If you’ve updated your iPhone to OS 3.1.3 using custom firmware created with PwnageTool or Sn0wbreeze, you would probably know that even after preserving Baseband at 05.11.07 it’s not unlockable with BlackSn0w. BlackSn0w which is meant to unlock iPhone Baseband 05.11.07 (true for OS 3.1.2) but it cannot unlock iPhone 3GS and 3G on baseband 05.11.07 of when you’re running iPhone OS 3.1.3.
Update: UltraSn0w 0.93 is Out Now! It can unlock all basebands for iPhone 3GS and 3G. (Check the Updates at the bottom)
BlackSn0w is unable to unlock baseband 05.11.07 on firmware 3.1.3 because it locates a function to patch by searching the binary for reference to string “SIM is not supported” but in iPhone OS 3.1.3, the same function now uses the string “Verified”. Since the location to patch is determined by instruction search&replace, the patch itself still works in 3.1.3 after changing the string and its length in Blacksn0w binary.
To unlock iPhone 3GS and 3G running iPhone OS 3.1.3 Baseband 05.11.07 with BlackSn0w, simply follow the step by step instructions listed below.
Disclaimer: This guide is for educational and testing purposes only. Use it at your own risk.
Unlock iPhone 3.1.3 Baseband 05.11.07 with BlackSn0w
Install OpenSSH on your iPhone from Cydia. Then reboot your iPhone.
Connect your iPhone to your computer and close the iTunes.
Download WinSCP and install it. Run the WinSCP and provide the following details:
- Hostname: IP address of your iPhone. (Settings >> WiFi >> Tap the Arrow next to selected Network)
- User name: root
- Password: input your SSH password here. Default password is alpine
- Protocol: SCP
Detailed SSH guide can be found here.
Download Cyberduck for Mac and install. Run the Cyberduck and provide the following details:
Server: IP address of your iPhone. (Settings >> WiFi >> Tap the Arrow next to selected Network)
Password: input your SSH password here. Default password is alpine
Copy the System\Library\LaunchDaemons\com.apple.CommCenter.plist from blacksn0w.deb to /tmp/ directory on the phone, you’ve SSH’d into.
Copy it to /usr/lib/ directory on the phone.
Install the MobileTerminal from Cydia. Open the Terminal app and run the following commands to login as root.
- su root
Once you have logged in, enter the following command (yes it’s a single lengthy command)
launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist ; launchctl load /tmp/com.apple.CommCenter.plist ; launchctl start com.apple.CommCenter
Check if you get the Signals with unofficial Carrier SIM.
In case the test load fails, your iPhone will freeze. Wait 20 seconds and reboot it using (Power+Home) buttons combination.
if test load is successful, copy the com.apple.CommCenter.plist file from /tmp/ directory on the iPhone to /System/Library/LaunchDaemons/.
Reboot your iPhone. That’s it.
If you’re looking for iPhone jailbreak, we have already shared tons of guide on jailbreaking iPhone 3GS, 3G, 2G running iPhone OS 3.1.3 using RedSn0w, Sn0wbreeze and PwnageTool. You can jailbreak iPod Touch using our guides on RedSn0w 0.9.4, Sn0wbreeze and PwnageTool 3.1.5.
Jailbreak iOS 4.0
- How to: Jailbreak iOS 4.0
Unlock iOS 4.0
- How to: Unlock iOS 4.0