Tag Archives: Unlock

[iPhone] 3G Runs Modified Baseband and Custom Tools

The iPhone Dev Team posted some news during the last days. First of all they show us they are able to run a modified 3G baseband, although it fails integrity checks (see picture). And obviously they coded a baseband tool that allows execution of custom commands on the baseband.

Their silent and evolving works seems to be succesfull. Both these steps are major steps into a custom unlock. Anyway we don’t have information how long it will take until the final unlock, but we expect it to be aired before Chrismas.

Picture and video is courtesy of iPhone Dev Team.

[iPhone] HowTo Activate and Unlock using QuickPwn 2.1

I. Abstract

This is a short HowTo since all of you by now know how to use QuickPwn, don’t you? in short: QuickPwn is an Après-Tool. Means: you let iTunes 8 do the update process and use QuickPwn afterwards to “open” your device. Note:

  • 2G iPhones can be jailbroken and unlocked
  • 3G iPhones can be jailbroken, but not unlocked
  • iPod Touch 1st generation can be jailbroken
  • iPod Touch 2nd generation can not be jailbroken

Our article will not cover the iPod Touch, but the iPhone.

II. Requirements

III. Warning

Jailbreaking and unlocking is illegal to be performed with iPhone devices that are part of a current agreement (mostly 12 or 24 months). You would violate your contract by jailbreaking and unlocking! Don’t do it.

  • If you’re updating: all your Cydia and Installer.app based applications will be lost and need to be installed again!
  • Make sure you make a backup of your data!

IV. Update iPhone firmware

  • connect your iPhone with your PC
  • start iTunes 8
  • choose your iPhone (under devices)
  • hold the shift-key (on your keyboard) and do a mouse-click on the Update Button – a file-open window will pop up like this:
  • locate the downloaded firmware 2.1 (named: iPhone1,1_2.1_5F136_Restore.ipsw) and open it
  • iTunes will begin to update your iPhone automatically





  • After having updated the iPhone will reboot. If you are using an already Pwned iPhone it will remain activated and unlocked, you only need to jailbreak.

IV. QuickPwning it :-)

  • Let your iPhone plugged to your computer
  • Close iTunes
  • Start QuickPwn 2.1-1
  • You will be greeted with the Device Detection screen, click the right-arrow to proceed:
  • on the next window, click the Browse button to locate your iPhone1,1_2.1_5F136_Restore.ipsw firmware:

  • QuickPwn will check if the firmware matches the version currently running on your iPhone and will allow you to proceed (click the right-arrow):
  • the next windows allows you to select, what you want to install. We recommend to install both Cydia and Installer.app. If your iPhone has not been unlocked until now, here you can also choose to simunlock it. As we are quite conservative: we never change the boot logos, but this seems to be a matter of taste. After having selected, click the right-arrow button to proceed.
  • For safety reasons, QuickPwn will remind you to leave your iPhone plugged to your computer, click the right-arrow button to proceed
  • Read and follow the instruction on this window very carefully! QuickPwn will help you counting!
  • After that, QuickPwn will take control and perform the following actions automatically:


  • When all the tasks have been completed, QuickPwn has finished.
  • Your iPhone will perform some more actions for the next few minutes. It will show it is changing the NOR and so on and will reboot then.

After having rebooted your iPhone will be perfectly jailbroken and unlocked

V. Final words

Guys, we hope we could clarify some more things here than others did. We appreciate your comments on this. Kudos to all of you and remember to consider our sponsors, they really got the coolest offers ;-) Kudos fly out to the iPhone Dev Team! Live long and prosper, guys.

[iPhone] Apple Sells Unlocked 3G’s in Hong Kong (update)

As of today Apple sells their new iPhone 3G factory unlocked in Hong Kong. The Apple Site explicitly says:

“iPhone 3G purchased at the Apple Online Store can be activated with any wireless carrier.”

Prices will vary from 5,400HK$ for the 8GB model (695US$ or 476€) and 6,200HK$ for the 16GB model (798US$ or 547€). This obviously is the end of Apple’s strategy of exclusive carrier linking of their iPhones.

We want to remind you that import taxes will apply when shipping from Hong Kong to either the US or Europe. So this would not be a bargain. You’d better wait a couple of weeks, probably Apple will apply this new selling strategy to other markets as well in the near future. Next step should be to license visual voicemail to any carrier worldwide and make it a standard in cell phone communication.

» Find more information on the Apple Hong Kong page
» See our iPhone 3G “Factory Unlocked List” list here (update)..

[iPhone] Windows QuickPwn 2.1 Released

Eventually the iPhone Dev Team released QuickPwn 2.1 for Windows. They really don’t seem to sleep never. It supports firmware 2.1. It jailbreaks, activates and unlocks iPhone 2G devices and jailbreaks iPhone 3G. It sadly still does not unlock iPhone 3G. Using is very straightforward. Kudos to the Dev Team :-)

» Download QuickPwn here (sha1 f8124d0e8f31f64ef3272de8fbc679e1dd1f93a7)

[iPhone] Workarounds for Issues with PwnageTool/QuickPwn for Firmware 2.1

We read all over the net and found some solutions to the most common issues that occurred. If you are kinda conservative user, we’d recommend not to update to firmware 2.1 and wait until a PwnageTool and QuickPwn update has been released. Since the iPhone Dev Team is reacting very fast, this should take only some days.

Known Workarounds:

Error 1600 and Error 6: restore with stock firmware 2.1, then QuickPwn (you may then put into restore mode and install custom IPSW, but it’s not necessary- credits to “HomeGrown”).

Error 1600: when Pwnage asks, if already pwned your device, answer NO, no matter if you pwned if before or not (credits to “Maurofoto”)

Error 1600: let iTunes download firmware 2.1 again (you may delete it from the local folder if you already downloaded it via iTunes. Folder on a Mac: ~/Library/iTunes/iPhone Software Update/), then exit iTunes, prep a custom IPSW using Pwnage, delete the iTunes downloaded firmware from the above mentioned folder again and copy your custom IPSW to that folder, but name it exactly as the original firmware was named (credits to “Markat”)

[ID1082] Was the information provided above helpful?

View Results

Loading ... Loading ...

[iPhone] Geohot’s new holistic iPhone Project: EDA

GeoHot just granted the world an insight into his current work project. It is called EDA and it almost looks like IDA (that btw also includes an iPhone debugger), but EDA seems to go a little further in case of simulator/dissassembler terms.

Geohot says the EDA simulator to:

  • include version control
  • allow graphical comparision between different versions of code
  • handle memory location as files
  • handle instructions as changelists

This concept he explains should make tracing of memory mapped IO processes “super easy”. But as GeoHot says: “Sadly, it’s still a work in progress. Maybe when its done, I’ll look for the 3G unlock.” Means: this tool is not available to the public, sadly.

Picture is courtesy of GeoHot.

[iPhone] PwnageTool Release Candidate 3 and QuickPwn Beta updated

Our beloved iPhone Dev Team yesterday released updated versions of QuickPwn for Microsoft Windows (now with improved Windows 64bit handling) and PwnageTool for MacOS X (fixes the permission issue, mentioned here). If you have PwnageTool installed yet, it should bravely auto-update.

We had no time yet to test neither the Windows version nor the Mac version. Firmware 2.0.2 is reported to be only a series of bugfixes. People report, their devices run a little smoother. If you don’t encounter problems running your current iPhone / iPod Touch firmware, we would not recommend to update right now. It is rumored Apple will the release stable firmware 2.1 in september.

» Windows QuickPwn RC3 Download here
» MacOS X PwnageTool 2.0.3.1 Download here (mirror here)…

a{e

[iPhone] PwnageTool Release Candidate and QuickPwn Beta available

Our fellow iPhone Dev Team is unrestingly working for the entire iPhone/iPod Touch community. The team today released a release candidate of their well known PwnageTool (version 2.0.3), that now supports firmware 2.0.2 5C1. PwnageTool 2.0.3 is only available for MacOS X.

Moreover they released another Beta of the QuickPwn tool. In contrast to PwnageTool QuickPwn lets you simply update your iPhone using the internal updater of iTunes. After that QuickPwn helps you to activate, jailbreak and unlock (only for iPhone 2G). QuickPwn is available for Microsoft Windows only. It is not recommended to use it in a virtual machine, since USB ports may not be running in real time.

If you are using your iPhone not only as a gadget, but as a productive device: we recommend to not use either PwnageTool Release Candidate or QuickPwn Beta right now. You may stick to iPhone firmware 2.0 or 2.0.1 for another week. Once the final version of one of the tools is available we’re gonna release a simple step-by-step tutorial.

Big shouts from Germany ;-) fly out to the iPhone Dev Team.

»  iPhone Dev Team: QuickPwn for Windows and PwnageTool for Mac

[Update] In forums people report problems with the mail authentication (Mail.app) after running Pwnage 2.0.3 RC. Although a manual solution for this issue is simple (have SSH installed and chmod 0777 /var/Keychains Shouts to Nettwerk), we don’t recommend to update now.

[iPhone] iPhone 3G Proxy Unlock Available in Germany (update)

Update July 27th, 2008: In their testing program Juma found issues with some european carriers using 3G technique. In contrast to other SIM proxy manufacturers, Juma does not want to sell solutions that don’t work 100% on either GSM or 3G/UMTS networks. Customers who had already ordered got full refund on saturday and sunday. Anyway: we heard Juma is researching these issues to come up with a solution as soon as possible

It finally seems to be true. We already reported that unlock specialists from Brazil and from Vietnam independently from each other announced they can unlock the new 3G iPhones using a proxy SIM solution. But nobody (at least in Europe) got such proxy SIM into their hands.

Anyway here seems to come the real deal: a working proxy solution hit the streets of germany as of today. It is called iPhonix and is manufactured by Juma FZE – a trading company located in Dubai. As initial offer iPhonix will cost 50€ (about 80US$), instead of 59€. Sadly the product page seems to be available in german only by the moment. We already ordered a product sample, but as we don’t have it yet: we can’t confirm, but the german Magazine MacBug does (see german article here). Update: This currently does not work with any german carrier!

On the following video you can see a white iPhone 3G running with german interface. The iPhone 3G is obviously carrier locked (most likely to the german T-Mobile D1 net). After inserting the iPhonix proxy it connects to the carrier of Dubai (Etisalat) – obviously roaming. Anyway this is not the best video to convince german customers. We’d better seen checking out a T-Mobile SIM and putting in an O2 or Vodafone card that does not work and then after using the proxy… You know what I mean… And where is the making calls… Anyway see their promotion video here:

[iPhone] iPhone 3G Baseband Bootloader 5.8 Dumped

Ta_Mobile of the Vietnamese hardware division GSMVN succeeded in dumping the baseband bootloader 5.8 of an iPhone 3G. Ta_Mobile has also dumped bootloader 4.6. Reverse engineering of the 3G bootloader will now begin to find possible exploits. Don’t expect anything soon, but this is great news anyway.

Congrats to Vietnam. Standing work, guys…

SANYO DIGITAL CAMERA