User Tag List

  1. Blastfurnace's Avatar
    Hey all,
    I have a 3GS that is unteathered JB at 4.3.3 and I want to be unteathered at 5.1.1.

    So which way should I go? or avoid?

    Not sure of my baseband but when I went to 4.3.3 I just let Itunes take me to 4.3.3 then Limerained.

    Not sure if I need to Redsnow or Absynth 2. I have SHSH on cydia for the last three years.

    If anyone could point me in the right direction I would be thankful.


    2012-10-28 06:58 PM
  2. xboxbml's Avatar
    Try using my little guid I typed up a few days ago... I'm assuming Cydia has ur blobs also stored...

    This is what I do on my 3GS... I think this works for a 4...

    I'm assuming you do not unlock. You will lose your unlock if you do this exact method.

    1. Download stock iOS 5.1.1 IPSW.
    2. Download redsn0w 0.9.14b2
    3. Run redsn0w as administrator in windows.
    4. Click Extras button.
    5. Click SHSH blobs button.
    6. Click Query button to see what blobs Cydia has for device.
    7. If Cydia has required blobs, Click Stitch button.
    8. Click IPSW button-browse for downloaded 5.1.1 IPSW file.
    9. Click Blobs-Cydia button to stitch remote Cydia stored blobs to IPSW.(or could do local if you have
    them local).
    10. Let Process and finish. It will take a few minutes.
    11. Click Back button-Click Pwned DFU to put in pwned DFU mode-follow onscreen instructions.
    12. Once in pwned DFU mode, close redsn0w, launch iTunes.
    13. iTunes will see device in "recovery" mode. Click Check button.
    14. Hold down Shift key, click Restore button. Browse to that stitched IPSW file
    you created.Select it.
    15.Wait for restore to finish as normal. JB as normal(or not)...Enjoy!
    2012-10-28 09:56 PM
  3. Blastfurnace's Avatar
    Error 3194. I guess I need to research further. now to try and get this out of DFU pwn

    ok so I tried it again and got a 1602 error and now I can't get it out of DFU. Tried tiny umbrella Fix recovery and nothing happened. Any ideas? I'm getting worried.

    Ok so I got it out of DFU by doing the hold power then home then release power and it rebooted. I'm frustrated and going to take a break from this before i really mess things up.
    BTW I tried to edit the hosts file and it said i couldn't save the edited file because of administrator privileges but I am the only user and my account is an Admin account. sigh . Oh well.
    Last edited by Blastfurnace; 2012-10-29 at 12:39 AM.
    2012-10-28 11:38 PM
  4. iYeow's Avatar
    To edit hosts file, click start and type Notepad , right click and choose admin privilege . Notepad open up and select open file and browse to hosts file. Make sure there isn't any reference to
    2012-10-29 06:41 AM
  5. Blastfurnace's Avatar
    Edited hosts file. Checked to make sure all apple references were gone. now I still get 3194 error.
    so to review I downloaded iphone2,1_5.1.1 9b206 restore IPSW
    I saved my shsh locally with tinyumbrella
    I have an old BR 3GS
    I deleted all Apple references in host
    One question is in the walkthrough it says "click IPSW" but which IPSW? There is a "select IPSW" and a "Custom IPSW".

    when I browse to the local SHSH i use iphone2,1 5.1.1

    when I do the enter pwn dfu I follow the on screen instructions and the phone seems to go into the mode a bit faster than the seconds counting down but the redsnow then says exploiting with limerain etc etc then it says "done"

    after I got the 3194 once I went back into redsnow and it said something about the phone was in softdfu at the bottom.

    Not sure what I am doing wrong or if I need to try a different procedure. but when I do the restore I click check and it comes back with the need to restore message when I do the shift restore it says verifying then pops the 3194.

    So thats my story.

    Any advice?


    Maybe I downloaded the wrong IPSW?
    Last edited by Blastfurnace; 2012-11-11 at 03:48 PM.
    2012-11-11 03:13 PM
  6. xboxbml's Avatar
    I think u have correct IPSW... When u browse to the IPSW u created it should be the custom stitched blob IPSW u created... iYeow...could not running as admin cause this?...I've been doing this for months with no issue.. I do sometimes have to try pwned DFU mode a few times before it actually takes...I keep holding the home button down until the exploit is successful, then I let go..

    That seems to help for me

    Sorry u r having such a problem...
    2012-11-12 03:42 PM
  7. Blastfurnace's Avatar
    I let go of the home button as soon as it said exploiting with lime rain.

    Now I see snowbreeze has an untethered JB for 6.0.1 on old BR 3gs. Not sure what to do.

    I'm pretty sure I don't want to let apple upgrade me to 6.0.1 because I think that changes my BB

    I am going to look into maybe going to 6.0.1 instead of stopping at 5.1.1 unless for some reason I should avoid that.

    I just hate feeling stupid. Everytime i learn one thing it shows me two more I don't know


    xboxbml, you sort of answered this concern in another post when you said 'bootrom never changes" but do you mean bootrom never changes when you use snowbreeze or redsnow? or do yo mean bootrom never changes even when you let apple do the upgrade?

    Last edited by Blastfurnace; 2012-11-12 at 07:20 PM.
    2012-11-12 07:15 PM
  8. iYeow's Avatar
    Since you have the old bootrom, why don't you restore to custom firmware of 6.0.1.
    Run Redsn0w or Snowbreeze to create a custom 6.0.1 ipsw, put iphone into pwned dfu mode and restore in itunes. No need Tiny Umbrella or Tss Server, just let apple verify your restore.
    Custom ipsw will preserve your bb.

    If you have 5.1.1 blob, then to restore to 5.1.1 follow this post #8
    Last edited by iYeow; 2012-11-12 at 08:05 PM.
    2012-11-12 07:47 PM
  9. Blastfurnace's Avatar
    iYeow, I was thinking the same thing about going to a custom 6.0.1 but letting apple sign it instead of stitching. Because I have been fighting to get a 5.1.1 stitched and installed. I get various errors from 3194 to 160x.

    I am currently downloading the IPSW for 6.0.1 and will snowbreeze it and see what happens.

    I wish I could have nailed down the 5.1.1 issue but just couldn't. I edited the host file about 20 times. Not sure what updates the host file but somehow I would edit it and something I did would put the apple info back in it.

    On another note I'm kinda surprised I have old BB. Everything that I run tells me I have it though. But back when I was at 3.something and wanted to go to 4.3.3 I was told "just let apple take you to 4.3.3 then run Limerain. Which I did and have been JB that way sinnce. I thought that changed my BB
    Last edited by Blastfurnace; 2012-11-12 at 08:23 PM. Reason: redsnow shoulda been snowbreeze
    2012-11-12 08:22 PM
  10. Blastfurnace's Avatar
    Another issue and this one looks bad.
    I did the snowbreeze and followed the instructions to do a custom 6.0.1
    Everything went as planned but when i did the shift restore it worked for a while and I saw the snowflake on the iphone then it popped an error 9 and now i have the usb +itunes logo

    Now went through the whole process again and I have the bar on the phone like it is loading something. When i went back through snowbreeze it said turn the phone off before entering dfu but I couldn't shut it down so I did the dfu anyhow and now it seems to be going in.

    Time will tell

    The end of a saga. It appears I'm at 6.0.1. Syncing now. When I got the error on the first go round I did what i said and put it back in dfu with snowbreeze and tried again and it worked. (So far)

    thanks to all of you genius' here for all your comments. and a big thanks to the brainyacks who develop the software to make this all possible.
    Last edited by Blastfurnace; 2012-11-12 at 10:45 PM.
    2012-11-12 09:53 PM
  11. 2k1's Avatar
    Another issue and this one looks bad.
    I did the snowbreeze and followed the instructions to do a custom 6.0.1
    Everything went as planned but when i did the shift restore it worked for a while and I saw the snowflake on the iphone then it popped an error 9 and now i have the usb +itunes logo and not sure what to try next.
    Any help would be greatly appreciated as i currently have no phone.
    Sounds like ya phone is in recovery mode just need to boot it out of there.
    2012-11-12 09:55 PM
  12. Blastfurnace's Avatar
    So I got 6.0.1 into my 3gs old BR. I had to because I couldn't get 5.1.1 to work, all I got was 3194 error. i wish I had 5.1.1 because things that worked on earlier versions don't work anymore. Like Mywi and kill processes in sbs settings.

    hopefully they update those apps cause if I have to try and get 5.1.1 to go i will jump off a cliff.

    Thanks everyone for everything
    2012-11-15 02:20 AM
  13. xboxbml's Avatar
    Sorry u couldn't get that to go... Not sure u were understanding the differences between bootrom and baseband...BR and BB respectively...bootrom never changes. Baseband can change. Bootrom is hardware boot program built into the device. Baseband is cell radio modem firmware which can be flashed during upgrade/downgrade(in some cases).. Many times with each stock iteration of iOS, there may be a baseband update, meaning the modem firmware version will change. This is the modem firmware the cell radio in the phone uses to talk to cell towers. Carriers don't like it when people find vulnerabilities in a baseband that allows unauthorized carrier unlocking. This is what allows use of iPhone on unauthorized carriers IE. tmobile instead of AT&T.. Anyway, sorry u couldn't get yours to work on 5.1.1..really weird if u actually have the blobs for it.. Like I said, I've been bouncing around between iOS 4.2.1-4.3.3-5.0.1-5.1.1-6.0-6.0.1 for quite some time...currently on 6.0.1 waiting for untethered...most likely going back to 5.1.1 again to wait..I miss old YouTube and maps app...and SBS n LockInfo..
    2012-11-16 02:46 AM
  14. Blastfurnace's Avatar
    Yeah I think I would like 5.1.1 better since Mywi and some SBS stuff doesn't work on 6.0.1 I wish I could find out why I keep getting the errors on Itunes. Should I run the tiny umbrella server when doing the upgrade/downgrade?

    I think everytime I run TU it changes my host file.

    I'm working to many hours now to spend a couple hours on my phone but when I get a break I'm gonna try again. Also now that i'm on 6 when I play MP3's it stops and starts and breaks up like the phone is overloaded.

    Thanks to you Xboxbml for your comments.
    2012-11-18 03:52 PM
  15. xboxbml's Avatar
    Yeah, u shouldn't use TU when downgrading here..

    I'm back on 5.1.1 again..
    2012-11-18 08:35 PM
  16. Blastfurnace's Avatar
    OK, I figured with the SHSH 'stiched' to the IPSW the trick is to not let Itunes go to Apple for a verify but I can't seem to stop it.

    When I open a CMD prompt and type--- Ping no matter what I do it pings

    but when I have the TU server running and ping it pings to which I think is TU's.

    Can't afford to experiment tonight cause if I screw up the phone I'm screwed for work reasons.

    To be clear your downgrade steps are the same right? Stitch my shsh to 5.1.1 with redsnow then pwnDFU then itunes shift restore?

    Why do we stitch anyhow? Did they do 'something' so that only stitching works?

    2012-11-18 11:07 PM
  17. xboxbml's Avatar
    Right, steps should be same..
    2012-11-19 05:28 PM
  18. xboxbml's Avatar
    shsh blobs are hashes of certain items on the phone, that and along with the particular IPSW version, those blobs/ hashes all have to match for that device in order for iTunes to restore that particular version... That's why they r so important and they r device specific...
    2012-11-19 11:36 PM
  19. Blastfurnace's Avatar
    I get that I was just wondering why we now use a stitch function instead of misdirecting itunes to find the shsh at the Cydia server or some other server.
    2012-11-20 12:01 AM
  20. xboxbml's Avatar
    Good question...not sure..
    2012-11-21 12:38 AM
26 12