• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • 1.1.1 Baseband Downgrade Achieved!
    cash edit: All you OSX guys out there I have written a nice guide for you, it takes a little time but i tried to be as detailed as possible.
    Click here for the Downgrade from 1.1.1 to 1.0.2 complete guide including baseband via osx


    Revan has made the windows guide click here

    All right! If any of you have "bricked" iPhones from upgrading unlocked iPhone's to 1.1.1, you are now able to downgrade without paying a dime!

    The guys over at RDGaccess.com have put together a guide on how to do it, here it is:

    "UNBRICKING 1.1.1 UPGRADE

    How To

    0. Download firmware 1.0.2 from apple: http://appldnld.apple.com.edgesuite....8_Restore.ipsw

    1. rename it to iPhone1,1_1.0.2_1C28_Restore.zip and unpack.

    2. extract the ramdisk file from it by typing

    dd if=694-5259-38.dmg of=ramdisk.dmg bs=512 skip=4

    3. mount the ramdisk by doubleclicking it (on mac). On windows use some HFS tools to peek inside it or get the files from someone who extracted it already.

    4. Put your phone into DFU mode and do option-restore in iTunes. This will reflash everything to 1.0.2. You will get an error at the end because it couldnt reflash the baseband. You will end up with a yellow triangle.

    5. Quit iTunes, launch iNdependence and quit it again, relaunch iTunes. Press the power button on the phone for 3-4 seconds. After like 10 seconds you end up on the activation screen.

    6. Complete the Downgrade by Jailbreaking / Activating, Installing SSh on to the phone etc. There are tons of wiki's about that so I won't repeat. (probably also true for step 4,5)

    7. Extract the baseband firmware and EEPROM files of 3.14 from the ramdisk of firmware 1.0.2. The files are named ICE03.14.08_G.eep and ICE03.14.08_G.fls and are located under /usr/local/standalone/firmware.

    8. Get the Secpack of baseband firmware 4.0. Its at the bottom of this post.

    9. Download ieraser2 from http://www.fink.org/ieraser/ or from Geohot's blog.

    10. Install all the tools on to the phone (i use the location /usr/local/bin)needed to get ssh access to the 1.0.2 firmware phone and upload ieraser2, the secpack, the firmware 3.14's FLS and EEP file and anySIM 1.0.2.

    11. ssh to the phone. Stop CommCenter? by typing:

    launchctl remove com.apple.CommCenter?

    12. run bbupdater -v. it will tell you you run version 4.01 of the baseband.

    (bbupdater is a tool by apple which is also on the ramdisk)

    13. run ieraser2. This will WIPE your baseband, given a file "secpack" is in the same directory and this is a version 4 secpack.

    14. run " bbupdater -v " again. it will not find any firmware now. 15. run " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " 16. run " bbupdater -v " it will tell you you run version 3.14 At this point in time you will still have a IMEI number starting with 004999... and its not of use yet. So still bricked but at least downgraded to version 3.14.

    17. run anySIM Version 1.0.2 (note that older versions might not be good here as 1.0.2 has a lot of fixes for this kind of stuff).

    Now you have a unlocked 3.14 baseband with IMEI being your original one! Congratulations you now fully recovered from your update 1.1.1 and are back to 1.0.2.

    If you want to return to virgin state again you can stop the commcenter again and repeat " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " again to reflash the "locked" version of the baseband.
    "

    RDGaccess

    All files needed are here
    This article was originally published in forum thread: 1.1.1 Baseband Downgrade Achieved! started by Kyle Matthews View original post
    Comments 178 Comments
    1. jacobzking's Avatar
      jacobzking -
      meat, go to usr/bin and on bbupdater "get info" and enable execute acces to everyone

      now i get "# ieraser
      Resetting the Baseband...Done
      Opened: /dev/tty.baseband
      iEraser: tool by geohot
      thanks to gray and the dev team for the implementation
      thanks to nightwatch for the awesome toolchain
      and thanks to anonymous, iProof, lazyc0der, and dinopio for the idea for this cool trick
      this tool erases your main fw, starting at 0x20000. you need this for the testpoint to work
      you need a file called secpack matching your current firmware version in this folder
      see http://iphonejtag.blogspot.com for instructions on finding this file
      Waiting for data...
      Got Header: 77 0b cc
      zsh: bus error ieraser"
    1. buzilanga's Avatar
      buzilanga -
      that bus error i think is because we have wrong secpack or because we are using secpack.bin instead of just secpack, how do you think the .bin away?
    1. jacobzking's Avatar
      jacobzking -
      just delete it from the file name, but that doesnt seem to help

      when i try and copy secpack to DEV it says "cannot get remote handle"
    1. meatwagon's Avatar
      meatwagon -
      ok i did it but my baseband is still the same



      for some reason i downlaod this file.. do i need it instead of setpack.bin (which i renamed to setpack)

      secpack40113.bin

      i need to get this done asap!!!
    1. jacobzking's Avatar
      jacobzking -
      it needs to be secpack, not setpack, and not secpack.bin. even in mac os, when you delete .bin from the end, it still shows secpack.bin in transmit. that is the problem i'm having now.

      refresh Cash's guide, you'll see a link for a new file that has the correct secpack, it works! pop it in the usr/bin directory and run ieraser now!
    1. meatwagon's Avatar
      meatwagon -
      ok 1st of ive already said thank you. but once wasnt enough and 2ndly.


      DAMMMMMMMMMN
    1. Digitol's Avatar
      Digitol -
      OK now THAT is the ****! Now I will get real and stop being the troll.. Cash...way to go pall! Old-Man is proud of ya!
    1. iNfEk's Avatar
      iNfEk -
      how long does "ProcessOutlineUpdated: Start downloading from file ICE03.14.08_G.eep." take while running command "bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls" since mine is hanging at that area
    1. Cody Overcash's Avatar
      Cody Overcash -
      Quote Originally Posted by iNfEk View Post
      how long does "ProcessOutlineUpdated: Start downloading from file ICE03.14.08_G.eep." take while running command "bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls" since mine is hanging at that area
      check your activity process for stalled proceesees. also check and make sure you chmoded all the files to 775 or 777. There is no real stall anywhere . . at least for me running my mbp
    1. iNfEk's Avatar
      iNfEk -
      yup. all files that were transfered in the /usr/bin area are set to 775 and all went well until that point. I'm also on MBP. I'll be attempting that steps again just to make sure I didn't forget something.

      doh!
    1. meatwagon's Avatar
      meatwagon -
      for all of you, i dont know why, but for some reason instead of chmod - i had to use the +..... and it worked for me.
    1. ranjeetrajan's Avatar
      ranjeetrajan -
      pf/cash:
      sorry but i have phone running 1.0.2 and have it unlocked using the free method posted here in your guides section. i have never updated to 1.1.1 and the phone is in good working order. will this method work for me and will my phoe still be unlocked after the update?
    1. iNfEk's Avatar
      iNfEk -
      Quote Originally Posted by meatwagon View Post
      for all of you, i dont know why, but for some reason instead of chmod - i had to use the +..... and it worked for me.
      just use cyberduck or fugu to change to 775 or 0775 and you should be all good
    1. Cody Overcash's Avatar
      Cody Overcash -
      no. no free unlock will work on 1.1.1 and all free unlocks will brick your phone if updated to 1.1.1

      edit . . . maybe the post below me
    1. JedixJarf's Avatar
      JedixJarf -
      HAHAH YES!!!!! I have successfully unlocked the iPhone 1.1.1 for free! Details coming shortly.
    1. meatwagon's Avatar
      meatwagon -
      Quote Originally Posted by iNfEk View Post
      just use cyberduck or fugu to change to 775 or 0775 and you should be all good
      just right click and click on the boxes until the total is 775? isnt there an easier way to do that??

      Quote Originally Posted by JedixJarf View Post
      HAHAH YES!!!!! I have successfully unlocked the iPhone 1.1.1 for free! Details coming shortly.
      SHORTLY??? why not now!?!?!?!?!!??!?!


      or do you mean you followed this guide and now your has been 1.1.1 is unlocked?

      DETAILS
    1. JedixJarf's Avatar
      JedixJarf -
      proof of concept coming up.
    1. Cody Overcash's Avatar
      Cody Overcash -
      I bet i could make a guess at how
    1. JedixJarf's Avatar
      JedixJarf -
      Trying to get the screenshot to work lol.