Discussion in 'Jailbreaks and iOS Hacks' started by Monkeynuts*, Apr 20, 2013.

  Monkeynuts*

    Apr 20, 2013
    Hello everyone,
    Firstly I'd like to start by saying that I feel like the biggest idiot on the face of the earth. :mad: Not only am I quite "tech-savy", but I've rebuilt, taken apart and tinkered with most electrical gadgets under the sun. However, my latest ridiculous blunder has left me kicking myself. :(

    Basically, several years ago my brother gave me his iPhone 3GS which had been jailbroken to iOS 3.1.3 to use out here in Taiwan. (The iPhone is from England.) After several years and getting annoyed at not being able to download apps on iOS 3.1.3 etc, I decided to go on a contract out here and get an iPhone upgrade.
    Yesterday and completely failing to remember that the phone had been jailbroken/hacktivated in the first place, I decided that it would be a super-smart idea to go and connect my phone to iTunes and update the iOS to 6.1.3 :eek::mad::( (Yep, that's smart for you. Everyone laugh now!)

    Anyway, needless to say things didn't go well. At the moment my old iPhone 3GS is stuck on what I like to call 'The Grey Screen of Death!' It wants a valid sim. But, I have no idea what service provide my brother used in the U.K. and to be honest I have no interest in calling the U.K. from here too.

    Can I use redsn0w or TinyUmbrella with a SIM card from Taiwan to "reactive/downgrade" my iPhone? I do have iOS 4.1. and 6.0 saved to blobs. Will that help? (The reason I ask this is because I have the programs downloaded, but haven't used them before.)

    I really don't want to turn my phone into a glorified iPod. It defeats the purpose of the phone function. I've read around this site and threads, but I couldn't find anything specific.

    I really can't get over my stupidity... :confused: If anyone has anything constructive to aid me in my plight, I'd be most grateful.

    Regards to all,

  darricksailo


    Dec 18, 2012
    You can use sn0wbreeze to make a firmware package that hacktivates for you. 6.1.3 is a tethered jailbreak, just so you know
  Monkeynuts*

    Apr 20, 2013
    Reply to darricksailo

    Hi darricksailo,
    Thank you very much for your reply. :) I have heard of Sn0wbreeze too, but this can only be used on PC's, correct? I do have a laptop lying around so it's not a problem.

    I am very new at this, so I would appreciate anything you guys can give me. I know with all things like this you need to be calm and patient. So I will take my time and work through this. However as mentioned, I am a beginner and I would really appreciate a guide on how to do this from the more experienced of you here on this forum.

    I know I could read around, but then I get frustrated by the different ideas/arguments and would prefer to centralise the process here. I know from previous experience of using MacRumors, that this is the place to be. :rolleyes::D

    I will post back the process here for others to see, once I've cracked this! :cool:


  Monkeynuts*

    Apr 20, 2013
    SIM Unlock

    Hi darricksailo,
    I have a few other questions:

    If I use my SIM card from my current iPhone and run Sn0wbreeze using my 3GS. Will that unlock it? Will I then still be able to use my SIM card on my newer iPhone and then use any SIM card in my jailbroken iPhone 3GS?

    I know this is kids play to some of you, but we all have to start somewhere and I'm not too keen of screwing up two iPhones in one day! LOL :D


  darricksailo


    Dec 18, 2012
    correct, sn0wbreeze can only be used on windows OS.

    first you would download the 6.1.3 ipsw firmware for the 3GS: http://appldnld.apple.com/iOS6.1/091-2371.20130319.715gt/iPhone2,1_6.1.3_10B329_Restore.ipsw

    download sn0wbreeze (v2.9.14)
    click browse for an ipsw (choose the 6.1.3 ipsw you just downloaded)

    now click expert mode. click on general and click next.
    check the box that says "Activate the iPhone [Hacktivate]". then just click next until you come back to the menu screen. now click on "build ipsw" and click next. it will make the custom firmware for you

    after it is done, i believe it'll help you put the device into pwned dfu mode which is required to restore using that custom firmware. once in pwned dfu mode, open itunes, shift + click restore on the custom firmware and voila, the device will be hacktivated

    unlock and jailbreaking is completely different. look up ultrasn0w in cydia and if your phone's baseband is one of those in the description, you can use ultrasn0w to software unlock the device

    this is for 6.1.3 but if you should want to restore to 5.1.1 for an untethered jailbreak, it will be slightly different, but not that crazy different
  Monkeynuts*

    Apr 20, 2013


    6.1.3 ipsw firmware for the 3GS ✓
    sn0wbreeze-v2.9.14 ✓

    Do I need the SHSH blob too? In Tiny umbrella I have the blobs for iOS4.1 and 6.0. I also have the the ipsw firmware for those too. Is it worth a downgrade? Anyway I shall attempt this in an hour or so, I need to leave to do so other gadget shopping. Thanks again and I shall post the results up here later.

    If anyone else has any other useful information for me, please be kind enough to leave it.

    Regards everyone,

  darricksailo


    Dec 18, 2012
    if you're doing 6.1.3, you don't need any SHSH blobs. your 6.0 ones are most likely invalid so if you want an untethered jailbreak, 4.1 is your only option.

    you can not restore to an OS version that you don't have shsh blobs for
  Monkeynuts*

    Apr 20, 2013
    Hey darricksailo - This is what I got: "Missing Keys.plist data"

    Firstly, thanks for everything! :D Everything you told me went fine until iTunes told me to wait for my phone to boot up again after the rebuild. Instead my 3GS got stuck in the :apple: logo loop. After reading around online, I tried a reboot from redsn0w (latest addition) which told me that I was: “Missing Keys.plist data for this build”.

    Though I am now a little stuck at this point, I am happy with just how far I've come along. I even managed to find out that my iPhone 3GS has the newer ROM version [iBoot - 359.3.2]. Which it need to have to make this all possible.

    However, I have read online that anything later than iOS 6.0.1 for a 3GS will encounter this problem. So I've read that I should use iOS 6.0.ipsw only? Is that right, or nonsense?

    Many thanks agin for your kind help,

  darricksailo


    Dec 18, 2012
    As of right now, if you use redsn0w and need to specify an ipsw, you need the 6.0 version. I'm not too sure why it's getting stuck at the apple logo. I remember reading somewhere about the missing keys.plist thing but never really took note
  Monkeynuts*

    Apr 20, 2013
    Ahhhh... scratch that!

    :rolleyes: Yeah, sorry. It says not to make a new build and start again, but to use redsn0w to boot using iOS6.0 ipsw.

    I'll try that first and then post back later.


  Monkeynuts*

    Apr 20, 2013
    Get in!!!

    Tried a couple of times using redsn0w and the iOS 6.0 ipsw build to boot my phone. After a while I got the famous pineapple and just as you said it "voilà" my iPhone booted back up as a new, factory reseted phone. I checked in 'About' in settings and the firmware had indeed been broken to iOS 6.1.3!! Awesome! :D:rolleyes:

    However, now it says that the carrier is "Not Available", as mentioned before, using the phone to me is important, so I'd love to be able to now solve that riddle.

    If you let me know what to do next, I'll go back through Cydia and find that information you asked about earlier.

    Many thanks again, my dignity has been restored..... just a little bit! :rolleyes:

  Monkeynuts*

    Apr 20, 2013
    What now???

    Just tried to turn off my phone and then restart it. iTunes said the phone was still in recovery? Strange, seeing as I was able to use the phone and it was working?! Anyway. When I turned it off, the phone would not boot back up?...:confused:

    Anyway, tired now and off to bed.

  darricksailo


    Dec 18, 2012
    it is a TETHERED jailbreak. you need redsn0w or some other program to "just boot" your device if your device turns off and you want to turn it back on

    as i said before, check if your baseband is one of the ones compatible with ultrasn0w


    it doesn't show you any carrier because your device is not factory unlocked, it previously relied on a software unlock
  novice121

    Feb 15, 2013
    Ok, follow me on this one, I was in FAR worse deep in trouble on my 3GS, to only a black screen (previously white/grey for a while) that only responded to a black screen in DFU mode and nothing more, and was not recognized by any PC. I tried every tool mentioned here, and nothing worked, and people would just tell me to get out of DFU mode manually which helped very little since I already knew how to do that easily with my eyes closed (manually). My only extreme solution that wasn't mentioned anywhere in this forum was to disassemble the device completely to disconnect the battery from the motherboard to cause a 'true' hard reset... none of that holding the home and power button crap.

    If you can actually see the Apple logo, then you are actually better than me, so It's fixable.

    Assume that is better to try all of this on different systems. I tried A LOT of stuff on 3 different machines with Windows 7, 8, and XP... after a lot of trials, and repeated trials on all settings possible (different USB inputs, formatted all systems with no antivirus, admin priviliges on all of them, etc..), oddly enough, only the old PC with XP worked for me.

    First off, find out if your 6.0 blobs are actually valid (doubt it), download the latest Redsnow for Windows from here:
    Download the 6.0 IPSW and 4.1.1 IPSW from here:
    4.1.1 is still being signed on the 3GS so you don't really need blobs for it, but you are still going to submit blobs for it to cydia.

    Connect your iPhone to a USB port (preferably a back port on a desktop), don't open iTunes.

    Open Redsnow (as Admin if you use Windows Vista/7/8), go to 'Extras' 'SHSH blobs' 'Submit', and submit your 6.0 blobs to cydia. If it fails, do it again to double, and triple check. Click 'Query' to see if you get lucky and actually already have 6.0 blobs on cydia, or 'verify' to see if the 6.0 blobs you say you have are valid or not.

    If it fails again, download iFaith from here:
    Opens it as admin and click on 'Show available SHSH caches on server'. It will probably only find 4.1.1 blobs, but still, download them and upload them to cydia just to be sure... if it finds valid 6.0 blobs, even better.

    whether you have 6.0 or 4.1.1 (for sure), you'll either downgrade to one of those, preferably anything above 5.1.1 to be honest.

    Don't use Redsnow to restore, use it as a last resort. Use iFaith and iTunes, or Tinyumbrella and iTunes to do it (on windows, check that your 'hosts' file is clean of the Apple IP adress, or Google on how to remove gs.apple.com from your hosts file just to be sure)

    Open iFaith, and create a Custom IPSW with whatever blobs you have, then use the "Use DFU PWNER", or use the PWNED DFU mode on Redsnow just to be in PWNED DFU mode, then open up iTunes, hold Shift + click Restore, and give it the Custom IPSW you created... warning, I had to create that IPSW twice to work on a lucky guess.

    Once you restored to whatever firmware you can, I strongly recommend that you DO NOT use that old redsnow software unlock. You are far better off with a permanent factory unlock which is cheap these days (don't pay more than 5 U$D).

    To do that, first make sure your device was manufactured before week 45 of 2009, go to settings, look for about info, and the serial number of your device.

    The third digit indicates the year, and the fourth and fifth indicate the week, so if my serial number is XX926XXXXXX, it means week 26 of 2009, so I'm good, if the third digit is not 9, then you're screwed. from week 40 and below it's all good, but from week 40 to 45 it's a 50/50 chance. I was week 43, and it cause a bad brick on my phone which I recovered from with luck and patience, and was actually able to flash the BB (baseband), and factory unlock later.

    Anyways if you're good, then just follow this guise to downgrade your baseband to version 05.13.04 (which is the one you want for factory unlock):


    Tip: most people told me to downgrade from the iPad baseband directly, but I had to upgrade to the ipad baseband first, and THEN downgrade from it... you can also jailbreak at the same time as you do that, even tough I like Evasion a little more than Redsnow, since it caused me problems jailbreaking this particular device.

    Tip2: for whatever reason, many times Redsnow would not want to jailbreak or exploit my device with limerain, saying things like :this doesn't support untetehred bla bla" or "missing p.list" or whatever... I looked up a lot of info, but I ended up solving it on my own easily by choosing "Back" on whatever error it gave me, and choosing the "Jailbreak " option again, this time successfully. You you to do it in the same instance though.

    Tip3: If for whatever reason you are able to jailbreak but cydia acts weird, or you restart your device and becomes an annoying tethered jailbreak for whatever reason, just use the "Just boot" option in Redsnow, go to Cydia, and look for " Rocky Racoon" in it to get a true untethered jailbreak. DO NOT try Evasion then, or anything crazy or you will brick the device.

