Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 25
Discuss [1.1.3 OTB] Hard way downgrading! at the Hardware Unlock - Hackint0sh.org; yes I know that this is more a hardware than software method, but who cares, ...
  1. #11
    Rookie Array

    Join Date
    Dec 2007
    Posts
    12
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    yes I know that this is more a hardware than software method, but who cares, what I want is to unlock the phone.

    Skippy
    Quote Originally Posted by Gstar View Post
    true


    this is more hardware unlock than software


  2. #12
    Senior Professional Array

    Join Date
    Dec 2007
    Posts
    150
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    Ask TA_Mobile

    He know how to do it send him a PM he'S gonna awnser you

  3. #13
    Senior Professional Array crackn's Avatar

    Join Date
    Aug 2007
    Posts
    200
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    23

    Default

    the bootloader is on the first 2 blocks of the baseband nor.

    just reprogram it with 3.9 Bootloader and put it back.


    cheers,


    cRACKn

  4. #14
    Rookie Array

    Join Date
    Dec 2007
    Posts
    12
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Hi,

    Are you sure? Why not reprogram the baseband?

    Do you know where I can get a binary bootloader file to use with the programmer?

    Regards,
    Skippy
    QUOTE=crackn;213136]the bootloader is on the first 2 blocks of the baseband nor.

    just reprogram it with 3.9 Bootloader and put it back.


    cheers,


    cRACKn[/QUOTE]

  5. #15
    Professional Array

    Join Date
    Sep 2007
    Posts
    77
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Quote Originally Posted by crackn View Post
    the bootloader is on the first 2 blocks of the baseband nor.

    just reprogram it with 3.9 Bootloader and put it back.


    cheers,


    cRACKn
    with A17, the bootrom checks the one off-set locations, located in the main firmware, which is writable, unlike the bootloader. so taking the secpack from the modem firmware/version your iphone has, and making those one off-set locations from blank[0xFFFFFFFF], means you can proceed. this is what iEraser does, correct? then you need to patch the firmware from the above nor dump with the documented off-sets. then the program testcode.bb needs to be uploaded to the baseband via the above-bootrom exploit, and the program(iUnlocker, iunew, etc. whatever) run in the same dir as the above mentioned nor.

    so, did Apple close this exploit in 1.1.3 bootrom? or does it still read from the same addresses as before? if it's the same, then nothing is preventing this with 1.1.3 firmware, correct?

    if it was as easy as using the 3.9 bootloader, then why is only TA_Mobile doing it? please help me understand. thanks.

    Eric Jarvies


  6. #16
    Rookie Array

    Join Date
    Dec 2007
    Posts
    12
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    The problem of downgrading the bootloader is that the process of doing it is via hardware and not software/TP, that' why most people can't do it!

    Skippy

    Quote Originally Posted by ericjarvies View Post
    with A17, the bootrom checks the one off-set locations, located in the main firmware, which is writable, unlike the bootloader. so taking the secpack from the modem firmware/version your iphone has, and making those one off-set locations from blank[0xFFFFFFFF], means you can proceed. this is what iEraser does, correct? then you need to patch the firmware from the above nor dump with the documented off-sets. then the program testcode.bb needs to be uploaded to the baseband via the above-bootrom exploit, and the program(iUnlocker, iunew, etc. whatever) run in the same dir as the above mentioned nor.

    so, did Apple close this exploit in 1.1.3 bootrom? or does it still read from the same addresses as before? if it's the same, then nothing is preventing this with 1.1.3 firmware, correct?

    if it was as easy as using the 3.9 bootloader, then why is only TA_Mobile doing it? please help me understand. thanks.

    Eric Jarvies

  7. #17
    Newbie Array

    Join Date
    Dec 2007
    Posts
    7
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by Skippy View Post
    The problem of downgrading the bootloader is that the process of doing it is via hardware and not software/TP, that' why most people can't do it!Skippy
    So TA_mobile removes the flash rom from the layer board, re-programs it externally and solders it back to the board. Is that right?

  8. #18
    Senior Professional Array

    Join Date
    Dec 2007
    Posts
    150
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    Quote Originally Posted by JayBee10 View Post
    So TA_mobile removes the flash rom from the layer board, re-programs it externally and solders it back to the board. Is that right?
    BINGO This is how he do

  9. #19
    Rookie Array

    Join Date
    Dec 2007
    Posts
    12
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    The only thing I need is a confirmation of Start/End address, and BL 3.9 to reprogram the flash.

    Regards,
    Skippy
    Quote Originally Posted by weezo View Post
    BINGO This is how he do

  10. #20
    Newbie Array

    Join Date
    Jan 2008
    Posts
    4
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Guys:

    So the main goal here is try to find an exploit to BL4.6 or to downgrade to BL3.9?
    So, why at this time on an OTB113 it is imposible to downgrade BL? and why it is so diffiult to find an exploit to BL46?

    What we need to perform in each case?

    Rgds!
    Federico


 

 
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Downgrading from iOS 4.3.5 to iOs 4.3.3
    By [@lex] in forum iOS 4.x (iPhone OS 4.x)
    Replies: 2
    Last Post: 09-27-2011, 03:06 AM
  2. Downgrading 1.1.4 to 1.1.1
    By kherlen in forum General
    Replies: 2
    Last Post: 04-18-2008, 04:48 PM
  3. downgrading to 1.1.1 need help!!!!!
    By lion3000 in forum Free Toolchain Software (Cydia App's)
    Replies: 4
    Last Post: 11-18-2007, 04:51 PM
  4. Downgrading 1.1.2 > 1.1.1 > 1.0.2
    By Boiling Ice in forum iPhone "2G" (Rev. 1)
    Replies: 10
    Last Post: 11-14-2007, 07:37 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 06:08 AM.
twitter, follow us!