【教程】1.1.1降级解锁使用全部功能!- 使用SSH的方法
[color=Red]转载请注明作者[/color][color=Red][b]更新:原生机请用新版anySIM解锁,本贴仅用于修复由破解升级导致的砖头机。[/b][/color]
[b]操作前务必了解[/b]
1、这是早期的临时过渡方法,正确的方法请看[url=http://bbs.iphone.com.cn/thread-31998-1-1.html][color=Blue]【教程】修复IMEI错误[/color][/url]。
2、用这个方法后不能升级,如果要升级需要先修复IMEI错误。
[b]声明:这个方法我10月1号就知道了,只是不想公布而已。[/b]
有图为证:
[attach]107243[/attach]
以上声明纯属本人扯淡,切勿当真。。。。。。连我自己都不信,[url=http://bbs.iphone.com.cn/thread-30652-1-1.html][color=Blue]图片的制作方法看这里。[/color][/url]
[color=Blue]这个教程讲的是如何将1.1.1完全降级到1.0.2(包括Modem),可以把因升级而变砖的机器拯救回来。[/color]
[color=Red][b]成功后所有功能恢复正常,包括通话![/b][/color]。
[b]注释:[/b]
1、我分别为了不同目的测试过两次,把我可怜的屏幕有点问题的1.0.2升级砖头解放出来了。
2、这个方法没有修复anySIM导致的问题([url=http://bbs.iphone.com.cn/thread-30089-1-4.html][color=Blue]详情请看这个帖子[/color][/url]),真正解决还需要iPhone Dev Team的修复工具。
3、如果你不会用SSH,请看另一个[url=http://bbs.iphone.com.cn/thread-30430-1-1.html][color=Blue]不用SSH降级1.1.1解锁教程[/color][/url]。
[u]有没有原生1.1.1用此方法降级成功的?[/b]有网友报告说原生1.1.1用此方法不成功,用非SSH方法就可以,我不相信。[/u]
以下网友用本方法获得成功:
[quote]1. [url=http://bbs.iphone.com.cn/space.php?action=viewpro&uid=54991]本人 (砖头复活)[/url][
2. [url=http://bbs.iphone.com.cn/space-uid-94315.html]linht (砖头复活)[/url]
3. [url=http://bbs.iphone.com.cn/space-uid-97852.html]hendy258 (砖头复活)[/url][/quote].
[size=4][color=Red][b]不鼓励用原生1.1.1或者从没有破解过的1.0.2升级到1.1.1的机器来按此操作![/b][/color][/size]
[color=Red]不是因为降级后不能解锁,而是因为解锁后下次升级到1.1.1会出现IMEI变0049的问题。[url=http://bbs.iphone.com.cn/thread-30089-1-4.html][color=Blue]详情请看这个帖子[/color][/url]。[/color]
[b]适用对象:[/b]
所有1.1.1版机器。
[b]复活方法:[/b]
[b]1、取出iPhone中的SIM卡[/b]
在以下操作过程中都不需要卡。为了防止操作过程中意外进入待机状态,请将Settings->General->Auto Lock设为Never。
[b]2、降级固件[/b]
先把砖头机固件降级到1.0.2版,参看[url=http://bbs.iphone.com.cn/thread-29680-1-4.html][color=Blue]1.1.1降级教程[/color][/url]
[b]3、安装必要的软件[/b]
用置顶贴[url=http://bbs.iphone.com.cn/thread-29118-1-1.html][color=Blue]一步一步教程[/color][/url]激活降级后的机器,并用[url=http://bbs.iphone.com.cn/thread-29262-1-1.html][color=Blue]软件安装教程[/color][/url]安装下列包:
[quote]
BSD Subsystem
OpenSSH
anySIM[/quote].
[b]4、下载附件[/b]
[quote][attach]106825[/attach]
[attach]106826[/attach][/quote]
解压后得到一个目录reflash,包含如下文件:
[quote]ICE03.14.08_G.eep
ICE03.14.08_G.fls
bbupdater
ieraser
secpack[/quote]
用SCP把文件传到iPhone,放到一个目录中,我是放在/reflash中,以下以此为例
[b]5、配置好iPhone的WiFi[/b]
因需要通过WiFi以SSH登录,所以要保证iPhone的WiFi正常工作。
[u]注:在下面SSH的过程中,如果登录后输几个字母就自动退出了,是因为早期编译Shell的问题,请下载新版的Shell:
[quote]新版sh(实际上是bash,支持命令历史):[attach]107021[/attach][/quote]
解压后用SCP或SFTP放进/bin目录,然后重新登录就一切正常了。[/u]
[b]6、SSH登录到iPhone[/b]
用SSH登录到iPhone:
[quote][font=Courier New]ssh root@iPhone的IP地址[/font][/quote]
密码是:dottie,登录后为ierase和bbupdater添加运行属性:
[quote][font=Courier New]cd /reflash
chmod 755 ieraser bbupdater[/font][/quote].
[b]原生1.1.1的朋友如果想反悔,现在还来得及,只要作一次完全恢复就能回到原来状态,一旦执行下面步骤,下次升级到1.1.1将出现错误IMEI。[/b]
[b]7、降级Modem[/b]
在SSH输入下列命令(大小写要完全一样):
[quote][font=Courier New]launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist[size=2](回车)[/size]
./ieraser[size=2](回车,成功会看到很多行数字)[/size]
./bbupdater -f *fls -e *eep[size=2](回车,成功在最后不会出现Error字样)[/size]
launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist[size=2](回车)[/size][/font][/quote]
如果正确的话,完成后Modem已经降级,可以开始解锁了。
[b]8、解锁[/b]
运行anySIM重新解锁(参见[url=http://bbs.iphone.com.cn/thread-28661-1-2.html][color=Blue]软件解锁教程[/color][/url]的[color=Blue][b]第6步[/b][/color]),[color=Red]如果你对软件解锁的副作用还不清楚,[url=http://bbs.iphone.com.cn/thread-30089-1-4.html][color=Blue]请先看这个帖子。[/color][/url][/color]解锁完成后放进移动SIM,等待一会,会自动搜索到网络。如果搜索不到,重新启动,搞定!
[b]用Mac的网友[/b]
如果你使用iNdependence激活的话,请下载这个打过补丁的lockdownd:
[quote][attach]107373[/attach][/quote]
解压后放到:
[quote]/usr/libexec[/quote]
替换掉原来的文件,然后检查一下属性:
[quote]Owner/Group/Everyone都必须至少具备Read和Execute属性,如果不确定,就执行:[font=Courier New]chmod 755 /usr/libexec/lockdownd[/font][/quote]
检查无误后重启机器,可以解决Invalid SIM的问题。
[b]9、清理[/b]
经过解锁工作正常的机器,可以清理掉之前的那些软件了:
[quote][font=Courier New]rm -rf /reflash[/font][/quote]
之前用iBrickr或者Installer安装的软件用相应的方式卸载。
[u]最后说明:经过以上步骤,你的机器现在是1.0.2版(Modem 03.14.08_G)解锁过的机器了。[/u][attach]106826[/attach]
[[i] 本帖最后由 n000b 于 2007-11-2 13:11 编辑 [/i]] 8G IPHONE不残废了?呵呵! 这个沙发坐的爽,等着n000b的精彩后续。 smiley41.gif lao luan! DowngradingBaseband
How to Downgrade screwed up baseband 4.0 (after anySIM and 1.1.1 firmware upgrade).
UNBRICKING 1.1.1 UPGRADE
Here's the procedure to downgrade after you upgraded (by mistake) to firmware 1.1.1 on a anySIM unlocked iPhone.
HOW TO
0. Download iPhone 1.0.2 firmware from Apple Here
1. Change ipsw to zip then unpack it.
2. Extract the ramdisk file from it by typing
dd if=009-7698-4.dmg of=ramdisk.dmg bs=512 skip=4 conv=sync
3. mount the ramdisk by doubleclicking it (on mac). On windows use some HFS tools to peek inside it or get the files from someone who extracted it already.
4. Put your phone into DFU mode and do option-restore in iTunes. This will reflash everything to 1.0.2. You will get an error at the end because it couldnt reflash the baseband. You will end up with a yellow triangle.
5. Quit iTunes, launch iNdependence and quit it again, relaunch iTunes. Press the power button on the phone for 3-4 seconds. After like 10 seconds you end up on the activation screen.
6. Complete the Downgrade by Jailbreaking / Activating, Installing SSh on to the phone etc. There are tons of wiki's about that so I won't repeat. (probably also true for step 4,5)
7. Extract the baseband firmware and EEPROM files of 3.14 from the ramdisk of firmware 1.0.2. The files are named ICE03.14.08_G.eep and ICE03.14.08_G.fls and are located under /usr/local/standalone/firmware.
8. Get the Secpack of baseband firmware 4.0 (some people have that, I have no idea how they got it but its needed). I can't give that one out unfortunately. name it "secpack".
9. Download ieraser2 from [url]http://www.fink.org/ieraser/[/url] or from Geohot's blog.
10. Install all the tools on to the phone (i use the location /usr/local/bin)needed to get ssh access to the 1.0.2 firmware phone and upload ieraser2, the secpack, the firmware 3.14's FLS and EEP file and anySIM 1.0.2.
11. ssh to the phone. Stop CommCenter by typing:
launchctl remove com.apple.CommCenter
12. run bbupdater -v. it will tell you you run version 4.01 of the baseband.
(bbupdater is a tool by apple which is also on the ramdisk)
13. run ieraser2. This will WIPE your baseband, given a file "secpack" is in the same directory and this is a version 4 secpack.
14. run " bbupdater -v " again. it will not find any firmware now. 15. run " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " 16. run " bbupdater -v " it will tell you you run version 3.14 At this point in time you will still have a IMEI number starting with 004999... and its not of use yet. So still bricked but at least downgraded to version 3.14.
17. run anySIM Version 1.0.2 (note that older versions might not be good here as 1.0.2 has a lot of fixes for this kind of stuff).
Now you have a unlocked 3.14 baseband with IMEI being your original one! Congratulations you now fully recovered from your update 1.1.1 and are back to 1.0.2.
If you want to return to virgin state again you can stop the commcenter again and repeat " bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls " again to reflash the "locked" version of the baseband.
A tool automating all this is in the workings....
------------------------------------------------------
这个果然有效马?看来砖头的春天到咯 太棒啦!就等这个啦! N000B大侠就是NB handing 还是在谨慎观望,我是原生的1.1.1版本
期待原生1.1.1 UNLOCK 牛比,好!!!可以打电话了! 恭喜恭喜~~! n000b老大就是NB啊~~~~~这个要顶~~~~~ so cool... handing smiley64.gif [quote]原帖由 [i]quasimoto[/i] 于 2007-10-12 08:40 发表 [url=http://bbs.iphone.com.cn/redirect.php?goto=findpost&pid=124892&ptid=30428][img]http://bbs.iphone.com.cn/images/common/back.gif[/img][/url]
8G IPHONE不残废了?呵呵! [/quote]
现在变半残废了 -- 掉水里的后遗症,害我又买了一个。 happyness 救命啊!我的砖头怎么办哪??
我以前是破解好的8G,自己没事干,就升级到1.1.1
升级完了,后。。。。。。
现在就开不了机器了。。。怎么弄都开不了机器
SOS!!大哥,大姐忙帮啦smiley33.gif [quote]原帖由 [i]leowang008[/i] 于 2007-10-12 14:43 发表 [url=http://bbs.iphone.com.cn/redirect.php?goto=findpost&pid=125257&ptid=30428][img]http://bbs.iphone.com.cn/images/common/back.gif[/img][/url]
happyness 救命啊!我的砖头怎么办哪??
我以前是破解好的8G,自己没事干,就升级到1.1.1
升级完了,后。。。。。。
现在就开不了机器了。。。怎么弄都开不了机器
SOS!!大哥,大姐忙帮啦smiley33.gif [/quote]
先用1.1.1恢复到地球画面,然后降级处理。 3Q 3Q 等你很长时间啦 [quote]原帖由 [i]n000b[/i] 于 2007-10-12 14:31 发表 [url=http://bbs.iphone.com.cn/redirect.php?goto=findpost&pid=125248&ptid=30428][img]http://bbs.iphone.com.cn/images/common/back.gif[/img][/url]
现在变半残废了 -- 掉水里的后遗症,害我又买了一个。 [/quote]
哈哈哈 iphone 12G 亏你想得出来啊!!!! 这个要支持!!!!!! 难道真的只有我一个人用SSH来复活砖头吗?