1. mike_smith's Avatar
    First off sorry for the long post

    I purchased an iPhone4 from ebay and it arrived today in the original box and with the accessories still sealed in the apple store bag. It was sold as "Jailbroken and Unlocked" (software unlocked I assume since it said AT&T on the auction page).

    I turned the device on only to find the phone has a passcode and the seller has not given it to me. I requested it via message 24 hours ago but have yet to here from him so I am still waiting.

    I'm not sure what IOS is on here, but its not 4.1 since dialing ### and pressing call doesn't get to the phone book. So I assume it's on 4.01 since he said it was unlocked.

    So I've been reading a lot and from the looks of it my only option is to do a firmware restore from DFU mode. My biggest fear is that in the process I will upgrade the baseband currently on the iphone which would make it useless to me since there is no unlock for iPhone 4.1 on the latest baseband.

    Now my question is can I restore to a stock 4.01 from within iTunes if I've already downloaded iPhone3,1_4.0.1_8A306_Restore.ipsw?
    If so will this preserve the current baseband that can be unlocked afterwards?

    If the current IOS is 4.02 and I restore with the above file to 4.01 what will happen?

    If I can't do either of the above would I need to use a cooked 4.1 image that has the baseband upgrade removed?

    Thanks for taking the time to read that all and your response is appreciated
    2010-11-05 09:16 PM
  2. dotFIVE's Avatar
    Update to 4.1 via custom firmware (created by PwnageTool - if you don't have a Mac, you'll need to find a 4.1 custom firmware created by a trustworthy source and then use the latest redsn0w and point it to the downloaded 4.1 custom).

    Custom firmware removes the baseband update so you will be left with a fresh, newly upgraded phone that's able to be unlocked.
    2010-11-05 09:43 PM
  3. Mes's Avatar
    ^^+1 Use a custom build firmware to preserve the baseband. In fact, always use a custom firmware unless you are absolutely sure what you're doing.
    2010-11-05 09:52 PM
  4. mike_smith's Avatar
    Thanks alot for the feedback guys. Cooked 4.1 it is then Unfortunately neither myself or friends have a mac although I think I could use one at work if nothing on my windows pc will do the job...

    I read about sn0wbreeze for windows...Can it do the same thing as PwnageTool and can it be trusted?

    Is redsn0w just used to restore the custom firmware generated above?

    Can't you restore the custom firmware from iTunes while holding shift and browsing to the custom firmware file? Or is that where Apple's SHSH Signature Server thing comes into play where the firmware is not verified by Apple?

    Thanks again for your input! I appreciate your responses in educating me
    2010-11-05 11:29 PM
  5. Mes's Avatar
    ^sn0wbreeze is a bit dated, pwnagetool 4.1.2 does a better job and highly recommentded.

    PwnageTool or the (new Redsn0w but only for the DFU part) IS required to get into DFU mode.
    shift/click/select custom ipsw w/iTunes loads it.

    Don't worry about 4.1 SHSH blobs at the moment because Apple is signing 4.1.
    2010-11-05 11:36 PM
  6. dotFIVE's Avatar
    Thanks alot for the feedback guys. Cooked 4.1 it is then Unfortunately neither myself or friends have a mac although I think I could use one at work if nothing on my windows pc will do the job...

    I read about sn0wbreeze for windows...Can it do the same thing as PwnageTool and can it be trusted?

    Is redsn0w just used to restore the custom firmware generated above?

    Can't you restore the custom firmware from iTunes while holding shift and browsing to the custom firmware file? Or is that where Apple's SHSH Signature Server thing comes into play where the firmware is not verified by Apple?

    Thanks again for your input! I appreciate your responses in educating me
    If you can't use your Mac at work (you don't even have to do the entire process, just cook the firmware and once it's done, transfer it to a USB flash drive or something so you can install it on your PC at home through redsn0w), you'll have to find a custom firmware somewhere. Make sure someone trustworthy is providing the firmware though!
    2010-11-06 02:43 AM
  7. i.Annie's Avatar
    Well sn0wbreeze doesn't work on iPhone 4.

    You can update to 4.1 with TinyUmbrella's TSS server running to preserve the baseband. Then use Limera1n or Greenpois0n to jailbreak. Ultrasn0w in Cydia to unlock.

    Pwnagetool is a good way to go, but I don't trust other people's custom fw. It's best to make your own. But since you don't have a Mac, it's very easy to just download a 4.1 ipsw (go to felixbruns.de to get it) then shift+restore while the TSS server is running. I've done this and it preserves the baseband.
    Last edited by i.Annie; 2010-11-06 at 02:51 AM. Reason: Automerged Doublepost
    2010-11-06 02:51 AM
  8. mike_smith's Avatar
    Thanks for the feedback guys, I've decided I will got the PwnageTool and RedSn0w route. I've read many comments about people restoring official 4.1 with TinyUmbrella which has hung half way through the update, which means the only fix is an official restore from Apple which will update the baseband. I would rather remove the baseband update altogether with PwnageTool.

    If I use PwnageTool and RedSn0w I will not need iTunes at all will? Redsn0w will do the restore for me?
    2010-11-06 08:04 AM
  9. iYeow's Avatar
    No, you don't use Redsn0w to jailbreak, you use it only to get you into DFU mode, once you are in DFU mode, Itunes will ask you to restore, then you do the Shift + Restore to the Custom firmware created by Pwnage tools.
    2010-11-06 08:35 AM
  10. mike_smith's Avatar
    Ok thanks so if I can put the iPhone into DFU mode myself, and I have a custom 4.1 ios cooked by pwnage tool, I won't need redsn0w at all?

    Also why does Apple allow us to restore to a custom 4.1 ios cooked by pwnage tool? Surely it doesn't match the checksums and all the rest on the Apple servers?

    Thanks
    2010-11-06 08:47 AM
  11. iYeow's Avatar
    Apple doesn't , the is a special dfu which opens up it's backdoor to restore custom fw

    If you have a Mac , then you don't need Redsn0w
    Last edited by iYeow; 2010-11-06 at 10:24 AM. Reason: Automerged Doublepost
    2010-11-06 10:24 AM
  12. nebo1ss's Avatar
    No you cannot put the phone in dfu yourself, you must use redsn0w to do so. Part of the exploit is done during the redsn0w dfu. Do it manually and u will get 1600 error.
    2010-11-06 03:45 PM
  13. mike_smith's Avatar
    Ahh I see. Thanks for that nebo1ss. I didn't know that, thought I could just hold the power button and home button combo myself It's all making sense now So...

    Step 1 is to get hold of a mac for a few minutes and run pwnage tool to generate the custom ipsw without the baseband upgrade.

    Step 2 is to take that custom ipsw to my windows pc and put the iphone into DFU mode with Redsn0w.

    Step 3 is to restore that custom ipsw with iTunes by holding shift and click restore then selecting the custom ipsw.

    That sound correct? Thanks to everyone for your help
    2010-11-07 10:37 AM
  14. iYeow's Avatar
    Yes, that is correct.
    2010-11-07 07:40 PM
  15. nebo1ss's Avatar
    One thing to note on your point 2. You do not point redsn0w at the custom IPSW
    it will not recognize it, you point it at standard 4.1. ipsw. Do not worry about this, no update is done at this stage only the DFU.
    2010-11-07 08:06 PM
  16. mike_smith's Avatar
    One thing to note on your point 2. You do not point redsn0w at the custom IPSW
    it will not recognize it, you point it at standard 4.1. ipsw. Do not worry about this, no update is done at this stage only the DFU.
    Ok cool so I point it to the official 4.1 which just gets passed the first screen then I select "Just enter pwned DFU mode right now" then follow on screen instructions then switch to itunes to restore the custom ipsw?
    2010-11-07 08:42 PM
  17. dotFIVE's Avatar
    Ok cool so I point it to the official 4.1 which just gets passed the first screen then I select "Just enter pwned DFU mode right now" then follow on screen instructions then switch to itunes to restore the custom ipsw?

    You got it man! You'll be a few moments away from freedom.

    Sent from my iPhone using ModMyi
    2010-11-07 09:07 PM
LINK TO POST COPIED TO CLIPBOARD