Saturday, June 27, 2009

iPhone unlock in 7 easy steps

Tutorial: iPhone Unlock in 7 Easy Steps


iphone unlock downloadThe wait is over. For me that wait was painfully long as I bought an iPhone on launch day only to have to wait until just a few minutes ago to make my first phone call. I passed the time by following the exploits of the guys in #iphone.unlock on undernet who were brave enough to open their iPhone and apply George Hotz’s now infamous hardware hack. But the real juice was in unlocking your iPhone from AT&T without the need to open it. None of that would have happened without the hard work of many different people and groups inlcuding the iPhone Dev Team, the dozens of testers and code wizards in IRC (Daeken, geohot, zappaz, gray, guest184 etc), and of course the guys at iphonesimfree for discovering the buffer exploit that unlocked the phones to begin with. *Editor: This post was modified heavily to include a much more detailed iPhone unlocking tutorial. Read on!
So what’s done is done, and the iPhone is now truly unlocked and usable on any carrier, without having to open it. iUnlock was officially released by the iPhone Dev Team but it should be mentioned again that it was the work of well over a dozen dedicated people. Keep in mind that if you expect their to be updates to this stuff, you should make a donation to at least one of the groups I mentioned above.

Unlock the iPhone in OS X – 7 Easy Steps

I have all the files you need and a quick guide for performing the unlock on OS X below. A huge thanks to my Russian friend (guest184) in #iphone.unlock on undernet for putting the guts of this together before going to sleep. I just tested it and it worked fine for me on my iPhone here in Asia on Thai GSM and TRUE. I unlocked several more phones with others to verify the steps. If you need help post in the channel and I will do my best to assist, but I am no expert!
Before you Begin: Restore your iPhone to Apple factory settings and install the 1.0.2 update. This can be done by putting the iPhone into recovery mode. This is done by holding both the select and sleep buttons for 25 seconds while your iPhone is docked. Do this until it reboots and returns with a yellow sign reading: Connect to iTunes. Fire up iTunes. Choose Restore. To confirm your version, go to Settings > General > About > Version on the iPhone.
Warning: These tools are not perfect and while it is quite rare, it is always possbile to brick your iPhone when messing with the firmware, and file structure. Also be sure to set your Settings > General > Auto-Lock to Never. You’ve been warned.
Step 1 – Jailbreaking with iNdependence
You need to jailbreak your iPhone in order to write files to it. There is a lot written about this and it is pretty simple to do (1 click) but it often causes problems. A good tool for doing this is either iNdependence, or iFuntastic. iNdependence works best for me so that is what I will show here. The latest version of iFuntastic (v3.x) installed a lot of uneccesary stuff on my iPhone so I avoided it.
Jailbreak your iPhone
This tripped me up! iNdependence performed consistant jailbreaks for me but it asks for the iPhone firmware files. This is a 92mb download you can grab here. Now you need to rename this file .zip and then unzip it somewhere so you can point to it when iNdependence asks for it. As it’s running you should see this:
success
Step 2 – Activation
You need to activate the iPhone now. Again this is a 1 click solution from within iNdependence, and it will again ask for the iPhone firmware files from the last step. After some rebooting you should be activated and can now check out the iPhone interface etc. Easy so far!
Step 3 – SSH and Installer
Now we need some tools, specifially SSH installed on the iPhone. In order to do this you need to install installer.app from NullRiver. Others had success installing SSH right from iNdependence but sadly it wouldn’t happen for me.
Install AppTapp
Installer is readyInstaller really kicks ass and will open up a whole new world of iPhone apps you never knew existed. You will really be surprised at what is already available for free. Be sure to set up your wi-fi settings because Installer is so smart it just downloads stuff straight from the internet to your iPhone. Right now we are interested in installing the following in this order:


  • BSD Subsystem (v1.5 currently – adds some FreeBSD tools)



  • Community Sources (v2.5 – adds tons of community maintained homebrew apps, yay!)



  • Installer (v2.63 – Installs stuff!)



  • OpenSSH (v4.6x – allows us to SSH to the iPhone)


    • Alright if those apps installed okay you should be able to SSH to your iphone (user: root / password: dottie):
    ssh root@your.iphone.ip
    Change your password!
    Be sure and change the root password at some point – now is a perfect time:
    passwd root
    Step 4 – Copy the Needed Files
    Okay you can remove the SIM from your phone, we won’t need it until the end of the procedure. Now we need to copy some files from the zip I provided onto the iPhone and get hacking. You can simply do this step with any SFTP client like Transmit, whcih is what I did. Put the files from the zip onto your iphone into these locations, you will not need to create any folders:
    /usr/libexec/lockdownd
    /etc/termcap
    /bin/ice.fls
    /bin/nor
    /bin/iunlock
    /bin/bbupdater
    SFTP to the iPhone
    Step 5 – Hack the iPhone
    Login to iPhone via SSH and execute the following, everything should be cool but be sure to watch for errors. The NOR dump/patch will take about 20 minutes so grab some Corn Pops:
    chmod +x /bin/iunlock
    chmod +x /bin/bbupdater
    mkdir /usr/local
    mkdir /usr/local/etc
    /bin/launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
    iunlock ice.fls nor
    bbupdater -v
    NOR Dumping
    Step 6 – tweak the Modem Settings
    Now we need to tweak the modem a bit. Again in SSH run:
    minicom -s
    It will yammer about no config file found which is just fine. Select serial port setup, and change /dev/modem to /dev/tty.baseband, save setup as dfl, exit.
    config the modem
    You now should have intialized the modem and are dumped to a command line within minicom 2.2. You are so close now it’s not even funny. Type:
    AT+CLCK=”PN”,0,”00000000″
    and then
    AT+CLCK=”PN”,2
    Both command shoud result in an OK response from minicom.
    Step 7 – Dance Around the Room
    Reboot the iPhone and slap your SIM card in now. You should now be basking in the warm glow of having a fully unlocked iPhone. If not don’t despair. These tools are not perfect and not everyone pulls off the unlock on their first attempt (me included). If you have a problem, a restore and restarting the procedure over again can very likely yield different results.
    If you have difficulty you may also want to check out GeeZuZz’s excellent unlocking resource, the Hackint0sh forums, or jump in Undernet on IRC, #iphone.unlock for a live chat
    Posted by DVV & VVV at 4:18 AM
    Labels:

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)