[Kyle Matthews]

cash edit: All you OSX guys out there I have written a nice guide for you, it takes a little time but i tried to be as detailed as possible.
Click here for the Downgrade from 1.1.1 to 1.0.2 complete guide including baseband via osx

Revan has made the windows guide click here

All right! If any of you have "bricked" iPhones from upgrading unlocked iPhone's to 1.1.1, you are now able to downgrade without paying a dime!

The guys over at RDGaccess.com have put together a guide on how to do it, here it is:

"UNBRICKING 1.1.1 UPGRADE

How To

0. Download firmware 1.0.2 from apple: http://appldnld.apple.com.edgesuite....8_Restore.ipsw

1. rename it to iPhone1,1_1.0.2_1C28_Restore.zip and unpack.

2. extract the ramdisk file from it by typing

dd if=694-5259-38.dmg of=ramdisk.dmg bs=512 skip=4

3. mount the ramdisk by doubleclicking it (on mac). On windows use some HFS tools to peek inside it or get the files from someone who extracted it already.

4. Put your phone into DFU mode and do option-restore in iTunes. This will reflash everything to 1.0.2. You will get an error at the end because it couldnt reflash the baseband. You will end up with a yellow triangle.

5. Quit iTunes, launch iNdependence and quit it again, relaunch iTunes. Press the power button on the phone for 3-4 seconds. After like 10 seconds you end up on the activation screen.

6. Complete the Downgrade by Jailbreaking / Activating, Installing SSh on to the phone etc. There are tons of wiki's about that so I won't repeat. (probably also true for step 4,5)

7. Extract the baseband firmware and EEPROM files of 3.14 from the ramdisk of firmware 1.0.2. The files are named ICE03.14.08_G.eep and ICE03.14.08_G.fls and are located under /usr/local/standalone/firmware.

8. Get the Secpack of baseband firmware 4.0. Its at the bottom of this post.

9. Download ieraser2 from http://www.fink.org/ieraser/ or from Geohot's blog.

10. Install all the tools on to the phone (i use the location /usr/local/bin)needed to get ssh access to the 1.0.2 firmware phone and upload ieraser2, the secpack, the firmware 3.14's FLS and EEP file and anySIM 1.0.2.

11. ssh to the phone. Stop CommCenter? by typing:

launchctl remove com.apple.CommCenter?

12. run bbupdater -v. it will tell you you run version 4.01 of the baseband.

(bbupdater is a tool by apple which is also on the ramdisk)

13. run ieraser2. This will WIPE your baseband, given a file "secpack" is in the same directory and this is a version 4 secpack.

14. run " bbupdater -v " again. it will not find any firmware now. 15. run " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " 16. run " bbupdater -v " it will tell you you run version 3.14 At this point in time you will still have a IMEI number starting with 004999... and its not of use yet. So still bricked but at least downgraded to version 3.14.

17. run anySIM Version 1.0.2 (note that older versions might not be good here as 1.0.2 has a lot of fixes for this kind of stuff).

Now you have a unlocked 3.14 baseband with IMEI being your original one! Congratulations you now fully recovered from your update 1.1.1 and are back to 1.0.2.

If you want to return to virgin state again you can stop the commcenter again and repeat " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " again to reflash the "locked" version of the baseband. "

RDGaccess

All files needed are here

[davalos]

rejoice lemmings. rejoice.

This is excellent news. When it rains it pours, so they say.

So now, the smartest thing to do is to virginize the phone to 1.0.2, the jailbreak 1.1.1 and use IPSF, and this way everything will be fine and dandy. From iBrick to unlocked, 3rd party apps on 1.1.1

[thebambino]

ive been trying to get this baseband firmware 4.0 but dont know where from i saw this at their site maybe 20 minutes ago so im waiting to see where i can find that

[dstafursky]

It is truly EFIN amazing that these guys/gals put this kind of effort into this without any promise of money. Anyone that uses this to save their $400/$600 phone had better throw some donation funds at them. Huge Kudos to all that make our hacking happiness possible.

[Kyle Matthews]

Right. But if you wait a day or so, you'll have free unlock either way.

[davalos]

but will that free unlock ruin the BB again??? And have to deal with this again for new firmware....

[thebambino]

yeah i know pf ive been stuck with a brick for a while now im patient but im desprate i know you understand

[famac!]

There has to be an easier one click way in the works............

[Kyle Matthews]

*sigh* again.

Beggars can't be choosers, now can they?

[EZ2ENVY]

on step two it says to type...... but where do you type that line into? It is not very specific, anyone help?

[Kyle Matthews]

Better instructions coming soon by cash. This was the quick guide which was from the original author. Cash is rewriting as we speak. You type that in Terminal.

[cyber_bilal]

Can you tell me how to extract the ramdisk on windows? Where to type dd if=694-5259-38.dmg of=ramdisk.dmg bs=512 skip=4 ??

And can you please explain 4th and 5th steps?? How to get into DFU mode?

And do we have to launch iNdepence and quit it again?? or is it the iTunes?

[kulayphoto]

Quote:

Originally Posted by poetic_folly

How To

If you want to return to virgin state again you can stop the commcenter again and repeat " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " again to reflash the "locked" version of the baseband. [/I]"

Now THAT is what I have been waiting for!

[cyber_bilal]

Quote:

Originally Posted by poetic_folly

Better instructions coming soon by cash. This was the quick guide which was from the original author. Cash is rewriting as we speak. You type that in Terminal.

We have to type that line in Terminal in the iphone??

[meatwagon]

pf will this work on a iphone that has 1.1.1 pre installed? should right?