Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
12-18-2011, 09:27 AM #13GS Baseband 05.13.04 New Bootrom(359.3.2) stuck trying to unlock...
I'm trying to unlock. And, it seems like I've bricked my phone. But, some sites say that's 99% recoverable. I'm just not sure how. Here are my vitals:
iPhone 3GS 16GB
Bootrom: 359.3.2 (new bootrom)
I bought this phone refurbished from GameStop. So, I've never gotten to the springboard. So, I'm not positive what IOS I have. I got the info above from f0recast.
Here's what I've done so far. I had successfully unlock another phone (same vitals as above except the Bootrom was old). So, I thought I new what I was doing (I'm fairly tech savvy; but in this arena I know just barely enough to be dangerous). To unlock the first phone, I used sn0wbreeze 2.8b11, with a base of iPhone2,1_5.0_9A334_Restore.ipsw, chose Hacktivation, and installed the latest iTunes to Shift-Restore. As I was going through the sn0wbreeze on my successful unlock (1st phone), sn0wbreeze asked what bootrom I had. I had it detect and it told me "old". On my 2nd phone, I had it detect, and it told me "new". I didn't really understand what that difference was. Subsequent reading has led me to believe that is how I got into my current state.
On my 2nd phone (the one I need help with), I tried the same thing. The only difference was that I chose "new" for the bootrom. When I went to iTunes to Shift-Restore that cooked IPSW, iTunes eventually gave me an error 3194. I tried to work around that using suggestions on the web. But, adding "18.104.22.168 gs.apple.com" didn't help. And, I couldn't find another way around that error.
So, I think that's when I made my mistake. Not really understanding what bootrom meant (it was 3 in the morning and obviously not thinking clearly). I decided to try and cook another IPSW, except selecting "old" for the bootrom. My rational at the time was "that worked on the other phone". I actually thought it was going to work. I got past the stage where iTunes would have given me the 3194 error. And, the phone was actually restoring the image. When it finished and when to reboot, iTunes popped up the window saying the phone was ready to be restored. Since then I really haven't been able to get the phone to show me anything on the screen. I've tried the combinations of "Power/Home" (7 seconds or wait for the USB beep) followed by "Home" (?? seconds or wait for the beep). Nothing...
Since doing this, I've read several procedures that talk about jailbreaking to 5.0.1. But, other reading leads me to believe that any of those procedures might also upgrade my baseband. And, from my reading, I'm pretty sure I don't want to do that.
So, I'm a little lost on what to do next.
I can't get f0recase to recognize this 2nd phone. I've downloaded redsn0w and tried to get it to do "Recovery Fix" or just "Boot tethered". From some reading it seems like I should be able to get to 5.0 (or even 5.0.1) in a "semi-tethered" state. But, I don't know how to do that without losing my baseband (and my ability to unlock).
I'm sure there something obvious I'm missing. But, now I'm gunshy since my phone isn't responsive anymore (seem to be stuck in DFU?).
My goal is to get this phone into as close a state as my other one. They are both presents for my daughters on Christmas, so I'd feel bad if one of them had some drastic limitation (like requiring to boot tethered). So, since the other phone is on IOS 5.0 unlocked, that would be my goal. The "semi-tethering" didn't seem too bad. So, I'd be willing to live with that for now.
I'm leaving town in a couple of days. So, if I can't get this phone into a better state, then I may just trying to restore it to it's previous state (or some form of working state) and sell it. And, buy another phone that is able to go through the same unlock as my first phone.
Thanks in advance for any help!! I'm getting pretty desperate...
12-18-2011, 10:48 AM #2
You still have unlockable Baseband , I suggest you create a custom firmware of 4.1 from snowbreeze 2.1 or Pwnage tools 4.1.3 , put iphone into pwned dfu and downgrade to 4.1 and unlock with Ultrasnow from cydia.
If you try to mess at 5.0.1 with a tethered jailbreak at 5.0.1, you may find yourself ended using ipad Baseband and break your gps
12-18-2011, 11:09 AM #3
What about using sn0wbreeze with 5.0.1? It seems that sn0wbreeze doesn't upgrade the Baseband. Do you think it would? I just found another forum that suggested to try that to get around the 3194 error. If figured sn0wbreeze was worth a try since it said it would never upgrade the Baseband.
12-18-2011, 11:15 AM #4
Yes , you can restore to cfw of 5.0.1 to preserve your Baseband.
12-18-2011, 11:26 AM #5
Nope. Got iTunes error 1600 when I tried that...
You said 4.1 above. Any reason to not use 4.2.1, 4.3, or 4.3.5? Here is the site I'm using to get the stock IPSW files:
iPhone, iPod, iPad and Firmware/Software Download
You have any suggestions for a better stock IPSW to start from?
BTW, thanks for your help!!
12-18-2011, 12:07 PM #6
You need saved shsh blobs for every restore except 4.1, the reason why i say don't bother with 5.0.1 is because Ultrasn0w has not been updated to unlock 5.0.1. But there is a fix to make ultrasn0w to unlock at 5.0.1 by changing the com center classic file. I have experimented it but excessive battery drain, only last a day on full charge without iphone being used.
Fortunately, i have the old bootrom and restored back to IOS 5.0 to work with Ultrasn0w, now my battery on my 3gs can last up to 5 days on standby.
For New bootrom, you need apticket blob for restore to 5.0.
See the pic, I can go from 5.0 to 5.0.1 and vice versa
I am using a Maxis ( Malaysia prepaid sim card and roaming in Canada on an ATNT iphone )
You should check with tiny umbrella if you have any shsh blob higher than 4.1, i am just assuming you don't have any.
Run tiny umbrella > plug iphone in : adv tab : select request shsh blob from cydia and click save shsh. Look under general tab for blobs.
Last edited by iYeow; 12-18-2011 at 12:32 PM.
12-18-2011, 12:40 PM #7
I'm somewhat of a newbie here. I've done a little reading about SHSH, but I'm not completely following. It seems these are some sort of hash keys that are specific to my iphone. But, I see in some places where cydia can supply these (acting like Apple servers?).
I didn't know enough to save any SHSH blobs before I did these sn0wbreeze Shift-Restores. So, am I SOL for downgrading to 4.1?
If SOL, I guess my only option is to try and get some sort of tethered boot to work for 5.0.1 that I tried just now. I got around the iTunes error 1600 by using iReb R4. The firmware seemed to load. But, after done, just reboots and goes back to the sn0wbreeze progress bar and stop showing progess. iTunes also stop recognizing the phone at that point. I haven't retried to see if a 2nd try would be any different.
12-18-2011, 12:46 PM #8
If you are restoring to custom firmware, you need to put iphone into pwned dfu mode. Pwned dfu mode uses Limera1n exploit also known as Geohot's bootrom exploit which opens up its door to allow itunes to accept custom firmware. Without it, you cannot restore to custom firmware.
12-18-2011, 03:03 PM #9
Well, I think I'm making some progress. With your help, and several tries I got the phone into the proper pwned dfu mode.
After that the 5.0.1 installed. I also have the unlockable 05.13.04 Baseband since I used sn0wbreeze to jailbreak.
Now I can get to the springboard if I boot tethered using iBooty 2.3. So, that's great!!
But, now I can't get ultrasn0w to work. I am just getting "No Service". I tried the general ultrasn0w. Since that wasn't working I found smolk's Repository - MyRepoSpace.com and installed the 3GS version they had. Still no luck, still getting "No Service".
Any ideas on this?
Thanks so much for helping to get me this far!!
12-18-2011, 03:46 PM #10
Easy my friend here [HOW TO] Fix for Ultrasn0w on 5.0.1
If you experience massive battery drain, you might want to consider downgrading to 4.1
Use winscp to ssh into your iphone, when copied over it, your permission is already set , you don't need Ifile to set it
Last edited by iYeow; 12-18-2011 at 03:51 PM.
12-18-2011, 05:59 PM #11
I now understand better what you were plainly trying to tell me in earlier posts. So, I think you've convinced me to go back to 4.1.
As for TinyUmbrella, I can't get it to run. I have the latest Java, I ran as administrator. I'm running Vista SP2. Not sure why I can't get it to run. I think I'd like to get it running before I do much more in case there something to save.
If you have any suggestions for what I can do there I'd appreciate it.
For the downgrade, do you have a suggested procedure to use? One where unlocking is talked about? I found one on YouTube. But, it doesn't say anything about unlocking and it doesn't mention if the Baseband is touched. So, I'm a little nervous just taking their cooked IPSW and going with it.
Last edited by sjmyst; 12-18-2011 at 06:00 PM. Reason: Accidently hit some keystroke that submitted before I was done.
12-18-2011, 10:29 PM #12
While you are still at 5.0.1, run ifaith version 1.4 and dump your Aptickets blob and keep it safe for future restore to 5.0.1 when apple no longer signs.
When downgrading to custom 4.1, you don't need to use tiny umbrella to verify 4.1 blob. Set your hosts file back to apple under adv tab : uncheck set hosts file to cydia and close it.
Since you are at 5.0.1, run redsn0w 0.9.9b8 browse to stock 5.0 and only use it to put iphone back into pwned dfu mode.
Once in pwned dfu mode, run Itunes : shift + restore back to custom firmware of 4.1 created by Snowbreeze 2.1 or Pwnage tools 4.1.3.
Your baseband is left untouched as long as you do not restore to stock or official firmware.
The Following User Says Thank You to iYeow For This Useful Post:
12-19-2011, 11:49 PM #13
You've been a great help.
Before your last post, I had already used Snowbreeze to go back to 4.1. That worked great and I was able to unlock with ultrasn0w. Hopefully I can still get the 5.0.1 blobs. If so, I will try your iFaith suggestion after Christmas since after I got this to work my wife wrapped them and put them under the Christmas tree.
So, for anyone else reading, I was able to downgrade from 5.0.1 to 4.1 using sn0wbreeze to cook a custom firmware from a stock 4.1 firmware. After that jailbreak, I was able to use ultrasn0w through Cydia to unlock and use T-Mobile.
Thanks again iYeow. You've been a lifesaver!! Or, at the very least an xmas saver as my wife was gonna kill me since I had pretty much told here that I could get these phones onto TMO since we're on a family plan.
12-20-2011, 12:15 AM #14
You are welcome
HAVE A MERRY CHRISTMAS
The Following User Says Thank You to iYeow For This Useful Post: