Unlock your iPhone, iPhone 3G and iPhone 3GS!
This website contains lots of information and tutorials about how to unlock and get the most out of your iPhone, iPhone 3G and iPhone 3GS. Thanks to the iPhone Dev Team, elite team, Installer.app team, geohot and all others involved in the iPhone hacking scene!
Get access to our new iPhone unlock tutorials!
Need help to repair or unlock iPhone or iPhone 3G? In cooperation with UnlockShop.us we have put together the easiest solution for anyone who wants to unlock their iPhone, iPhone 3G or iPhone 3GS 3.0. Very easy to follow tutorials with email support if you have any problems or question about iPhone. Read more about our iPhone unlocking services here!
Accidentally upgraded your iPhone, and made it unusable?
Our guide also covers repairing of phones that got locked ("Slide for emergency") after upgrade.
New! Unlock iPhone 3G and iPhone 3GS SIM-lock!
Now our tutorial also covers how you can unlock iPhone 3G and iPhone 3GS!
iPhone firmware 3.1 for iPhone, and new iPhone 3GS announced!
The iPhone and iPhone 3G firmware v3.1 will be released sooon. As always, do NOT upgrade to the new 3.1 firmware before you have assured that it's possible to unlock and jailbreak it.
If you have the old first generation iPhone you will most liekely be able to upgrade and unlock later, but if you habe iPhone 3G or 3GS, WAIT!
iPhone/iPhone 3G firmware 2.2.1 is released and pwned!
November 23rd: The 2.2 firmware for iPhone and iPhone 3G has been released by Apple. iPhone Dev Team have released their latest version of PwnageTool, making it possible to unlock, jailbreak and activate the original iPhone. iPhone 3G is not possible to unlock, only jailbreak and activate. If you have the 3G iPhone and are waiting for unlocking possibilities it's strongly recommended to not update, since your baseband will be upgraded which reduces the chance of an eventual unlock to work.
iPhone 3G unlock solution for 2.2 firmware released!
The iPhone Dev Team have now released the iPhone 3G unlock solution. The application is called yellowsn0w and can be installed using cydia and Installer. It will unlock iPhone 3G with version 2.2. If you don't have version 2.2 you must upgrade first in order to unlock it. If you need help, you can always use our sponsor's very easy iPhone unlocking guides.
Status on unlocking and jailbreaking iPhone 3G and 2.2.1 firmware
iPhone 3G and the 2.2.1 firmware is now released. The iPhone Dev Team have released the newest version of Pwnage tool, making it possible to activate and jailbreak the newest firmware. Owners of the old iPhone will also be able to unlock their phone. The new iPhone 3G is not possible to unlock at the moment.
Jailbreak/Quickpwn new iPhone 2G and iPhone 3G firmwares
Winpwn 2.5 beta is released. It supports jailbreaking (using quickpwn method) of these firmwares: 2.0, 2.0.1 and 2.0.2. For the old iPhone unlock is also supported. Unlocking of iPhone 3G is not possible, but it does jailbreak iPhone 3G firmwares so that you can use Installer and Cydia. I will update the webpage as soon as it's possible to unlock iPhone 3G.
1.1.4 is released! Supported in newest version of ZiPhone!
I've teamed up with Zibri and i'm proud to present my latest Windows user interface for ZiPhone! This application will jailbreak, unlock and activate any version of iPhone extremely fast and easy!
To download, click the image below and then click "Download ZiPhone" (Mac version also available)
If you get error "The application failed to initialize properly (0xc0000135)" you need to install .NET Framework 2.0. Problems, tips for improvements etc. can be posted here
NOTE: The info below is outdated. In most cases you would rather upgrade to 1.1.4 and use ZiPhone.
How to jailbreak, activate and unlock iPhone with 1.1.1
This tutorial assumes that your iPhone has firmware version 1.1.1. If you are unsure, here is how to check: On the emergency dial screen dial *3001#12345#* and tap Versions. Firware version should be 04.01.13_G. If it's 03.14.08_G you have v1.0.2 and need to update it to 1.1.1 first. Read here first if you previously unlocked your phone.
Bypass activation and prepare phone for software installation
- Make sure you have a SIM-card with PIN turned off, and power on your phone (the supplied AT&T card works fine).
- On the activation screen, slide for emergency and dial: *#301# to make the phone call itself. (If the incoming call dialog quickly disappears but it keeps ringing, just dial 0 (remove *#301# first), and it will call itself)
- Answer the call, and tap on Hold
- Phone will call it self again, tap Decline. You will now be returned to the normal dialer.
- Tap on contacts, and tap the + icon to add a new. The only info you are going to add to this contact are two URL's. To add a URL, tap Add new URL. The first URL is prefs followed by a colon: prefs: and the second is i.unlock.no. Tap Save.
- Your contact now has two "web pages" - tap on the first one (prefs:). This will take you to the settings dialog. The reason you want this, is because you need to connect to a Wi-Fi network, so tap on Wi-Fi, and get connected to a network, and make sure the icon on top of the screen is indicating that you are connected. While you are in the settings dialog, you should also set: General → Auto-Lock → Never.
- Now, press the home button, and again, slide for emergency dial 0, Answer the call, Hold and Decline the new call so that you get to the contacts. Tap on your contact (No Name), and this time tap on the other home page, i.unlock.no
- Safari will launch and show you a webpage. Tap on Tap here to jailbreak your iPhone
- Phone will return to activation screen and after a few seconds the phone should restart.
- If the phone does not restart after waiting a full minute, please make sure that you have your phone connected to the computer and try again.
- When the phone starts again, it should no longer say slide for emergency, but rather Slide to unlock It means it was successfull! Activation is now bypassed, and phone prepared for software installation! (If you are going to use an AT&T SIM, you won't need to do the next step.)
Unlock the SIM-lock on jailbroken 1.1.1
- Open installer, and install the update if prompted.
- Go to sources and tap Edit and Add
- Add this URL: http://i.unlock.no
- Tap Done and then Refresh
- Go to Install (at bottom) and scroll down to the Unlocking Tools category and install AnySIM
- When installed you can press the home button, and you will find a new AnySIM icon on your home screen. Launch it and follow the instructions.
- The unlocking process will take about 5-10 minutes, in the end it should say it was successful!
- To clean up your phone, launch Installer and uninstall AnySIM. Then go to Settings → General → Auto-Lock and set it to a prefered value.
Congratulations, you are done!
How to jailbreak 1.1.2 or 1.1.3.
Regardless of whether you want to use 1.1.2 or 1.1.3 firmware, you must start with a jailbroken 1.1.1. Downgrade instructions are available here and Jailbreak for 1.1.1 here. When done continue reading here. Note: even if you want to use 1.1.3, you need to upgrade to and jailbreak 1.1.2 first. You should also unlock your 1.1.2 before upgrading.
Upgrading to 1.1.2
- On a 1.1.1 phone, open Installer and install OktoPrep located in the Tweaks 1.1.1 category.
- Download the 1.1.2 firmware file from Apple: iPhone1,1_1.1.2_3B48b_Restore.ipsw (right click link and save target)
- Connect your phone to your computer and open iTunes on the "summary" page.
- Hold down the SHIFT key (Windows) or Option/ALT-key (Mac) on your keyboard while clicking on the Upgrade button (not the restore button!). A file browsing dialog should appear, and you must select the firmware file you downloaded in the previous step.
- While the phone is upgrading, download the 1.1.2 jailbreak archive and extract the files to your computer.
- If you don't already have Java on your computer, you need to download and install Java runtime first. If you are unsure, check the jailbreak.jar file in the archive you extracted previously - it should have an icon with a coffee cup
- When your phone is done upgrading, and shows the Slide for emergency screen, you need to launch the jailbreak java application on your computer. Windows users double click on the windows.bat file, while Mac users can double click on jailbreak.jar file.
- An application should appear, with a "Jailbreak" button - click on it and wait while it's jailbreaking. This will take a few minutes, and your phone will restart a few times at the end.
- Your phone should now show "Slide to unlock" instead of emergency. If it does, everything was successfull.
If are going to use TurboSIM or a similar SIM-adapter you don't need to unlock - it should work right away. If your phone did not have 1.1.2 when you bought it (old bootloader), you can unlock it to work with any sim-card. To do so, install anySIM 1.2.1u located in Utilities category. Open Settings enable Airplane Mode (very important!) (and set Auto lock to never if you haven't already) and then you can launch anySIM and follow the instructions shown.
Important: 1.1.2 has a bug that causes phone/SMS to crash when used in foreign countries. To fix this, you must Install and run iWorld found in the Tweaks (1.1.2) in Installer. Run the application and select your country. When phone has rebooted you can uninstall iWorld.
Upgrading to 1.1.3
This requires that you already have jailbroken 1.1.2. Open Installer, and Install Official 1.1.3 Upgrader found in the System category. This will download the entire 165MB firmware over Wi-Fi, patch it, and upgrade your phone automaticly. So it may take some time - normally 10-30 minutes. When done your phone should reboot directly to a jailbroken 1.1.3 firmware.
A few tweaks
- [1.1.1] If you want to enable the International menu, install Enable International menu which is found in the Unlocking Tools category. This will let you choose keyboards, and set your phone to use your prefered regional settings, like date and phone number formatting. Be alerted though - it looks like Apple haven't finished this feature completely yet (which is probably why it's deactivated) so there may be some issues. In my case Fahrenheit and Celsius is mixed up in the Weather application for instance!
- [1.1.1] By default, the EDGE settings found in Settings → General → Network → EDGE are not saved when phone is restarted. To fix this, install EDGE Settings fix which is found in the Unlocking Tools category..
- If YouTube does not work ("You must first connect to iTunes..."), try to install YouTube activation which is found in the Unlocking Tools category. Also make sure that the phone has correct date.
- If you for some reason need to deliver your phone to Apple (service etc.), i recommend that you revert the unlock first so that they (hopefully) can't see it's been unlocked. Install OneSIM which is found in the Unlocking Tools category, and tap on the new icon it creates to run it. After you are done, do a restore in iTunes.
Frequently asked questions and problems
Nothing happens after i visit jailbreakme.com
Make sure your phone is connected to the computer. Try to use i.unlock.no instead of jailbreakme.com.
How can i upgrade a new unactivated phone?
Just put it in recovery mode, and it will automatically restore to the latest firmware. It might be safer to manually download and select the 1.1.1 firmware.
How do i upgrade, downgrade or restore the phone firmware?
To enter recovery mode, connect the phone to the computer and press and hold the Power button (on top) and the Home button (on bottom front) simultaneously. After about 15 seconds phone will appear to turn off, release the Power button but keep holding the Home button. After about 15 seconds the computer and iTunes will detect the phone in recovery mode, and you can perform a restore. IMPORTANT: If you just click the restore button, it will restore it with the latest firmware. It's much safer to manually select firmware instead. If you want to manually select a different firmware you can hold down SHIFT key (Windows) or Option/ALT-key (Mac) when clicking the Restore button, and it will let you choose firmware file. Download the wanted firmware here (you would normally want 1.1.1).
Note: If you downgrade the firmware you will get an error when restore is complete, and phone will be stuck in recovery mode. To get it into normal mode, run AppTapInstaller.exe (or iNdependence if your're on a Mac).
My phone is already unlocked - can i update to 1.1.1?
Not straight away! The old unlock software's (before anySIM 1.1, except iphonesimfree.com's software) had serious flaws, making the phone unusable in later firmware. Before you update your phone you will need to repair your phone by "virginizing" the phone (baseband) firmware. Below are the ultrasimple instructions
How to "Virginize" the iPhone to repair the baseband?
Ignore all long and complex tutorials - I have set up a fully automatic script that will repair the baseband. This script will work on any baseband version, but will not work on phones with new bootloader (out of the box 1.1.2). It will not run on 1.1.2 firmware either, you need to downgrade to 1.1.1 or 1.0.x before running.
You would want to virginize if you upgraded to 1.1.1, and have 0049xxx IMEI. Check this in Settings → General → About.
- Set Settings → General → Auto Lock → Never
- Start Installer and update it if it asks. Tap on Sources, Edit, and Add http://i.unlock.no/ as a repository.
- Make sure you have BSD Subsystem installed. If it's installed it's listed in "Uninstall", if not listed, tap on Install and goto the System category and install it.
- Now, install The Virginizer found in the Unlocking Tools category. This will take almost 10 minutes to complete.
- When done, restore your phone to get 1.1.1 firmware reinstalled (this is not necessary if you are going to upgrade to 1.1.2)
- When phone has been restored, you can Activate and unlock as normal.
How do i downgrade a 1.1.2 or 1.1.3 phone?
Downgrade the main firmware:
- Connect the phone to the computer and launch iTunes (v7.6 NOT recommended).
- Restore your phone like explained in details here.
- You will get an error when restore is complete, just ignore it and run AppTapInstaller.exe (to Mac users: iNdependence should do the same.
- AppTapInstaller.exe will fail, but your phone will get to the Activation Screen now!
- When on the activation screen, just follow my tutorial to jailbreak and bypass activation
Now your phone main firmware is ok, but to get the phone part working properly you should also downgrade your baseband firmware. At the moment this is NOT possible if your phone already had 1.1.2 or 1.1.3 when you bought it (meaning it has the new bootloader). If you accidentally upgraded your phone to 1.1.2 or 1.1.3 and want to go back to 1.0.2 or 1.1.1, read on.
Downgrade the baseband firmware:
- Set Settings → General → Auto Lock → Never
- Start Installer and install BSD SubSystem found in System Category.
- Go to Sources and tap edit and add http://i.unlock.no/
- Now install "Baseband Downgrader" found in Unlocking Tools category. This will take around 5 minutes.
- When done, restore your phone to get 1.1.1 firmware reinstalled.
- When phone have been restored, you can Activate and unlock as normal.
Can't find AnySIM - Unlocking Tools category is missing
Please follow the tutorial carefully - it will show up after you add my repository (http://i.unlock.no) and tap refresh.
YouTube is not working
If YouTube does not work ("You must first connect to iTunes..."), try to install YouTube activation which is found in the Unlocking tools-category after you have added my repository (see previous question)
Is the unlock permanent? Can i restore my phone or upgrade it?
This unlock method is based on a firmware patch, so everytime the baseband firmware is flashed, the unlock will not work anymore. You should be able to restore without loosing the unlock, and you should also be able to upgrade to future firmwares as long as the baseband firmware is not updated, but never perform a software update before you have specifically read that updating is safe.
Where can i find the iPhone firmware files?
Firmwares for the old iPhone:
Baseband version in paranthesis.
- 1.0.0: iPhone1,1_1.0_1A543a_Restore.ipsw (03.11.02_G)
- 1.0.1: iPhone1,1_1.0.1_1C25_Restore.ipsw (03.12.08_G)
- 1.0.2: iPhone1,1_1.0.2_1C28_Restore.ipsw (03.14.08_G)
- 1.1.1: iPhone1,1_1.1.1_3A109a_Restore.ipsw (04.01.13_G)
- 1.1.2: iPhone1,1_1.1.2_3B48b_Restore.ipsw (04.02.13_G)
- 1.1.3: iPhone1,1_1.1.3_4A93_Restore.ipsw (04.03.13_G)
- 1.1.4: iPhone1,1_1.1.4_4A102_Restore.ipsw (04.04.05_G)
- 2.0.0: iPhone1,1_2.0_5A347_Restore.ipsw (04.05.04_G)
- 2.0.1: iPhone1,1_2.0.1_5B108_Restore.ipsw (04.05.04_G)
- 2.0.2: iPhone1,1_2.0.2_5C1_Restore.ipsw (04.05.04_G)
- 2.1: iPhone1,1_2.1_5F136_Restore.ipsw (04.05.04_G)
- 2.2: iPhone1,1_2.2_5G77_Restore.ipsw (04.05.04_G)
Firmwares for the new iPhone 3G:
- 2.0.0 3G: iPhone1,2_2.0_5A347_Restore.ipsw (01.45.00)
- 2.0.1 3G: iPhone1,2_2.0.1_5B108_Restore.ipsw (01.48.02)
- 2.0.2 3G: iPhone1,2_2.0.2_5C1_Restore.ipsw (02.08.01)
- 2.1 3G: iPhone1,2_2.1_5F136_Restore.ipsw (02.11.07)
- 2.2 3G: iPhone1,2_2.2_5G77_Restore.ipsw (02.28.00)
Tips and tricks
Some of these tricks require computer skills. Don't ask me for help.
SMS recieved from internet is scrambled/not working?
For some ridiculous reason, Apple did not add real support for the SMS standard. The result is that SMS sent with a alphanumeric/non standard number will either not be recieved at all or the text will get scrambled as shown on the screenshot below. This bug may even damage the SMS database on your phone. It took Apple some time, but in 1.1.2 it's finally fixed, so we can just use the phone application from 1.1.2 on 1.1.1 (1.0.2 or older is not supported currently). Thanks to saraf_suman for telling me that.
How to fix the SMS problem easily:
- Open installer, and tap Sources, Edit and Add.
- Type in http://i.unlock.no/ and Ok then Done.
- Now tap on Install at the bottom and scroll down to the Unlocking Tools category
- Install SMS Fix
- When done installing, reboot your phone and it should work
Note: I have not throughly tested this, so there may be side effects i'm not aware of yet. But you can just uninstall the package to revert the changes. I only tested on 1.1.1.
Sometimes the phone displays the phone numbers instead of the names?
There's a bug in the iPhone software that will cause problems with detecting the numbers stored in your contacts, if iPhone is used outside the supported countries. I have set up a fully automatic fix for this (thanks to Dev team for patched files), that will fix this problem.
Start Installer and install the package called Phone # to name fix located in the Unlocking Tools category (i.unlock.no must be added as a Source to see this category).
Configuring EDGE settings (internet)?
If you have firmware 1.01 or later you can go to Settings → General → Network → EDGE to configure EDGE. Check your provider's website for settings.
Note for 1.1.1 users: For some reason v1.1.1 firmware will not save the settings after reboot. I have added a little fix, which is available in my repository for Installer.app: http://i.unlock.no/ - descriptions on adding my repository is here (step 1-4)
Changing phone number formating: (123) 456-7890
Formatting is stored in:
Download this file from your phone. The file is stored in binary format, so you'll need to convert it to text. Now save this file and open it in a text editor. Change the formatting under us to look like you want (if you find your region in the file, just copy from your region to the us). There's probably some way to just make it use your language (instead of 'us'), but i don't know where you specify that. When you are done changing formatting, save the file and upload it to the iphone in same directory you found it. You don't need to convert i back to binary.
Update for 1.1.1 users: In previous versions locale settings did not apply to number formatting. I noticed that in 1.1.1 it does, so it's better to change the phone's locale configuration instead of changing the formatting manually. Install "Enable International Menu" found in the Unlocking Tools category.
Making the carrier name/logo fit without scrolling
Apple left a rather small space for operator name, so if it's above 7(?) characters, it will scroll, and display only first part (click picture at right). I found a way to decrease the font size, making it fit.
Load the following file in a Hex editor:
Font size should be at offset 7C176. In HxD, just click "Search → Goto" and set offset to 7C176 as shown in picture below. If the font size is not at this offset in your file, you can try a text string search for loopOperatorToBeginning, it should be right above that.
As you can see, you can also change the font type, and color of the text. Default is size 14. Changing it to 11 or 12 should do.
Update: Here is a way to set a permanent carrier logo. I have created a few logos for norwegian users (screenshot below): Telenor, Netcom, Tele2, Chess, OneCall. Download here. Remember that you will need to change pictures manually if you switch carrier.
Disabling autocorrection when typing on keyboard
Read here until i write a more detailed way.
Adding international characters on the keyboard?
Read here until i write a more detailed way.
Unlock.no's version of jailbreakme.com
I've studied how jailbreakme.com jailbreaks the phone etc, and i noticed that jailbreakme.com copies a 736KB archive with the needed files (136KB), but the other 600KB is just CRAP (hidden mac files, sourcecode etc). So i decided to tweak the solution a little.
- I have removed all the "crap" jailbreakeme.com serves, so my archive is only 136KB, but still have ALL relevant files. This will make it much faster and more stable, since the file transfer is reduced by 600KB!
- Latest version of Installer (b10) is installed, and also latest version of Community Sources (modmyifone repository) - i will try to keep these packages updated at all times, so that you don't need to update anything after jailbreaking.
- http://i.unlock.no/ is addded as a (trusted) source in Installer, so that you have quick access to common tools like "Baseband downgrader" (reflashing baseband to 1.0.2 baseband) and "bootloader downgrade" package (Unlocking Tools category).
To jailbreak using this method, instead of adding URL jailbreakme.com, you add url: i.unlock.no (http:// not necessary) to the contact you create after dialing *#301# etc. Have your phone docked to the computer when visiting the jailbreak page! I have no idea why, but sometimes it doesn't work if your phone is not docked (this applies to jailbreakme.com as well).
Note: Jailbreaking using this method will add i.unlock.no as a trusted source. If you don't trust this Installer source, don't do this.
I did not develope this solution myself. I use jailbreakme.com's solution, and just tweaked it. All credits/donations goes to everyone who worked on this solution: http://jailbreakme.com
My comments about the iPhone unlocking solutions
I've been unlocking cell phones for more than 5 years, and even though i don't develope the solutions myself, i know pretty much how it works - and iPhone does not appear to be different from others, except for the fact that it needs activation in addition to unlocking.
There are two types of unlocking: "Firmware-patch" and "Direct unlock"
- Firmware patch is simply patching the firmware in order to bypass the unlock. Phone is still "locked", firmware is just tricked into believing it's not. An example would be when phone startsup and runs code "if(phoneIsLocked == false) doStartphone();" - a patch would simply change "false" to "true", causing it to run doStatphone() even when it's locked. If firmware is upgraded/restored, this patch will of course be removed and were back to start again. This type is in the industry considered as a semi-unlock, and only accepted as a last resort if no other way is found (usually, it's just a temporary solution)
- Direct-unlock is the real way of unlocking phones. Usually it involves just rebuilding the entire lockdata in EEPROM with "blank" unlocked data. Or the safest way is to get the phone itself to clear the data by making it unlock itself - which could be achieved by for example finding the unlock codes and feed it with them. This would leave absolutely no trace of "hacking" - it will be 100% correctly done, as intended by the manufacturer.
- (SIM-cloning/Turbosim is not mentioned, because that's not considered unlocking.)
When a phone is unlocked (in a proper way), it will always be unlocked. Firmware upgrades never touches EEPROM, including lock data.
Here are my thought's on how iphone unlocking works - of course, it's just my thoughts based on my experience with other phones, and i may very well be wrong.
IPFS unlock solution is permanent, and will handle all future updates Yes, i'm fairly sure that a phone unlocked with IPFS is a proper unlock (not firmware patch), making it permanent. But of course, unlike other's, iphone needs activation and IPFS therefore completely dependent on activation, which is depending on jailbreak. But when it comes to the operator lock itself, IPFS's permanently unlocks it.
I'm not sure exactly how IPFS does unlock it, but i'm feeling very sure it's one of these:
1. IPFS reads data from the baseband/EEPROM, and rebuilds the lock area in EEPROM with proper data - without any lock. This is exactly the same done on almost all other phones.
2. IPFS patches the baseband, but only as a temporary step in order to achive the above. When it's finished, it doesn't matter if the patch is removed (bb upgraded), because phone is already unlocked.
AnySIM and the other solutions are fimware patch solutions and will never survive baseband flashing/upgrade. Unlike IPFS (if IPFS also patches firmware), AnySIM patches firmware in order to bypass the lock, not in order to unlock it - or at least it's not unlocking it properly. The fact that anysim unlocked phones are bricked after upgrading, must be caused by changes the anySIM solution does to EEPROM, which is not properly done, and makes it "corrupted" as seen from the new firmware.
In my opinion there's no reason to be so negative about IPFS. They did the real unlock and so far noone have been able to recreate their solution. So don't expect a free real solution for 1.1.1 appearing very soon either. A free patch-unlock though is probably already possible now that they have decrypted the ramdisk, i will try that tomorrow. Of course iphone dev team are doing the most important work, and let's hope they soon will be able to work out a direct unlock solution as well.
Feel free to correct me, i already mentioned this is just how i think it works. (comments can be posted HERE.
- WinSCP (download/upload files from your phone)