Results 1 to 3 of 3
Discuss Need someone with a never unlocked pre-1.1.1 phone at the iPhone "2G" (Rev. 1) - Hackint0sh.org; I found an interesting piece of info, after buying a new iPhone to replace my ...
  1. #1
    Advanced Array sparx's Avatar

    Join Date
    Sep 2007
    Posts
    31
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default Need someone with a never unlocked pre-1.1.1 phone

    I found an interesting piece of info, after buying a new iPhone to replace my brick. I downgraded my virgin 1.1.1 to 1.0.2 and ran bbupdate to get the firmware versions:

    # bbupdater -v
    # Resetting target...
    # pinging the baseband...
    # issuing +xgendata...
    # firmware: DEV_ICE_MODEM_04.01.13_G
    # eep version: EEP_VERSION:207
    # eep revision: EEP_REVISION:8
    # bootloader: BOOTLOADER_VERSION:3.9_M3S2

    not too exciting until you compare it with the same from my brick 1.0.2 unlock upgraded to 1.1.1 and back:

    # bbupdater -v
    # Resetting target...
    # pinging the baseband...
    # issuing +xgendata...
    # firmware: DEV_ICE_MODEM_04.01.13_G
    # eep version: EEP_VERSION:207
    # eep revision: EEP_REVISION:7
    # bootloader: BOOTLOADER_VERSION:3.9_M3S2


    Notice the EEP revision is bumped on the virgin phone, but not on the brick. So, what I want to know, if anybody has a 1.0.2 or older phone, that was upgraded 1.1.1 and then downgraded. Can you see if your EEP revision is at 7 or 8?

    I'm thinking that even if we can't flash the baseband without a sec pack, then maybe the EEP can be flashed using a reconstructed rev8 EEP. Of course, I'd like to know if the EEP revision bump is even needed, that's why I'm posting. Getting our hands on the rev8 EEP is another story.



  2. #2
    Advanced Array sparx's Avatar

    Join Date
    Sep 2007
    Posts
    31
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Shouldn't be a huge surprise, but the NOR dumps from the brick 1.0.2 and virgin 1.1.1 are the same size, but there are some interesting differing swaths of bytes. The most interesting is at offset 0x003C0330, where the virgin phone shows a routine containing KSATsec.atcp, while the brick phone shows a whole lotta 0xFF where the routine should be. I'll keep dissecting.

  3. #3
    Advanced Array sparx's Avatar

    Join Date
    Sep 2007
    Posts
    31
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Bit more info on the cmp of the nordumps in terms of offset and noticable differences:

    0x00015915 - 0x00020000: virgin 0x00 / bricked 0xFF

    0x003C0016: virgin "00:04" / bricked "00:01"

    0x003C0330 - 0x003C131D: virgin (data) / bricked 0xFF

    0x003E0000 - 0x003E4D35: virgin (data mainly 0x00) / bricked 0xFF

    0x003F2144 - 0x003FFFFF: virgin (data) / bricked (data but diffs from virgin slightly)

 

 

Similar Threads

  1. Replies: 1
    Last Post: 07-28-2008, 02:53 PM
  2. how to determine phone number in unlocked phone?
    By thadiyan in forum iPhone "2G" (Rev. 1)
    Replies: 3
    Last Post: 11-13-2007, 03:09 PM
  3. Replies: 5
    Last Post: 10-14-2007, 06:04 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 06:07 AM.
twitter, follow us!