the three files *ICE2_02.28.00.fls* - the new one that is patched
    ICE2_02.28.00.eep
    and
    BBUpdaterExtreme into /var/root
    (make sure you're not in private/var/root).

    Now, you'll need to find download and install Mobile Terminal, which can be found in Cydia or Installer, or I guess the new Icy.

    After you've gotten Mobile Terminal installed, open it up and follow these instructions carefully (capitalization counts!) to check what version of bootloader you have.

    (All case sensitive and you may need to use cd .. to change to the right directory you've uploaded the files to)

    1. Type in: su
    2. Type in the password: alpine
    3. Type in: chmod 755 BBUpdaterExtreme
    4. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
    5. Type in: ./BBUpdaterExtreme queryversion

    Look for "Boot Loader Version:" in the output.

    Mine said "5.09" which I can only imagine means 5.9 so I did not have the availability to downgrade.

    Here you can stop if you're like me, and don't have the option to downgrade. You can restart your phone (because the phone is now not working since the CommCenter process has stopped running) to restore it to normal, or alternatively you can type in

    launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist

    But you may be in luck and have 5.8, in which case, continue on to the downgrade.

    Close Mobile terminal, re-open it, and type in the following commands.


    (All case sensitive and you may need to use cd .. to change to the right directory you've uploaded the files to)

    1. Type in: su
    2. Type in the password: alpine
    3. Type in: chmod 755 BBUpdaterExtreme
    4. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
    5. Type in: ./BBUpdaterExtreme update -f ICE2_02.28.00.fls -e ICE2_02.28.00.eep
    6. Reboot your iPhone

    Check under Settings-General to see your (hopefully) downgraded baseband!
    simplified version of method 2 (Koolman0)
    For those of you that are still having problems This Should be more simple
    .................................................. .................................................. .........
    Download:
    1. Make a folder on your desktop
    2. Extract All to the same folder (All Three Files)
    3. In the Folder there should be a Shortcut file called "Prompt" open it
    4. Now type in:
      bspatch ICE2_02.28.00.fls patchedbaseband.fls downgrade.patch
    5. Now Make a New Folder in that Directory Call it "new"
    6. Three Files need to be copied To the "new" folder
      • patchedbaseband.fls
      • ICE2_02.28.00.eep
      • BBUpdaterExtreme
    7. Rename patchedbaseband.fls to ICE2_02.28.00.fls
    8. SSH into your iPhone
    9. Copy the Three files (patchedbaseband.fls, ICE2_02.28.00.eep, BBUpdaterExtreme) to /private/var/root
    10. Now go to MobileTerminal (on your iphone, This app can be Downloaded from Cydia or installer)
    11. Type in the Following Commands *****Case Matters*****
      1. Type in: su
      2. Type in the password: alpine
      3. Type in: cd /var/root
      4. Type in: chmod 755 BBUpdaterExtreme
      5. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
      6. Type in: ./BBUpdaterExtreme queryversion
    12. NOTE:
      • if you see a 5.8 continue
      • if you see a 5.9 STOP this will not work for you Sorry
    13. Continue if 5.8
      1. Type in: su
      2. Type in the password: alpine
      3. Type in: cd /var/root
      4. Type in: chmod 755 BBUpdaterExtreme
      5. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
      6. Type in: Type in: ./BBUpdaterExtreme update -f ICE2_02.28.00.fls -e ICE2_02.28.00.eep
      7. Reboot Device
    14. Once the iPhone has restarted go to Settings> General> About> At the bottom should say 02.28.00 (then you jump up and down in JOY)
    15. Last But not Least Unlock
    P.S.
    Here are the three Files you will be creating
    so just copy these to you iphone (continue from Step 8 or 9)
    Three Files inside this RAR
    this tool has been tested by multiple people and WILL NOT brick your device. if you have bootloader version 5.9 it will not work. you can try but it will not work (still no risk of brick)

    use at your own risk, but there is really no risk of doing any damage to your device unless you do something absurd

    MMI Members Download

    Apple Forums & iPhone Forums, Mods, Hacks, News, Themes, Downloads, and more! | ModMyi.com - Downloads - phasebandowngrader

    External Mirror

    phasebandowngrader.zip
    This article was originally published in forum thread: Downgrade 3G Baseband from 2.30 to 2.28 started by JStraitiff View original post
    Comments 341 Comments
    1. tattoojack's Avatar
      tattoojack -
      Quote Originally Posted by wannabelean View Post
      ok how do I determine my bootloader if I have a locked, unjailbroken 2.2.1 Iphone?
      omg

      search button and guides at the top


      Quote Originally Posted by CaptainChaos View Post
      Heh I think someone should post this method drawn out in crayolas.

      You have to be jailbroken wannabelean.

      lmao

      word!

      everytime i get a bulletin from friends about the dumbing down of america for the new world order, i actually want to doubt it.
      but then i remember this site!

      rotflmmfao
    1. CaptainChaos's Avatar
      CaptainChaos -
      I agree. Humanity is devolving.
    1. JStraitiff's Avatar
      JStraitiff -
      nothing is devolving i just think that people are getting lazier... look at all of the threads that are started and replied to "SEARCH"

      lawl
    1. CaptainChaos's Avatar
      CaptainChaos -
      Well I am not really fond of the search feature on here. It doesn't work so well. I tend to resort to scrolling through page after page within the respective forums to get what I am looking for.

      At least I know now that I will be selling this phone as unlocked and that it is set up for future unlock failures to be correctable.
    1. JStraitiff's Avatar
      JStraitiff -
      ^^ the search does suck here... but ... there is always google
    1. yoenoesz's Avatar
      yoenoesz -
      Omg, I've updated 2 iphones to FW 2.2.1 to test it, all the BL'ers of the Iphones are 5.09.. So I have updated it for nothing..
    1. sarunas4's Avatar
      sarunas4 -
      now we just need someone to figure out how to downgrade the bootloader to 5.08
    1. yoenoesz's Avatar
      yoenoesz -
      how to downgrade the bootloader 5.08? we can.. we can downgrade the 5.08.. can't we?
    1. confucious's Avatar
      confucious -
      Quote Originally Posted by yoenoesz View Post
      how to downgrade the bootloader 5.08? we can.. we can downgrade the 5.08.. can't we?
      LOL yeah, right. Apple put those few bytes in there for nothing.
    1. madrigal77's Avatar
      madrigal77 -
      Quote Originally Posted by confucious View Post
      LOL yeah, right. Apple put those few bytes in there for nothing.
      Geohot, the guy that found the exploit did say this though: "I figured you guys might have it. I'm convinced theres a way to make it run the 5.8 ramloader instead of the bb in ram. We can also do a yellowsnowish thing to grab the bb reset and command boot from the bootrom level, even if the main sig doesn't validate. Unlocks for all versions... And you guys make much nicer automated tools then me :P"

      So there is hope.
    1. sddd45's Avatar
      sddd45 -
      Does anyone know GEVEY PLUS 2 work with iPhone 3G 16gig bootloader 5.09?
      I just jailbreak it and downgrade to 2.28
    1. carlos.michell's Avatar
      carlos.michell -
      You will be alright. I hope the video was able to help someone out there.

      Quote Originally Posted by ztevenx View Post
      Thank you for linking this =)
      Im happy the video help you.

      Quote Originally Posted by tattoojack View Post
      but you gotta have at$t to do that, so how would that help us?



      thats just sad and pathetic, and a complete waste of a post.
      beggin for thanks
      really?




      so are you mad at him for being mad at you?
      or you're just mad at yourself because you had to have a kid figure it out, make a vid, upload it to youtube,
      all so YOU could understand it?

      wow

      you can always tell when people are bored.

      everyone is all lovey dovey when the exploits come out,
      soon as it dont work for everyone,
      the claws come out!

      lmao

      and if i make you laugh, you can thank me,
      or go f$#k yourself.
      i really don't give a s#$t
      No, im mad at him for coming at me wrong. I have no problem letting some 13 year old show me how to downgrade my Baseband. If it saves me time and effort than im happy.
    1. jam426's Avatar
      jam426 -
      I have tried just about everything and have been trying to do for about 2 days straight now...it's so frustrating I want to cry. I just spent 200 dollars and bought my iphone 3g off ebay and all I want to do is unlock it! My firmware is 2.2 and baseband is 2.30.03 which i completely don't understand and have no idea how the baseband was changed and not the firmware. Maybe im doing something wrong in tattoos steps but I can never get the bootloader information to show up after i type in that command my no sim changes to searching and then my phone automatically cuts off. So I'm really not even sure what my bootloader is. I know you guys are sick of hearing these dumb questions but I am desperate and need any help I can get and in the "dummy" form, not that smart with all of this. please and thank you for you guys time and effort!

      -Jenny
    1. KoolMan0's Avatar
      KoolMan0 -
      question

      Can some one explain this


      Im CORNfused

      Firmware version says 04.22.01(yea i updated to 3.0 beta 2)
      EEP Version 706 (is this suppose to be bootloader 7.06?)
      Bootloader Version ICE2_BOOT_05.08_G2M3S2 (OR is this the bootloader?)
    1. KoolMan0's Avatar
      KoolMan0 -
      Quote Originally Posted by jam426 View Post
      I have tried just about everything and have been trying to do for about 2 days straight now...it's so frustrating I want to cry. I just spent 200 dollars and bought my iphone 3g off ebay and all I want to do is unlock it! My firmware is 2.2 and baseband is 2.30.03 which i completely don't understand and have no idea how the baseband was changed and not the firmware. Maybe im doing something wrong in tattoos steps but I can never get the bootloader information to show up after i type in that command my no sim changes to searching and then my phone automatically cuts off. So I'm really not even sure what my bootloader is. I know you guys are sick of hearing these dumb questions but I am desperate and need any help I can get and in the "dummy" form, not that smart with all of this. please and thank you for you guys time and effort!

      -Jenny
      Sorry about that
      after you put the 3 files on you iphone in terminal
      you do the following commands
      1. Type in: su
      2. Type in the password: alpine
      3. Type in: cd /var/root
      4. Type in: chmod 755 BBUpdaterExtreme
      5. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
      6. Type in: ./BBUpdaterExtreme queryversion

      after the "launchctl unload ..." you should get the searching in the top
      do the next command
      and you should see something like the pic i posted above
      continue on if you see "ICE2_BOOT_05.08_...", if not that then you have 5.9
      if you do continue and your iphone restarts carry on from here
      1. Type in: su
      2. Type in the password: alpine
      3. Type in: cd /var/root
      4. Type in: chmod 755 BBUpdaterExtreme
      5. Type in: launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
      6. Type in: ./BBUpdaterExtreme update -f ICE2_02.28.00.fls -e ICE2_02.28.00.eep
      7. Reboot Device


      I hope this helps you.
      and that you have the 5.8 not the 5.9
    1. ashannak's Avatar
      ashannak -
      if you downgraded it to 2.28 you can yellowsnow it ...what do you need the gevey plus ii for?
    1. confucious's Avatar
      confucious -
      Quote Originally Posted by KoolMan0 View Post
      Firmware version says 04.22.01(yea i updated to 3.0 beta 2)
      Oh dear!

      Quote Originally Posted by KoolMan0 View Post

      Bootloader Version
      ICE2_BOOT_05.08_G2M3S2 (OR is this the bootloader?)
      Subtle clue in the way it says "Bootloader Version"?

      Quote Originally Posted by madrigal77 View Post
      Geohot, the guy that found the exploit did say this though: "I figured you guys might have it. I'm convinced theres a way to make it run the 5.8 ramloader instead of the bb in ram. We can also do a yellowsnowish thing to grab the bb reset and command boot from the bootrom level, even if the main sig doesn't validate. Unlocks for all versions... And you guys make much nicer automated tools then me :P"

      So there is hope.
      Linky? He obviously knows a lot more than me. so there is hope.
    1. madrigal77's Avatar
      madrigal77 -
      [quote=confucious;3958061]
      Quote Originally Posted by KoolMan0 View Post
      Firmware version says 04.22.01(yea i updated to 3.0 beta 2)
      [/quote[

      Oh dear!


      Subtle clue in the way it says "Bootloader Version"?



      Linky? He obviously knows a lot more than me. so there is hope.
      Sure. He wrote it in his blog post in the comments. That was on about the 11th and there has been no update from him since, but hopefully he's still working on it.

      Link
    1. confucious's Avatar
      confucious -
      Thanks for the Link.
      EDA looks very interesting!
    1. carlos.michell's Avatar
      carlos.michell -
      Quote Originally Posted by jam426 View Post
      I have tried just about everything and have been trying to do for about 2 days straight now...it's so frustrating I want to cry. I just spent 200 dollars and bought my iphone 3g off ebay and all I want to do is unlock it! My firmware is 2.2 and baseband is 2.30.03 which i completely don't understand and have no idea how the baseband was changed and not the firmware. Maybe im doing something wrong in tattoos steps but I can never get the bootloader information to show up after i type in that command my no sim changes to searching and then my phone automatically cuts off. So I'm really not even sure what my bootloader is. I know you guys are sick of hearing these dumb questions but I am desperate and need any help I can get and in the "dummy" form, not that smart with all of this. please and thank you for you guys time and effort!

      -Jenny



      Did you try the video I found on YouTube on page 11?