NOTICE: Don’t use Signal.app if you don’t have an IPSF (or GeoIPSF) unlocked phone or you may use up all the unlock attemps and lock your phone permanantly, you have been warned.
UPDATE: Here’s the tool I used to activate 1.1.4: Act114 for OS X - Jailbreak/Activate 1.1.4 (No Unlock!)
The tool is based on ZiPhone 2.4, but removes unlock features, it does the following tasks:
1. Jailbreak firmware 1.1.4
2. Activate firmware 1.1.4
3. Setup Installer
4. Setup afc2 (so you can use iBrickr & iPHUC)
5. Fix YouTube
To use it, just enter the following command in a Terminal:
./act114 -a -j (jailbreak and activate) ./act114 -j (jailbreak only, setup Installer and afc2) ./act114 -a (activate only, patch lockdownd and youtube)
This new tool (actually the ramdisk) only recognizes 2 parameters (-a and -j), any other parameters will simply be silently ignored. I repeat, this package has NO UNLOCK. The detailed info about this jailbreak/activation is at the end of this article.
UPDATE: To use this tool on Windows, copy the zibri.dat in the package into your Windows ZiPhone 2.4 folder (overwrite the old file), use the same command line parameters to jailbreak/activate:
ziphone -a -j (jailbreak & activate) ziphone -j (jailbreak only) ziphone -a (activate only)
UPDATE: The iClarified’s ZiPhone-1.1.4_by_JBLP uses my zibri.dat (extracted from the Act114 for OSX package) to jailbreak and activate, so you know it’s widely accepted now. Hey I need some credits ;)
Okay, the firmware 1.1.4 has been released, since my phone is running 1.1.3 with bootloader 3.9, and there’s a very convenient tool named ZiPhone out there, so I decided to give 1.1.4 a try. In case anything’s wrong, I can always return to a previous version.
So I update my 1.1.3 to 1.1.4 with iTunes, the update was completed without hassle, at the end of update (after iPhone restarted), iPhone stayed in SpringBoard (same as it was during my last 1.1.2 to 1.1.3 update), so I checked the version, yes, it is 1.1.4 with baseband 04.04.05_G.
Then I restarted my iPhone and expected it would be stuck at the activation screen, and yes it did stop there, now I needed to find a way to jailbreak and activate it.
As I have played with ZiPhone some days ago and are familiar with the way it works, so I quickly created a new ramdisk which jailbreaks the phone and adds the afc2 support so that I can get the new lockdownd to analyze. I jailbreak my 1.1.4 with the customized ramdisk, then I use iPHUC to get the new lockdownd 1.1.4.
UPDATE: Yes, it’s possible to install SSH during the jailbreak, but I was just too lazy to do it, besides, iPHUC could do everything I needed except running shell commands which was not needed at the moment.
The first thing attracted me is the file size, the lockdownd version 1.1.4 was the same size as in version 1.1.3, so I speculated maybe there’s few changes in it, a quick binary comparison proved it, Here’s the differences between lockdownd 1.1.4 and 1.1.3:
Search for differences 1. G:\iPhone Stuffs\Lockdownd\114_lockdownd_original\lockdownd: 1,107,780 bytes 2. G:\iPhone Stuffs\Lockdownd\113_lockdownd_original\lockdownd: 1,107,780 bytes Offsets: hexadec. 5A8: FF DF 5A9: 6B 1F 5AA: 91 63 604: EF 67 605: A2 48 606: AA 63 608: 1C 1A 660: 18 09 661: 6C 20 662: 91 63 6B4: AE E1 6B5: 6C 20 6B6: 91 63 71C: 49 0A 71D: 6B 1F 71E: 91 63 754: 49 0B 755: 6B 1F 756: 91 63 788: 05 EB 789: 6C 1F 78A: 91 63 C40: 2D E1 C41: 17 6C C42: 71 67 C43: B4 8B C44: A2 FD C45: 4C E6 C46: 40 45 C47: 41 C0 C48: A3 B2 C49: CF 52 C4A: 10 2A C4B: 5C DD C4C: C6 1F C4D: 61 0D C4E: 61 13 C4F: E0 FB 107808: B8 98 1078A0: F0 D0 1078B4: E8 C8 10790C: C4 A4 107918: C8 A8 107954: 58 38 1079F0: A0 80 107AD0: A9 0D 107AD1: 8F 90 107AD4: 6D D1 107AE8: C9 2D 107AE9: 95 96 107B08: 0F 73 107B14: E9 4D 107B15: 28 29 107B64: 85 E9 107B90: 0D 71 107B98: 1D 81 107BD4: B7 1B 107BD5: 28 29 107BE8: 49 AD 107C3C: 37 9B 107C60: B9 1D 107C61: 9C 9D 107C98: 6F D3 107CC4: AF 13 107CC5: 8B 8C 107CF4: 19 7D 107DCC: 9D 01 107DCD: 2C 2D 107DD0: AF 13 107DD1: 30 31 107DD8: 51 B5 10ACE0: B9 1D 10ACE1: 9C 9D 10ACEC: C9 2D 10ACED: 95 96 10ACF8: 49 AD 10AD04: A9 0D 10AD05: 8F 90 10AD10: 6F D3 10AD1C: 19 7D 10AD28: AF 13 10AD29: 8B 8C 10B0AC: 9D 01 10B0AD: 2C 2D 10B0B8: E9 4D 10B0B9: 28 29 10B0C4: 51 B5 10B0D0: AF 13 10B0D1: 30 31 10B0DC: 6D D1 10B0E8: 0F 73 10B0F4: 1D 81 10B100: 37 9B 10B10C: B7 1B 10B10D: 28 29 10B118: 0D 71 10B124: 85 E9 10B370: 58 38 10B37C: C8 A8 10B388: C4 A4 10B394: F0 D0 10B3A0: E8 C8 10B3AC: A0 80 10B3B8: B8 98 104 difference(s) found.
A very interesting thing is: the old (1.1.3) lockdownd patched bytes didn’t fall into the lockdownd changed areas. What does it mean? It means:
The lockdownd patch for version 1.1.3 can be applied to version 1.1.4
So I quickly patched the 1.1.4 lockdownd as introduced in 1.1.3, and put it up to my iPhone, after a restart, boom, it works :) The patch is in This Article.
Now I have a 1.1.4 jailbroken and activated, I’m gonna check if the geohot IPSF-alike unlock stays after this upgrade.
UPDATE: Oops, I forgot I had revirginized my phone and used anySIM-alike method, so now I’m not able to test if geohot’s IPSF-alike survives after the update, but according to the following log:
AT+XGENDATA
+XGENDATA: "
",
"DEV_ICE_MODEM_04.04.05_G",
"EEP_VERSION:208",
"EEP_REVISION:1",
"BOOTLOADER_VERSION:3.9_M3S2",1,0
The bootloader has not been changed after the update, so I’ll assume the IPSF-alike unlock will stay effective after the update.
UPDATE: I’ve downgraded my baseband to 04.03.13_G (if you wanna do so, you need Secpack 04.04.05_G), and will unlock it with geohot’s IPSF-alike way, then retry the update and check if the unlock survives.
UPDATE: Yes, confirmed, the IPSF-alike unlock survives after the update, now I have a working 1.1.4 + 04.04.05_G unlocked phone.
UPDATE: The 1.1.4’s rootfs volume name is LittleBear4A102, very similar to 1.1.3’s LittleBear4A93, I speculate it’s just a minor update to 1.1.3, this might explain why the new lockdownd is so close to its previous version.
UPDATE: BTW, I didn’t use Signal.app, I used a utility called sendmodem to issue commands in shell (need not close CommCenter because it uses /dev/tty.debug):
/usr/bin/sendmodem ' AT+CLCK="PN",0,"00000000" ' /usr/bin/sendmodem ' AT+CLCK="PN",2 '
The 2nd command returned 0 indicating the phone’s unlocked, and I switched on and off Airplane Mode to force a quick carrier recognization.
UPDATE: For those of you who care about what’s in the jailbreak, here’s the script:
# System-wide .profile for sh(1) PATH="/bin:/sbin:/usr/bin:/usr/local/bin:/usr/sbin" export PATH /bin/sleep 5 /sbin/fsck_hfs -fy /dev/disk0s1 /sbin/fsck_hfs -fy /dev/disk0s2 /sbin/mount_hfs -o noasync,sync /dev/disk0s1 /mnt1 /sbin/mount_hfs -o noasync,sync /dev/disk0s2 /mnt2 if [ "`/usr/bin/nvram jailbreak 2>/dev/null|/bin/cut -f 2`" == "1" ] ; then /bin/echo "Starting jailbreak..." /bin/cp /zib/fstab /mnt1/private/etc/fstab /usr/bin/unzip -o -K -X /zib/Installer.zip -d /mnt1/Applications/ /bin/mkdir -p /mnt2/mobile/Library/Installer/Temp /usr/bin/unzip -o -K -X /zib/InstallerData.zip -d /mnt2/mobile/Library/Installer/ /bin/cp /zib/com.apptapp.Installer.plist /mnt2/mobile/Library/Preferences/ /bin/cp /zib/Services.plist /mnt1/System/Library/Lockdown/ fi if [ "`/usr/bin/nvram activate 2>/dev/null|/bin/cut -f 2`" == "1" ] ; then /bin/echo "Patching lockdownd..." /usr/bin/unzip -o -K -X /zib/Lockdownd.zip -d /mnt1/usr/libexec/ /bin/echo "Activating youtube..." /bin/mkdir -p /mnt2/private/var/root/Library/Lockdown /bin/cp /zib/data_ark.plist /mnt2/root/Library/Lockdown/ /bin/cp /zib/device_private_key.pem /mnt2/root/Library/Lockdown/ /bin/cp /zib/device_public_key.pem /mnt2/root/Library/Lockdown/ fi /bin/echo "Unmounting filesystems..." /usr/bin/umount /mnt1 /usr/bin/umount /mnt2 /sbin/fsck_hfs /dev/disk0s1 /sbin/fsck_hfs /dev/disk0s2 /usr/bin/nvram auto-boot=true /usr/bin/nvram boot-args="" /usr/bin/nvram -d unlock /usr/bin/nvram -d imei /usr/bin/nvram -d ierase /usr/bin/nvram -d jailbreak /usr/bin/nvram -d activate /usr/bin/nvram -d bl39 /bin/echo "Now rebooting..." /sbin/reboot while (true); do sleep 1; done
So from the above script, you’ll know it’s safe to run it as you can always do an iTunes restore to remove all its footprint if you don’t like it.
UPDATE: If you need the latest resources (the baseband files, the secpack, the decryptions key, etc), please click that “PULL” button, I’ve updated the related files.
75 Comments
survives the original IPSF?
Is there any easier way for me? Cause I’m a newbie.
Hi George, nice work.
Do you have plans to compile that to win32?
Cumps
@sourgrape,
No, I’m not gonna put on a Win version because I’m sure soon there will be better (GUI) all-in-one tools for jailbreak/activate/unlock. The OSX version here is just for the first taste, hehe :)
common ! don’t post German or other non-English comments here, this is an international forum/site, so stick to English !!
George, you will do the 04.13 IPSF like Geohot unlock, meaning you’re on a BL 3.9 ?
thanks for the info and updated ziphone, i am now upgrading my 1.1.3 IPSF_geohotz unlocked 3.9BL phone and will test this and see if IPSF_geohotz survives
@Patrik, Yes.
@mytriniphone, I’ve tried, it works !
Does a iPhone unlocked with iPSF at 1.1.1 now at 1.1.3 survive?? It was activated with ZiPhone at 1.1.3. Could you help George?
George, why don’t you join DEVteam at Hackint0sh ? you definetly have skills and knowledge which can be usefull to that community in order tobring otu those things you have been working on.
@Chris, I’d say yes, besides, you can alwasy roll back because you’re on BL3.9 given you have a copy of your original seczone.
@Patrick, I don’t wanna be stressed out :)
eheheh no problem man.
Keep up the awesome work. Your site is in my top-five to check every morning :-)
George I need you help!! Updated and activated with iNdependence. No service though!! Can you help me?
@Chris, you need to send a ‘AT+CLCK=”PN”,0,”00000000″‘ to baseband each time you reboot your iphone, use signal.app is an easier way to achieve this.
I have Signal app on my Springboard. Nothing is working.
George, please help!! This is not good.
There’s no a specific solution for the ‘no service’, need to check possible causes one by one, not easy to explain in a comment though, requires some command line knowledge.
Can you please contact me through email: chris.wanja@mac.com
first thank you for your site, clear and detailed explanations, great.
thinking of updating my 1.1.3/3.9 geohot unlock phone:
any changes, new features, some reason??
Hey George, I like your articles. Let us know if you want to join in on the stress that Patrick mentioned ;)
I have a iphone with a 3.9 bootloader and i accidentally upgraded it to 1.1.4 with 04.04.05_g baseband how can i downgrade my baseband?
Please Help
Thanks
You need Secpack 04.04.05, and follow This Tutorial to downgrade it, remember to replace the secpack with 04.04.05, the steps are the same, only secpack differs.
George, you should join the DEV-team http://iphone-dev.org/ , you are too good technically to continue on your own. Join forces and the results will be positive. Even pumpkin as a veteran is asking you (I am also a veteran - since the very first iPhone days - but only observer, follower, reader, executer …but at least, I can valuate the potential of many people which have been floating on forums and blogs, sometimes - like you - showing their real potential and contribution, sometimes people pretending more than they actually can do). On the stress : since this is a non commercial group, I think you only take the stress you want to take ..so …
and by the way, I appreciate your site : it contains everything one can need to get through the different versions of JB, activation unlock, baseband re-flash …
Thanks GeoHot
It works!
I’m french I release on http://iphon.fr
@Shine72, I appreciate your encouragement, BTW, I’m not geohot ;)
I have a strange problem with my IPSF unlocked iphone.
I restored to 1.1.4, I jailbreaked and activated and used signal.app. Everything seemed to be ok since I had carrier name on the screen. But when I try to make phonecall then nothing happens…..
Could it be that I am in unsupported country (estonia)?
Oh okay
can you change your surname so ? lol
I’m sorry
I’ve release on http://ishine.fr and after on http://iphon.fr
Hey thanks! I used your zibri.dat with ziphone 2.4! Everything went great and now I have a IPSF unlocked 1.1.4 iphone!!! :)
Keep up the great work!
tanel > Install iWorld then select your country
@tanel, Probablly, you may need to check the syslog to find out what’s wrong, and I’m sure a new AppSupport will be out in a few days which might help you out. Since it’s a minor update, I even think maybe the current 1.1.3 AppSupport can also be used on 1.1.4 but I didn’t try it because my country is officially supported.
I restored and rejailbreaked my phone. Now signal.app does nothing. What next? Is it good idea to downgrade baseband?
There seems to be a problem with the EDGE settings. Every time I enter my APN and press “return” the Settings app crashes. I had this problem on 1.1.3 with the dev team jb, it was fixed when I used ziphone 2.2.
I entered “./act114 -j” in terminal and nothing happens. Help please?
ok. Strange. very strange.
My iphone suddeny go carrier and I am able to make calls. It sound insane, but everything started working after I had added iclarified source to installer….. No I can reboot phone and everything…… This cannot be true….. or is it?
I just realised that I made number of spelling mistakes in my last post. Sorry about that…
George, I replaced the Zibri.dat into the windows version and applied the commandlines “-a -j” in a window as you described. The iPhone successfully jailbreaks into 1.14 with 4.04.05 baseband. I’m having bootloader 3.9. However, the carrier signal is nil and no name. I do not have the problems with 4.03 baseband with Zibri 2.4 of either DOS or GUI versions.
I believe the iPhone needs further touch on the break. Any advise?
At the present juncture, Apple firmware webupdate is congested with concurrent download of 1.14. The packets are loose like rubberband and size do not tally with 165.964KB. It is ironic with today’s technology that bandwidth heavy loads still narrow down the data reliability CRC. Unlike BBS protocol of earlier times before internet ever started.
I have to download off from another source link for the 1.14 ipsw. And in addition, the upgrade sweeps clean third party apps except for notes, contacts, mails and pictures for your info.
Signal.app applied sending in jailbreaked 1.14 using iBrickr 0.93. Doesn’t work. Affirmed.
Restored back Firmware 1.13 of BL3.9 but baseband maintains 4.04.05. Boots using iBrickr 0.93 and using Zibri 2.4 but signal still unknown and nil definite.
Thanks George for this awesome jailbreak & activation. I restored my ipsf unlocked iPhone to 1.1.4 using iTunes 7.6.1 on Mac OS X 10.5.2. Ran “./act114 -a -j” and the iPhone was successfully jailbroken and activated, but as expected, no EDGE or cellular signal. Installed Signal.app (could haved used a bit of help with that part, good info on Signal.app is hard to find), and I have cellular signal and can send/receive calls, SMS, voicemail notification and get the EDGE icon. I input my EDGE settings, and EDGE didn’t appear to work at first. Rebooted the iPhone and still got errors trying to connect to websites using EDGE, but it suddenly started working. Maybe a problem with the network. So far, so good! Thanks again!
iNdependencd 1.4 beta 5 jailbreak时出现 Downdloading firmware file……
接着就跳出Couldn’t downdload firmware file.
mac os x 10.5.2
itunes 7.6.1
谢谢你!!!
good work, I ended up downgrading baseband last night after jailbroke/activated 1.1.4.
my baseband was anysim-ed therefore didn’t survived the baseband upgrading.
i nordumpped and patched the nor, but failed unlocking @_@…mah…
is there a guide to norz? cuz nordumper is waaaaay to slow, and i don’t know how to use norz :(
Norz syntax:
For example:
The above command dumps the seczone into a file named seczone.dump.
Dave: use secpack for 4.04.05G and ieraser to erase the baseband, then bbupdate to older baseband. if you can’t find the files, I have a package for all the files needed for downgrading available at http://www.crumpz.com, scroll down the page a little and you will see the link. I hope you can figure out how to do it because there is command list indicated on howto, and i’m too lazy to write the script for it.
btw ziphone is just a wrapper of some other people’s work, it’s cannot provide the functions that itself not capable of(yet), say downgrading a 4.04.05 baseband.
thanks George, could you kindly show me how to dump and put back the patched nor?
norz nor starting_address length
patching nor
iUnlock nor blah.fls
is that right way to unlock it?
@CrUmp, check the article “Manually Unlock 04.03.13_G”.
@Liu Bin, your question does not belong to this article (off topic).
to George: Manually Unlock 04.03.13_G doesn’t apply to the new baseband, i’ve tried it last night with 4.04.05_G. I followed through GeoHotz’s script but no success, maybe I was unlucky.
@CrUmp, You need to downgrade baseband to 04.03.13_G first, then follow that article.
I’m in the same place as alot of us here…..I got a 1.02 OTB phone 3.9 BL, (been upgraded to 1.11, 1.12, 1.13 obviously over the last 7 months), unlocked using devteam method soft 1.13 upgrade. just did the ziphone 2.4 jailbreak/activate, worked great with your modified zibri.dat file. but not unlocked. managed to get SSH onto the phone, put signal.app in, ran it, and nothing. Any advice or help/words of wisdom would be greatly appreciated.
hey….if i downgrade the bb to 04.03.13…my question was not about 04.03.13, it was about from where and how many bytes I should use norz to dump, and what do i use to put back the patched nor.
@Rick, do NOT do it! You may render your phone locked permanantly if operate incorrectly (unless you have a copy of your original seczone) ! You must have a IPSF or GeoIPSF unlocked phone to make calls on 04.04.05_G at the moment. If you prefer anySIM unlock, better check Hackint0sh forum for details. Please keep in mind, Signal.app does NOT unlock your phone, it only sends out ‘AT+CLCK’ commands to baseband, and if your phone has not been unlocked, it’ll be permanantly locked after 5 attemps and there’ll be no way to salvage a permanantly locked phone unless you have a copy of your original seczone and bootloader 3.9.
@CrUmp, please learn how to read, the “Manually Unlock 04.03.13_G” has all the info you need.
Nice work, George. I followed your tutorial and used your zibri.dat to successful update my iphone with BL 3.9. Now I have more than 6 hours testing the 1.1.4, everything goes well. I just want to say thanks to you!
First, Thanks for making jailbreak and activate work on 1.1.4. I am beginning to feel a little better. =)
I have an old AT&T SIM that is not Apple activated that used to work fine (1.0.2~1.1.3). I updated to 1.1.4 and tried Ziphone yesterday and it did not succeed in Activating it. I tried to restore to older versions, but baseband 04.04.05_G seems to stay there and the phone now complains of invalid SIM. Also, each time I restore to older firmware, the process ends with an error message at the end but the restore does seem to happen.
It appeared to me that the baseband 04.04.05_G does not allow you to use the old AT&T SIM’s anymore.
I have now restored back to 1.1.4 and used your tool to properly jailbreak and activate 1.1.4, but I get no network connection.
Have I blown it by trying too many restores?
I am now wondering if I must use one of the unlock methods. If I do so, is it permanent?
Geroge, could you kindly advise what I should do?
Thanks.
George: Do you have a solution for my problem? Seems to be a problem with the permissions. In which file are the EDGE settings stored?
Help!
I updated my phone to 1.1.4 using ziphone’s method a little too early and now I have a very expensive iPod Touch.
I did use your updated zibri.dat with ziphone2.4 on Windows to successfully jailbreak and unlock, but baseband 04.04.05_G doesn’t seem to support my SIM. I have an old AT&T plan that I don’t want to update to new Apple plan.
Please give some advise as to what I should do next. Shall I use one of the unlock methods? I’ve never had to do it til now. Will it be permanent? Have I accidentally permanently locked my phone?
Thank you.
I don’t know without seeing the phone log file. If you suspect it’s permission issue, try:
George,
Was that you who worked on the Chinese text input? I do alot of work with international software and I found that so awesome. I wanted to email you but couldn’t figure out how… mind dropping me a line? (IRC works too. You know where to find us on the iPhone channel).
Thanks a bunch!
Nope, I’m not the guy who developed the Chinese IME, you may like to check these sites:
@Joon, I can’t tell if your phone has been permanantly locked without checking it, you may check it in this way, put a copy of sendmodem to phone’s /usr/bin folder, then issue commands (in Term-vt100 or SSH):
If it returns 1,1 it’s still fine
If it returns 2,3 too bad it’s permanantly locked, you have to use your original seczone to restore seczone.
If you wanna downgrade baseband, you need the new secpack 04.04.05_G, click PULL button at the top of this page and you’ll find it. Then refer to any baseband downgrade tutorial to downgrade your baseband, the steps are all the same except that you must use the secpack 04.04.05_G because your baseband has been updated to this version. In brief, put all the needed files into /usr/bin, the issue commands (in Term-vt100, SSH will not work):
You should see your baseband version downgraded to 04.03.13_G.
Caution: reflashing baseband is a dangerous operation, do at your own risk.
George, you won’t believe it… iClarified has succeeded the unlock besides the jailbreak and activation process using 2.4 Zibri Windows version. I have restored to 1.14 with BL3.9 and of 4.04.05 modem firmware. Everything works for all sims. No need Signal.app. Full strength in calling in and out. Faster connectivity. They have modified Zibri to cater the break and activation. Check it out!
George, you mention a couple of times here that people who lock their phones could restore their “original seczone.” I have an OTB112-4.6BL that’s been modified using ZiPhone2.4 to 113-3.9BL. Since I’ve downgraded my bootloader with ZiPhone, do I still have my original seczone? And, assuming I do or that it’s worthwhile anyway, how can I create a backup of my seczone for safe keeping? I’m not bold enough to try this hacking until a more stable tool like ZiPhone is out for a bit, but the idea of having a backup is good in any case.
Update: I found Norz, and backed up my seczone. I’m still looking around (here, hackint0sh, etc.), and I’m beginning to think the ZiPhone style unlock which downgrades the BL from 4.6 to 3.9 didn’t modify my seczone, but I’m hoping George or someone here can confirm this for sure.
@Richard, my seczone restoration is on BL3.9 only. The BL downgrade doesn’t change your seczone. Caution: Some people reported they had bad experiences after downgrading bootloader, do at your own risk.
@Dave, it’s the new (experimental?) unlock, it’s anySIM method, so it’ll be invalidated after a baseband update, I think iClarified uses my modified zibri.dat to jailbreak/activate, I get this thinking from Hackint0sh sticky posts. UPDATE: I have checked the zibri.dat, it is exactly the same as the one in my Act114.
Thanks George, your instructions for checking my modem showed 1, a huge relief.
Interestingly however, downgrading the 04.03.13_G band didn’t fix my problem with the AT&T sim not being recognized. I don’t really get a bad sim error, the “Searching” message just flips by and no network connection.
I finally downgraded my baseband to 04.01.13_G and voila! my network came back. So now I have a phone with 1.1.3 FW and 1.1.1 BB.
BTW, at first, I didn’t understand what I was supposed to do with the secpack file. Upon immediate googling, there weren’t any simple instructions on how to downgrade the baseband. I had to digg deep to find out that I was supposed to copy the current baseband version of secpack file in to the same folder as the baseband firmware along with the utilities, ieraser and bbupdater. And then, I had to write a good script because wifi gets cut off during the process and 1.1.3 screwed up my vt-100 so I don’t have terminal other than SSH.
I’ve included the script below, just incase someone needs it.
#!/bin/sh
cd /reflash
chmod 755 *
launchctl unload -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
./ieraser
./bbupdater -f *fls -e *eep
./bbupdater -v
launchctl load -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
/sbin/reboot
And as you suggested in other topics I ran the scipt using the following command from SSH.
nohup sh downgrade.sh > ~/downgrade.log 2>&1 &
Took a number of tries and a bit of ddoh! moments, but it all worked thanks to you.
Finally, it would be nice if someone could confirm that 1.1.4 baseband seems to disable(may require unlocking) regular AT&T sim that wasn’t applyzed(signed up through iTunes)?
Or was it Ziphone 2.4?
Joon
@Joon, nice to hear you made it. For the ‘WiFi lost during reflash’ problem, there’s another way to deal with it, just downgrade your firmware to 1.0.2, firmware 1.0.2 has been confirmed has WiFi during the whole procedure, when you have finished reflashing your baseband to 04.01.13_G, restore firmware to 1.1.1 with iTunes, your baseband will not be updated.
heyy George,
im a newbie. i would like to know is there any point in getting a 1.1.4 OTB? is there any way to jailbreak / activate? please help me out. in laments terms please thank you.
spree: there is a new version of ziphone available that lets you jailbreak, activate and unlock an iPhone with firmware 1.1.4. The latest version of ziphone is 2.5. I haven’t use it yet becuase I don’t want to downgrade the bootlader. Maybe george can write some more what exactly ziphone 2.5 does and why it needs to downgrade the bootloader.
//Rob
George,
Do you know an option for iWorld in 1.1.4.?
I live in an unsupported country (Chile) and there’s no way I can use my phone without something like it.
In 1.1.2 worked fine, but now I have a new iphone and its 1.1.4.
I really would appreciate any suggestion.
Thanks!
Clandrea,
Try AppSupport for 1.1.4, available both in iLiberty+ (Win) and iLibertyX (OS X).
i am losing you guys, hm… it’s seems to dificult for me to do it, the problem is that my brother upgraded my iphone on itunes, it was unloked but it was not working properly it was losing the signal all the time… now it dosnt work at all… it’s just loked or something i think it was upgraded to the latest version i entered the code to finde out about the firmware wich is version 04.04.05_G… what does this mean is it 1.1.4 or? i whould really appreciate a litel bit of help or advice on what to do next with it …. wher shoud i start what shoud i do how should i downgraded again. i am also based in asia philippin.
thanks
Hi George,
I have a 2.0 firmware iphone. I want to downgrade it to 1.1.4 firmware and I did. But the baseband is 4.05.04, how do I downgrade the baseband? and what baseband am I suppose to have for 1.1.4. And what program could I use to jailbreak/unlock/activate it? I downloaded ziphone 3.0 but have not used it, because I want to make sure that the firmware & baseband matches.
I have a 2.0 firmware iphone. I want to downgrade it to 1.1.4 firmware and I did. But the baseband is 4.05.04, how do I downgrade the baseband? and what baseband am I suppose to have for 1.1.4. And what program could I use to jailbreak/unlock/activate it? I downloaded ziphone 3.0 but have not used it, because I want to make sure that the firmware & baseband matches.
I have a 2.0 firmware iphone. I want to downgrade it to 1.1.4 firmware and I did. But the baseband is 4.05.04, how do I downgrade the baseband? and what baseband am I suppose to have for 1.1.4. And what program could I use to jailbreak/unlock/activate it? I downloaded ziphone 3.0 but have not used it, because I want to make sure that the firmware & baseband matches.
kindly reply ASAP
10x
I like this website. This website helped me with prayer learning. Good job. Thank you. Please provide more French prayers. Bye-bye.i