1. shadow25's Avatar
    Isn't my iPhone, so I'll post what I know until I get it tommorow.

    iPhone 3GS - New bootrom - No SHSH on File w/ Cydia

    My friend got this one from a kid using AT&T, and it was on 3.1.2. It was never jailbroken, and when he got it, Apple wasn't signing 3.1.2 so there was no chance to backup SHSH files.

    Unlock is important, as he uses T-Mobile.

    So when Spirit was released today, he used it on his already jailbroken (through blackra1n) phone. It is now stuck in a bootloop.

    So far, he has left it connected to his computer with BlackRa1n running till the battery died, and it never booted.

    I've read some conflicting information, so I'm a bit confused. I haven't restored a 3gs since Apple was signing 3.1.2 (and I backed mine up)

    1) From what I've read, there is absolutely no way to bypass the SHSH verification without backup.

    2) I've read that Pwnage Tool does NOT work on a 3GS New Bootrom. I've also read it does, so I'd like some direct input.

    3) Has anyone recovered a bootlooped iPhone with iRecovery? last time I tried, it didn't do anything!
    2010-05-04 08:34 AM
  2. dhamien's Avatar
    1. Correct.

    2. Correct, custom firmwares (sn0wbreeze, pwnagetool) does not work on new bootrom phones.

    3. Don't know. But from initial reports, there's no way to save a phone that has been blackra1ned and then spirited.
    2010-05-04 04:52 PM
  3. shadow25's Avatar
    Here is iRecovery

    Last login: Tue May 4 14:11:38 on ttys000
    Laptop:~ admin$ su
    Password:
    sh-3.2# /irecovery -s
    iRecovery - Recovery Utility
    by westbaer
    Thanks to pod2g, tom3q, planetbeing and geohot.



    =======================================
    ::
    :: iBoot for n88ap, Copyright 2009, Apple Inc.
    ::
    :: BUILD_TAG: iBoot-636.66
    ::
    :: BUILD_STYLE: RELEASE
    ::
    :: USB_SERIAL_NUMBER: CPID:XXXX CPRV:XX CPFM:XX SCEP:XX BDID:XX ECID:XXXXXXXXXXXXXXXX IBFL:XX SRNM:[XXXXXXXXXX]
    ::
    =======================================

    [FTL:MSG] Apple NAND Driver (AND) RO
    [NAND] Found Chip ID 0x3E94D72C84 on FMI0:CE0
    [NAND] Found Chip ID 0x3E94D72C84 on FMI0:CE1
    [NAND] Found Chip ID 0x3E94D72C84 on FMI1:C8
    [NAND] Found Chip ID 0x3E94D72C84 on FMI1:CE9
    [FTL:MSG] FIL_Init [OK]
    [FTL:MSG] BUF_Init [OK]
    [FTL:MSG] FPart Init [OK]
    read new style signature 0x43313133 (line:375)
    [FTL:MSG] VSVFL Register [OK]
    [FTL:MSG] VFL Init [OK]
    [FTL:MSG] VFL_Open [OK]
    [FTL:MSG] YAFTL Register [OK]
    [FTL:MSG] FTL_Open [OK]
    Boot Failure Count: 15 Panic Fail Count: 0
    Delaying boot for 0 seconds. Hit enter to break into the command prompt...
    HSInitPartition: 0x4ff82600
    Kernelcache image not valid
    Entering recovery mode, starting command prompt
    setenv auto-boot true
    ] saveenv
    /exit
    Closing USB connection...
    sh-3.2#
    Doesn't change anything. But I noticed after it said "Entering Recovery", it nosmally says something like (RECOVERY)$iPhone - for entering commands, but it didn't show anything

    BlackRa1n just kills the phone (turns it off)

    printenv does nothing.. Is there something wrong with my iRecovery?
    Last edited by shadow25; 2010-05-04 at 11:26 PM. Reason: Automerged Doublepost
    2010-05-04 11:26 PM
  4. dhamien's Avatar
    Is there something wrong with my iRecovery?
    iRecovery isn't supposed to be a fix-any-kind-of-error program.
    2010-05-04 11:44 PM
  5. shadow25's Avatar
    Yes, I know that. But if printenv doesn't work, which it normally does, is that a problem with the iPhone, settings or iRecvoery?
    2010-05-05 04:44 AM
  6. mavrik101's Avatar
    I had the boot loop problem on one of my 3gs. I finally got by it with this:
    blacksn0w crashes 3.1.2 firmware 05.11.07 baseband 3GS, no shsh on file (Solution) extechblog

    I used custom firmware to restore. This wont go thru apple's servers for verification, and wont upgrade your baseband.
    Last edited by mavrik101; 2010-05-05 at 08:54 AM.
    2010-05-05 08:50 AM
  7. dhamien's Avatar
    I had the boot loop problem on one of my 3gs. I finally got by it with this:
    blacksn0w crashes 3.1.2 firmware 05.11.07 baseband 3GS, no shsh on file (Solution) extechblog

    I used custom firmware to restore. This wont go thru apple's servers for verification, and wont upgrade your baseband.
    Unfortunately, the OP can't use that as he has the new bootrom.
    2010-05-05 10:51 AM
LINK TO POST COPIED TO CLIPBOARD