Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

Person has reverted iPhone firmware: The KMAC Method

compuguy1088

macrumors 6502a
Original poster
Sep 3, 2007
883
14
In the Sub-Basement of Solitude
Note: This does not downgrade the baseband, only the firmware!

There is someone on the Hackint0sh forum that has found a way to revert to a previous firmware (but not the baseband). This seems to be verified. I'll update this when its appropriate...

This process has been dubbed the KMAC Method:
footsie77 said:
...should give credit to kmac and whoever is succesful using this should thank this guy...
...i'm still on 1.0.2., now i know there's something we can do just in case i take the plunge...
name this method as officially: THE KMAC METHOD:)
http://www.hackint0sh.org/forum/showpost.php?p=68776&postcount=92


http://www.hackint0sh.org/forum/showthread.php?t=9016
Link note: post linked is locked

There is also a page on the iPhone Dev Wiki of this as well:
http://iphone.fiveforty.net.nyud.net/wiki/index.php/Downgrade_from_1.1.1_to_1.0.2



Here are the instructions:
sparx said:
Updated the steps:

These instructions currently only work with iNdependence on the Mac. It will unbrick you iPhone -but- will not restore cellular service, only wifi.

Here are the steps:

1) Make sure you have a copy of the 1.0.2 firmware handy in ipsw and decrypted form
2) Reboot iPhone holding top (power) and home buttons *BUT* release the top button 10 seconds into it (right after the screen goes dark)
3) The iPhone screen will appear to be off, but start iTunes (latest version worked for me on the Mac)
4) Option+Click restore and select the 1.0.2 firmware ipsw
5) The phone will restart and error out at the end with an unknown error 1013, this is expected
6) Restart iTunes and let it get to the screen that says you have an invalid SIM
7) Launch the latest iNDpendence
8) Jailbreak the phone using a decrypted 1.0.2 (it will flash all sorts of error, but stick with it)
9) Activate the phone
10) It will show the SIM error but you should be able to get back in

I installed AppTapp afterwards along with the BSD subsystem and SSH, all working over wireless only.

So far, bbupdater will not revert the firmware.

Originally posted here: http://www.hackint0sh.org/forum/showpost.php?p=68829&postcount=107

The General has done this, and posted as well the steps he has done:
Confirmed. It works. I'm back in business. :)

The only thing I'm going to miss is the bluetooth headset battery indicator. :(

Here's what I did:

1. Plug iPhone in and sync iPhone, then close iTunes
2. Hold the Home button and power button until the screen goes black (around 8 seconds for me), release the power button but keep holding the home button.
3. iTunes will reopen when it detects the iPhone in recovery mode.
4. Holding ALT (on Mac, dunno in Windows) click Restore and choose the 1.0.2 firmware in ~/Library/iTunes/iPhone updates
5. It will restore, and throw an error message when it's done. Unplug your iPhone and close iTunes.
6. Download AppTapp 3.1 installer and run it, plug your iPhone in. It will not work, but it will take the iPhone out of recovery mode.
7. Open iTunes and sync your phone from the backup created in step 1.

Some notes:

The reports of wifi not working are wrong, mine works fine.
When I go to Settings -> General -> About it says my modem firmware is 04.01.13_G and that my "Version" is 1.0.2 (1C28)

This works, believe it. I did it, you can to. :D

Here is the steps of how to do this with the PC:
Flash31 said:
Thanks to a great find by KMAC, WE ARE NOW ABLE TO DOWNGRADE OUR PHONES!!!! I just wanted to make a simple guide for people with PC's to follow

Start iTunes and plug in your 1.1.1 phone

In 1.1.1, hold Power and Home buttons and count 10 seconds (your phone will turn off, just keep counting), release the power button but continue to hold the home button until your phone is recognized by iTunes. (phone screen will be blank)

A message will pop up and ask you to restore your iPhone. Holding down the SHIFT key, click on the restore button. Navigate to your 1.0.2 software
(http://appldnld.apple.com.edgesuite...70821.vormd/iPhone1,1_1.0.2_1C28_Restore.ipsw)

Begin restoring...

When it's done, you will get an ERROR, click OK. Your phone should show a yellow triangle. Leave iTunes running and run AppTap.

AppTap might encounter an error as well, however, it will bring your phone to the Activation screen. Once again, start iTunes, ignore all messages from it, and run AppTap. Now it will jailbreak your phone and install Installer. (You may have to retsart your PC after arriving at the activation screen if iTunes isn't recognizing your phone)

Simply use iASign or whatever you use to bypass activation.

Your phone is now back to 1.0.2.

(I am using iTunes 7.4.3.1)

WI-FI, calls, everything fully functional!

Posted here originally: http://www.hackint0sh.org/forum/showthread.php?p=68724


On the Hackint0sh Fourms, someone has claimed to of downgraded the baseband, this was the process this person used (This has not been confirmed):

pspsully said:
<SNIP>

6. Reflash Old Modem firmware using Putty.

(Elaborated)

Install SSh on Iphone using installer.app ot ibrickr or whatever you want. In ibrickr, i created a new folder called unlock, in this folder i uploaded bbupdater, ICE03.14.08_G.eep and ICE03.14.08_G.fls.

I then used Putty to connect to the iPhone and ran the following commands,

chmod +x bbupdater
launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist
./bbupdater -f *.fls -e *.eep
launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist

After doing this i got an error saying failed to download fls image, could not verify or something like that. I restarted the iPhone and did the same thing again, the exact same commands as above and this time got no error.

7. Just use the Unlocking method of your choice, i used iBrickr and anySIM1.02

Thats it!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Original Thread: http://www.hackint0sh.org/forum/showthread.php?t=9027
 

sananda

macrumors 68030
May 24, 2007
2,528
236
first you wanted that thread locked, now you're directing traffic to it!!
 
Comment

compuguy1088

macrumors 6502a
Original poster
Sep 3, 2007
883
14
In the Sub-Basement of Solitude
first you wanted that thread locked, now you're directing traffic to it!!

Oi, because there are more and more people that are claiming this as true....it wasn't until it reached a certain point that this seemed more interesting. It could be a dead end, or it could be actually verifiable. I'm just posting it, for discussion. You cannot blame initial skepticism of this when others have though to of done this, though this thread wasn't deleted at that point.

Unless they can prove it, and if not, then this is a useless thread, and should be locked....
I quoted specifically here, that if they could prove it, than that thread was not useless. If it cannot be proven, then it should be locked. There seems to be multiple claims of it working, so it seems more possible than bunk, for the moment.
 
Comment

sananda

macrumors 68030
May 24, 2007
2,528
236
just thought you were a bit harsh on him. although not as harsh as the person who told him he was not welcome.
 
Comment

ejrizo

macrumors 6502
Jun 26, 2007
302
6
Los Angeles
reading the thread over there now and seem as its succesful :) now for the dev team to take this info and make it a one button process or something with a nice GUI lol... but i dont think i want to downgrade ... im ok with 1.1.1 especially since we figured out how to upload custom ringtones... but i would love to have the option to be able to do it. :) you know just in case :) lol
 
Comment

The General

macrumors 601
Jul 7, 2006
4,825
1
Confirmed. It works. I'm back in business. :)

The only thing I'm going to miss is the bluetooth headset battery indicator. :(

Here's what I did:

1. Plug iPhone in and sync iPhone, then close iTunes
2. Hold the Home button and power button until the screen goes black (around 8 seconds for me), release the power button but keep holding the home button.
3. iTunes will reopen when it detects the iPhone in recovery mode.
4. Holding ALT (on Mac, dunno in Windows) click Restore and choose the 1.0.2 firmware in ~/Library/iTunes/iPhone updates
5. It will restore, and throw an error message when it's done. Unplug your iPhone and close iTunes.
6. Download AppTapp 3.1 installer and run it, plug your iPhone in. It will not work, but it will take the iPhone out of recovery mode.
7. Open iTunes and sync your phone from the backup created in step 1.

Some notes:

The reports of wifi not working are wrong, mine works fine.
When I go to Settings -> General -> About it says my modem firmware is 04.01.13_G and that my "Version" is 1.0.2 (1C28)

This works, believe it. I did it, you can to. :D
 
Comment

badtzmaru

macrumors 6502
Jul 1, 2007
472
2
OK so will this work on an iphone that hasn't been unlocked? I am a bit confused. I have 1.1.1 on an iphone i've had since day 2.
 
Comment

ejrizo

macrumors 6502
Jun 26, 2007
302
6
Los Angeles
Confirmed. It works. I'm back in business. :)

The only thing I'm going to miss is the bluetooth headset battery indicator. :(

general if i remember correctly you were on att the legit way right? was your phone unlocked before you did this and also how did you do it on the mac? with app.tapp?
 
Comment

The General

macrumors 601
Jul 7, 2006
4,825
1
general if i remember correctly you were on att the legit way right? was your phone unlocked before you did this and also how did you do it on the mac? with app.tapp?

My post has been updated. I didn't unlock my phone, I prefer AT&T and have a legit AT&T iPhone data contract.
 
Comment

badtzmaru

macrumors 6502
Jul 1, 2007
472
2
thank you guys for the info. Does it matter which itunes version? I have 7.4.1 on the Mac.
 
Comment

badtzmaru

macrumors 6502
Jul 1, 2007
472
2
OK, im going to try with itunes 7.4.1.. I have an AT&T contract iphone so here I go!!!
 
Comment

ejrizo

macrumors 6502
Jun 26, 2007
302
6
Los Angeles
is the firmware set at 04.01.13 that general stated normal? shouldnt it be different? ... seeing as the 1.1.1 firmware is the same? anyway i guess the main question is can you get installer.app on the phone?
 
Comment

Fast Shadow

macrumors 6502a
Feb 9, 2004
617
1
Hollywood, CA
If you are someone that has successfully done this rollback, can you please answer the following questions?

After rollback is your IMEI correct or "0049"?

What version is your baseband firmware reporting as (starts with 3 or starts with 4)

What version is your main firmware reporting as (1.0.2 or 1.1.1)?

I'm trying to get an idea of what the rollback does to unlocked phones.
 
Comment

thomas040

macrumors regular
Jan 5, 2007
124
240
New York
but does this mean

that I can go buy a 1.1.1 iPhone... revert it, and UNLOCK it still?
or are we still missing downgrading the modem?
 
Comment

compuguy1088

macrumors 6502a
Original poster
Sep 3, 2007
883
14
In the Sub-Basement of Solitude
Comment

The General

macrumors 601
Jul 7, 2006
4,825
1
If you are someone that has successfully done this rollback, can you please answer the following questions?

After rollback is your IMEI correct or "0049"?

What version is your baseband firmware reporting as (starts with 3 or starts with 4)

What version is your main firmware reporting as (1.0.2 or 1.1.1)?

I'm trying to get an idea of what the rollback does to unlocked phones.

IMEI is correct, I dunno how to get the baseband firmware, it says 1.0.2, and in iTunes it says 1.0.2.

How do I get the baseband firmware?
 
Comment

ejrizo

macrumors 6502
Jun 26, 2007
302
6
Los Angeles
IMEI is correct, I dunno how to get the baseband firmware, it says 1.0.2, and in iTunes it says 1.0.2.

How do I get the baseband firmware?

maybe im wrong but isnt that just the firmware?

what you stated is the version... for example 1.0.2

if thats the case go to settings/general/firmware and see what it says even tho you already said what it was earlier...

anyway do you have installer .app running tho? and everything seem ok?
 
Comment

arn

macrumors god
Staff member
Apr 9, 2001
15,589
4,237
Need a clarification.

If you take a stock (AT&T locked) 1.0.2 iPhone and upgrade to 1.1.1, and then downgrade the 1.0.2. Does the GSM/phone still work?

arn
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.