HOW TO: Unlock a Jailbroken iPhone 3GS/4 running iOS 5.0.1
- iPhone 3GS
- iPhone 4
- iOS 5.0.1
Supported basebands (modem firmwares):
(How do I check my baseband?)
NEWS: As of Monday December 19 2011 ultrasn0w has received an update to support iOS 5.0.1. Therefore the tutorial below is obsolete. Happy unlocking!
1) Create a custom firmware that preserves the baseband with your favorite tool.
1.1) Windows users who are new to the jailbreaking scene could follow section A of ovidiu1305's tutorial.
2) Restore the phone using the custom firmware (Shift + Restore on Windows, Option + Restore on Mac)
3) Activate (or hacktivate) the iPhone and empty the SIM tray.
4) Download iFunBox for Windows, or iExplorer for Mac.
4.1) Mac users should install the following apps via Cydia:
- Hack&Dev Team Source (the repository containing iCommander; do not be alarmed if it throws a KEYEXPIRED error, you'll still be able to get iCommander)
- iCommander (our desired app)
5.1) iPhone 3GS owners should download this archive from here or here.
5.2) iPhone 4 owners should download this archive from here or here.
5.3) Extract the file(s) from the archive you've just obtained.
5.3.1) Mac users who have trouble handling .rar files should get an app such as RAR Explander.
6) Open iFunBox (or iExplorer) and gain access to the raw file system of the phone.
7) Navigate to the following directory:
System / Library / Frameworks / CoreTelephony.framework / Support /
8.2) iPhone 4 owners should delete the files named CommCenter and CommCenterClassic and replace them with the ones found in the archive from step 5.
9.1) Windows users should right-click the file(s) they have just added and set permissions to 0755.
9.2) Mac users should launch iCommander on their iPhone, navigate to the directory where the new file(s) are located, open the file(s) by tapping the blue arrow and set permissions to 0755.
The permissions in iFunBox should look like this:
Owner: R = Yes W = Yes X = Yes Group: R = Yes W= No X = Yes Others: R = Yes W = No X = Yes
11) Power down the phone, insert the SIM card, boot up.
12) Enjoy your unlock on 5.0.1!
12.1) If you're running Windows and you haven't already, I strongly recommend getting iFaith v1.4 and saving your 5.0.1 SHSH blobs, so you can always restore to 5.0.1, even when Apple stops signing it.
12.2) Mac users who got the KEYEXPIRED error can now safely remove the Hack&Dev Team Source repo (from the Packages section in Cydia) otherwise the error will pop up every time Cydia refreshes. You can also remove iCommander.
PS: If anyone provides links to tutorials for the actions taken in steps one and two, I'll be happy to integrate them into this post.
Last edited by iDonev; 07-12-2012 at 05:22 AM.
- 12-14-2011, 08:19 PM #2
- 12-14-2011, 09:02 PM #3
This phone is truly bricked. I renamed the file CommCenterClassic.rar and it just keeps cycling the apple logo, powering down and comming back to the apple logo. i have tried reinstalling the cusyom ipsw with my 6.15 baseband and doing a tethered boot with redsn0w 0.9.9b8. it comes up with unrecognized build.
- 12-15-2011, 01:41 AM #4
Sorry for the misunderstanding! You are supposed to extract the contents of the archive (I did that because iPhone 4 owners need to replace 2 files instead of one).
8.1) iPhone 3GS owners should delete the file named CommCenterClassic and replace it with the one found in the archive from step 5.
Last edited by iDonev; 12-15-2011 at 05:25 AM.
As to your iPhone: if it's still in a booting loop, try accessing the file system, delete the archive you've placed and put the correct file in its place (see my previous post).
Generally speaking iFunBox is more powerful than iExplorer, so if you have VMware, Parallels or BootCamp on your Mac, I strongly recommend sharing the USB port that's connected to the iPhone and using iFunBox.
Last edited by iDonev; 12-15-2011 at 05:02 AM.
- 12-17-2011, 03:43 PM #7
I will try to do it with my windows pc. I also tried to restore using iTunes which I think is a bad thing since I have baseband 6.15 installed. Keep up the good work. I have 6 iPhones in my family and this is the first one I have bricked. I think I was getting a little too comfortable and was going to files experts only should go to.
- 12-18-2011, 02:03 PM #8
- 12-19-2011, 01:05 PM #11iPhone Nanite
- 2 Posts
i fixed it
- 12-19-2011, 01:08 PM #12iPhone Nanite
- 2 Posts
thanks a lot
Thanks a lot. My phone was in locked mode for 3 month and just now i am able to use thanks to u. Also if someone has a problem with not letting change the permission then download it to your IDevice and launch it in ifunbox and the n u can put it to 0755
- 12-19-2011, 05:14 PM #13
- 12-19-2011, 07:44 PM #14
I've read mention that it's available in two repos:
There's one for the iPhone 4 and one for the 3GS.
This seems to be a lot easier than any of the other methods/fixes I've been reading about, to get Ultrasn0w working on iOS 5.0.1.
Note that it still only unlocks the same previously-unlockable basebands... nothing newer. If you updated your baseband when you installed iOS 5... then Ultrasn0w won't unlock for you. At least with an iPhone 4, you need to still have the original 01.59.00 baseband. And for the 3G/3GS, you'd need 04.26.08, 05.11.07, 05.12.01, 05.13.04, or 06.15.00.
That will take care of all the issues, and won't even need "Ultrasn0w Fixer" any longer.
Last edited by Fofer; 12-19-2011 at 07:50 PM.
- 03-05-2012, 09:03 AM #16iPhone Intermediate
- 141 Posts
I've fixed another 3GS by re-flashing iPad baseband & restoring to custom firmware but this one is giving troubles. This iPhone 3GS is new bootroom & it's a week 134 in 3rd, 4th & 5th digits of serial number. It's a friends iPhone that I believe the baseband is bricked & the only chance to save it is the process which deleted/replaces the commcenter files but this say's it's obsolete.
I've fixed every iPhone problem from jailbreaking, restoring, downgrading & unlocking but this iPhone 3GS searching/rebooting has me stumped!
Thx, in advance!
BTW it's an iPhone 3GS with iOS 5.0.1 & I "THINK" iPad baseban but not sure cuz last time I seen the settings it was blank beside "modem firmware" it had nothing there. I've never seen that before, anyone else?