Discuss Windows baseaband downgrade - Baby steps ;) at the iPhone "2G" (Rev. 1) - Hackint0sh.org; Disclosure:
Developed with the help of IRC people based on Iphone elite wiki .
Windows baseaband downgrade - Baby steps ;)
Developed with the help of IRC people based on Iphone elite wiki.
Tested with week 30 iPhone, activated and unlocked to use a BrasilTelecom SIMcard and upgraded to 1.1.1 without knowing.
So i had to make the 1.02 restore before all this steps.
You will need a 1.02 phone with bsd subsystem, terminal and anysim 1.02 already installed. If you downgrade from 1.1.1 like me you probaly have this now.
Create a root folder call it unlock - c:\unlock
Download to this folder:
Windows programs (links to follow next):
Iphone binaries (links to follow next):
On your iphone open terminal and type:
On your windows open cmd.exe, on a Vista computer open explorer and type cmd.exe at the address bar
pscp ieraser your.ipod.ip.address:/unlock/.
pscp bbupdater your.ipod.ip.address:/unlock/.
pscp ICE03.14.08_G.eep your.ipod.ip.address:/unlock/.
pscp ICE03.14.08_G.fls your.ipod.ip.address:/unlock/.
pscp secpack40113.bin your.ipod.ip.address:/unlock/.
Now putty will ask if you want to connect to the iPhone, answer y and
type the password, dottie.
Now you are on your Iphone terminal, please pay attention on what you´re typing.
chmod +x ieraser
chmod +x bbupdater
launchctl remove com.apple.CommCenter
You had make the binaries executables, stoped the com.apple.CommCenter and you executed bbupdater to view what version is your iphone baseband. Now its time to rename the secpack, don´t forget to rename ieraser only accepts secpack as the filename, and let´s erase the baseband.
mv secpack40113.bin secpack
Now run the bbupdater command again, see if your baseband is erased. Type
Now lets reflash the baseband, to do type:
./bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls
This will flash the 3.14.08 baseband firmware back to the iPhone, bbupdater will run for 3 minutes.
When its over let´s check if it´s reprogramed the 3.14.08 baseband, type:
The correct answer :
pinging the baseband...
eep version: EEP_VERSION:207
eep revision: EEP_REVISION:7
Now just reboot and run anySIM 1.02
Please correct any errors!!!!!!!!!!!!!
Last edited by tsialex; 10-12-2007 at 07:51 AM.
Does this move your NCK counter up to 2...? after running anysim the 2nd time?
I think it is easier for n00bs to use winscp that has a drag and drop interface to copy files and to change perms (+x)
Looking for this info, do you know a easy way to view the nck count?
Originally Posted by ugene
What if this is a virgin OTB 1.1.1 - Please expand the tutorial or define the steps between downgrading the firmware at http://www.efksoft.com/products/ipho...tutorial_a.htm and downgrading the baseband. I mean, I'll have a downgraded 1.0.2 firmware with a 1.1.1 baseband...where do I go from here? Thanks - this is the graetest place on earth!
Ok, but this method works for upgraded 1.1.1 or out of the box 1.1.1?
thanks a lot,
ieraser always get this error
Get FlashID Request
00000000 | 02 00 01 08 00 00 00 00 01 08 03 00 | ........ ....
Major: 0, Minor: 0, String:
iEraser: tool by geohot
thanks to gray and the dev team for the implementation
thanks to nightwatch for the awesome toolchain
and thanks to anonymous, iProof, lazyc0der, and dinopio for the idea for this cool trick
this tool erases your main fw, starting at 0x20000. you need this for the testpoint to work
you need a file called secpack matching your current firmware version in this folder
see http://iphonejtag.blogspot.com for instructions on finding this file
Waiting for data...
Got Header: 77 0b cc
zsh: bus error ieraser
To follow!!! But if you have a downgraded to 1.0.2 just get the files and follow the steps to unlock your baseband.
Originally Posted by thedolphin
You forget to upload the secpack or rename the secpack
Originally Posted by iphong
By craigp in forum PwnageTool
Last Post: 07-11-2008, 02:54 PM
By MostOfMymac.com in forum iPhone "2G" (Rev. 1)
Last Post: 01-27-2008, 05:03 AM