Results 1 to 1 of 1
Discuss Wildcard Ticket unlock method?? at the General - Hackint0sh.org; UNLOCK USES A MINOR EDIT, NONE OF THE EXPLOITS USED ARE NEW. YOU NEED TO ...
  1. #1
    Rookie Array

    Join Date
    May 2010
    Posts
    11
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default Wildcard Ticket unlock method??


    UNLOCK USES A MINOR EDIT, NONE OF THE EXPLOITS USED ARE NEW. YOU NEED TO BE JAILBROKEN, ALL THIS DOES IS CREATE A TEMPORARY TOKEN TO UNLOCK. NOT A TRUE NCK BRUTEFORCE UNLOCK, BUT STILL MORE ADVANCED THAN ULTRASN0W.
    Jailbreak for READ/WRITE ACCESS
    SecZone- patch lockdown.
    Baseband- deactivate.
    Direct to:
    0x010-0x090 Public Key (RSA Key 3)
    0x80 byte
    0x0 Total length of the policy table in bytes
    <Policy Item>
    0x0-0x2 ID
    0x2-0x4 type?
    0x4-0xC IMSI mask

    Activate Seczone lock down patch to allow IMSI Wildcard.plist EDIT
    Go to: /var/root/Library/Lockdown/activation_records/wildcard_record.plist at this point the patch should allow you to find the IMSI Mask. You need to find these values.
    YOU SHOULD SEE EITHER OF THE FIRST (2) VALUES [If you have the third value (aka the unlocked value) I have one question. Why the hell are you reading this guide?]
    ==>AT&T USA
    IMSI Mask
    310150?????????
    310170?????????
    310410?????????
    311180?????????
    310980?????????
    ==>T-Mobile Germany
    IMSI Mask
    26201??????????
    26201??????????
    26201??????????
    All restrictions should be off at this point and the SecZone should have full read/write access via Modem. Copy and Paste from plisteditor will work as long as the baseband is deactivated. So change the values to that of a factory unlocked iPhone. The NCK BruteForce method can attain the actual key to create a pseudo Factory Unlocked Device that can stay unlocked via updates, this edit method makes your iPhone think that it is unlocked via a fake sig checked activation token (NOTE: RESTORES AND SYNC RESTORES WILL DEFAULT BACK TO THE ORIGINAL CARRIER SETTINGS! YOU WILL LOSE YOUR UNLOCK!)
    At this point you change the values of the IMSI Mask to that of a Factory Unlocked Device.
    ==> Unlocked Device
    IMSI Mask
    ???????????????

    Reactivate Baseband. Signature token will activate phone via baseband and your phone will be unlocked.
    Can anyone shed some light on this??- from first read it does make a bit of sense to me from little i understand

    I thought BB processor sigchecks this ticket, so you would need exploit anyway (ie vulnerable baseband) but i don't know where this info came from, how reliable it is or even if it is current. it mentions seczone patch but no files are attached

    can anyone with more experience give some input? tia spinme
    Last edited by Gecko_uk; 04-15-2011 at 03:30 PM. Reason: might as well



 

 

Similar Threads

  1. Help! How to get wildcard blacklist to work in MCleaner?
    By to1337ca in forum Free Toolchain Software (Cydia App's)
    Replies: 0
    Last Post: 03-19-2009, 08:05 AM
  2. [1.1.4 (1.0.2)] T-Mobile non-unlock unlock method?
    By Tmob337 in forum iPhone "2G" (Rev. 1)
    Replies: 2
    Last Post: 03-10-2008, 02:20 PM
  3. [1.1.2] Which Unlock Method To Use?
    By syper in forum iPhone "2G" (Rev. 1)
    Replies: 5
    Last Post: 02-17-2008, 02:56 PM
  4. which method do [U]I[/U] use to unlock
    By thesaint in forum iPhone "2G" (Rev. 1)
    Replies: 1
    Last Post: 11-22-2007, 03:33 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 03:14 PM.
twitter, follow us!