Tuesday, February 12, 2008

Unlock OTB 1.1.2 and 1.1.3 (BL4.6)

UPDATE: All questions please go to Hackint0sh.

NOTICE: For bootloader 4.6 only. If you do try it on a bootloader 3.9, you will get these messages:

geohot's 112 otb unlocker...
Waiting for data...
Got Header: 77 0b cc
Bootloader version: 3.9_M3S2
Incorrect bootloader version

The following contents are basically from the instructions.txt bundled in the Geohot’s unlocking package. I made some modifications to make it more clear.

1. Downgrade Firmware

Put iPhone into DFU mode then use iTunes to downgrade firmware to 1.0.2 (there will be an error 1013 at the end which is normal).

Why downgrade to 1.0.2 ?
Because only on 1.0.2 the WiFi will be alive when CommCenter is shutdown, so you can use SSH which is more comfortable than operating directly on iPhone. If you prefer unlocking on 1.1.1, you may have to use Term-vt100 instead of SSH and enter the commands on iPhone and you may need to turn on Airplane Mode.

After the firmware downgrade, install the following packages:

BSD Subsystem

2. Get Files

Get these files:

Unlocking tool: OTB 1.1.2 & 1.1.3 Unlocking Tool
Baseband: ICE04.02.13_G.fls

Extract and put all files into a folder, say /unlock, on iPhone.

3. Unlock It

Now SSH login to iPhone, issue the following commands to unlock:

launchctl remove com.apple.CommCenter
cd /unlock
chmod 755 *
./gunlock secpack ICE04.02.13_G.fls
launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist

NOTICE: 1.1.3 unlocked with 04.02.13_G.fls as well.

What does this mean?
This means your modem is downgraded to 04.02.13_G after the unlock even if you were on 04.03.13_G before.

4. Jump Out of Brick Mode

If iPhone is in brickmode after the unlock, get the elite team bricktool From Here and use it to get out (bricktool d).

Enjoy your OTB 1.1.2/1.1.3 unlocked iPhone.

No comments: