HOW TO: JB and Unlock 3GS New/Old Boot on iOS4

[hare619]

No man I wish I had 3.1.3. I bought my phone stock with the newest firmware.
I wish there was some way that I can downgrade it or something but I guess I just have to wait for now.

 

[placebo]

After 6 hours of fighting with my iPhone 3GS which was on the stock iOS 4.0 upgrade (but luckily had 3.1.3 SHSH blobs on Cydia), I was able to successfully use this guide to obtain a jailbroken, unlocked, iOS 4.0 device.

Am I correct to infer you used your SHSH blobs to downgrade to 3.1.3 before following the procedure provided on the web page?

 

[b0sanac]

Am I correct to infer you used your SHSH blobs to downgrade to 3.1.3 before following the procedure provided on the web page?

you are correct.

 

[theringer]

This does NOT work.

Repeat.

DOES NOT WORK.

i have 3.1.3 shsh on file. JB with spirit. Old bootrom

everything in the guide works up until putting the 4.0 on the device.

at that point it will fail with itunes unknown error 2. This is with snowbreeze or pwnagetool.

Please stop spreading the crap as this DOES NOT WORK

EDIT -- NOTICE THE ONES SAYING IT DOES WORK ONLY HAVE 1 POST HERE?

not too hard for me to say something works, register another email and post it worked for me too.

 

[placebo]

EDIT -- NOTICE THE ONES SAYING IT DOES WORK ONLY HAVE 1 POST HERE?

not too hard for me to say something works, register another email and post it worked for me too.

You mean like your one post here?

The procedure certainly worked for me. I registered here only to confirm it worked because I wanted to let others with stock 3.1.3 on their iPhone 3GS know that they're not completely screwed.

Your running into an error doesn't mean the procedure doesn't work in general. It just means it didn't work for you. In the past, many of us have run into problems, like error 1600 or 1604, trying to install modified firmware onto iPhones. In fact, I did yesterday trying to install a custom iOS 4 an iPhone 3G. It's not exactly uncommon.

 

[peanutgallery]

I can confirm this DOES in fact work.

I'm through the worst of it, my iPhone 3GS was shift+restored to the custom iOS 4 ipsw and am currently setting it up as a new device, re-syncing apps as I write this. Before I re-synced it I tested a few of the cosmetic features, I had the folders, the rain-drop background, the fast app switcher bar, etc.

This was my set up:

iPhone 3GS running 3.1.3 jailbroken with Spirit with the baseband of 05.12.01 and the OLD bootrom while using iTunes 9.1.1.11 (maybe too many 1's, but either way the version immediately before 9.2).

By the time I'm typing this the initial sync is over and I definitely have a 3GS running a jailbroken iOS 4.

 

[laurenriya]

Oh man i tried it and got no luck..on astep 12.. will try it later..again..

 

[theringer]

Ok, i guess i get to eat crow

Got it to work finally, and heres the problem i ran into in the hopes it helps someone else

Ran thru the whole process exactly, but at the end i was getting itunes unknown error 2.

After pulling my hair out, i tried using snowbreeze 1.6.2

The error was being caused by using snowbreeze 1.6.1

Ya i said it didnt work earlier, but how many come back and admit?

 

[bobdole3141]

Ya i said it didnt work earlier, but how many come back and admit?

Credit where it's due, your backtracking has given me the confidence to try this now.

Edit:

Tried this. Got to the "type reboot and let iphone reboot" part, the iphone didn't reboot. I put it into FDU mode and tried to restore to custom 4.0 but itunes gave me a 1600 error.

I saw a few "use pwnagetool" fixes for that, but i don't have a mac I assume those people with a mac who fixed it used pwnage tool to create a custom 4.0 and didn't get a 1600 error when trying to restore to that firmware?

If that works, what's the chances someone with a mac wants to upload a pwnage tool'd custom 4.0 for us windows users?

That is, unless there's yet another fix.

 

[peanutgallery]

@bobdole3141 I'm pretty sure the iTunes 1600 error is caused by DFU mode.

If the iPhone didn't reboot what happened? If you don't see the "success" message in terminal then it never flashed. Did you copy all of the files to the /tmp folder? I think there was something like 16 total.

The final restore needs to be done on iTunes 9.2 and it's a simply shift+restore.

I did the whole process on windows vista.

 

[theringer]

Credit where it's due, your backtracking has given me the confidence to try this now.

Edit:

Tried this. Got to the "type reboot and let iphone reboot" part, the iphone didn't reboot. I put it into FDU mode and tried to restore to custom 4.0 but itunes gave me a 1600 error.

I saw a few "use pwnagetool" fixes for that, but i don't have a mac I assume those people with a mac who fixed it used pwnage tool to create a custom 4.0 and didn't get a 1600 error when trying to restore to that firmware?

If that works, what's the chances someone with a mac wants to upload a pwnage tool'd custom 4.0 for us windows users?

That is, unless there's yet another fix.

Make sure you are using snowbreeze 1.6.2 for the 1600 error

When you tried to reboot by command, did the previous command run ok?

 

[bobdole3141]

Make sure you are using snowbreeze 1.6.2 for the 1600 error

When you tried to reboot by command, did the previous command run ok?

(and the previous post)

Thanks for replying guys:

2 issues
firstly i actually copied all the files over, i'm as sure as i can be that all files were copied, no errors showed in the copying process. When i used ssh to flash, it said success. I rebooted by command, however when the phone went black, it stayed black. I gave it 10 mins trying occasionally to switch it on, after 10 mins i tried to get out of DFU mode however it just sat there. Then i plugged it into my PC, made sure it was in DFU mode, tried to restore to custom ios4 (just to see if it worked) but then i got the 1600 error and had to simply restore safely to a working firmware version.

secondly when i used 1.6.2 snowbreeze to make the ios4 custom firmware, snowbreeze crashed right at the end of making the firmware (window has stopped responding box popped up) but it appeared like it finished ok - i checked the file size against standard ones and figured i might take the risk, but i got the no reboot problem anyway, and then the 1600 error when i tried to restore to custom ios4.

---------------

So basically everything went smoothly until i command line rebooted, then it simply switched off (as it does when it reboots) but didn't switch back on again. I'll actually try it again just now and see if the same results. Gonna try and get a working custom ios4 first, though.

EDIT:
Now have a fully finished ios4 custom done, i'll let you know if i get the 1600/reboot issue again.

 

[bobdole3141]

(and the previous post)

Thanks for replying guys:

2 issues
firstly i actually copied all the files over, i'm as sure as i can be that all files were copied, no errors showed in the copying process. When i used ssh to flash, it said success. I rebooted by command, however when the phone went black, it stayed black. I gave it 10 mins trying occasionally to switch it on, after 10 mins i tried to get out of DFU mode however it just sat there. Then i plugged it into my PC, made sure it was in DFU mode, tried to restore to custom ios4 (just to see if it worked) but then i got the 1600 error and had to simply restore safely to a working firmware version.

secondly when i used 1.6.2 snowbreeze to make the ios4 custom firmware, snowbreeze crashed right at the end of making the firmware (window has stopped responding box popped up) but it appeared like it finished ok - i checked the file size against standard ones and figured i might take the risk, but i got the no reboot problem anyway, and then the 1600 error when i tried to restore to custom ios4.

---------------

So basically everything went smoothly until i command line rebooted, then it simply switched off (as it does when it reboots) but didn't switch back on again. I'll actually try it again just now and see if the same results. Gonna try and get a working custom ios4 first, though.

EDIT:
Now have a fully finished ios4 custom done, i'll let you know if i get the 1600/reboot issue again.

Yep, same error again. Everything went smoothly until i typed reboot into putty. Then it went black. Waited, but nothing happened. Plugged into my computer, itunes said it was in DFU mode. Tried to upgrade to custom ios4, but got the 1600 error.

 

[theringer]

Can you restore to 3.1.3 (do you have your shsh for 3.1.3)?

If yes, restore back to it, use iRecovery when you get a 1600 in itunes on the downgrade. It will tell you the commands, where you download it, not in the program itself.

After restored down, jailbreak with spirit (have to have a valid sim if you are an unlocker, meaning not on att)

Then instead of trying to use putty, use mobile terminal, it has you download it in step 2, to the phone, thats what i did, ran it on the phone in mobile terminal.

Now, for your windows error, what version? Windows 7? Did you run snowbreeze in compatability mode? I have xp and didnt have that problem.

Have you checked your boot rom? if so and i missed it, my appologies, im at work at the moment

 

[bobdole3141]

I am on the old bootrom.

I can get to 3.1.3 and jailbroken using spirit any time i like, in fact i'm there now. The first time i tried using mobileterminal, it said that i didn't have the correct permissions to chmod (wtf? i know..), so i tried it using putty and it worked nicely so i went with that.

I get problems when i type reboot, it goes black and stays black (because it's in DFU mode, i know that because if i plug it into the pc, it finds an iphone in recovery mode).

Then i thought "well, why not try it?" and try to restore to custom 4, whereupon i get the 1600 error.

My crashing problem is fixed though, thanks again for the reply!

 

[theringer]

The first time i tried using mobileterminal, it said that i didn't have the correct permissions to chmod (wtf? i know..), so i tried it using putty and it worked nicely so i went with that.

I get problems when i type reboot, it goes black and stays black (because it's in DFU mode, i know that because if i plug it into the pc, it finds an iphone in recovery mode).

For the permissions, did you type "su root" first and put in alpine for the password?

that might be why it goes into dfu mode, if the permissions werent right when it tries to run it.

You fixed it tho?

 

[bobdole3141]

I didn't type that, no. The guide didn't say it, so i didn't even know i wouldn't have root access from the phone i was using it from.

However, i dunno if this will solve the problem as, like i say, i managed to chmod just fine from putty so the permissions would be set.

But who knows? I'll try it now.

Edit:
Nope, phone switches off but stays off, and it's in DFU mode.

 

[placebo]

When you revert to 3.1.3, are you restoring just the firmware so you're starting clean, or are you restoring a backup as well? If it's the latter, try the former to eliminate the possibility of some quirk of your setup causing problems.

 

[bobdole3141]

It's clean, no backup saved anyway, but i do it as a new phone.

 

[bobdole3141]

It would appear that someone has made an error here. The people on modmyi forums say that this method (well, not the same link but exactly the same steps) will ONLY work on old bootroms.

Reading through the posts, i see successes all from people with old bootrom, and 1600 failures (same as mine) from new bootroms.

So hopefully i can save people a good deal of time here - this WILL NOT work if you're on new bootrom, and take that as a fact until someone posts otherwise. I've spent about 4 hours on and off today whilst doing some work, i've tried just about every little tweak or alternative crap i could think of, and regardless of what happens, confirmed by at least 2 others, old bootrom'ers will get stuck in DFU mode after the reboot step, and attempting to restore to custom 4ios will give a 1600 error.