Difference between revisions of "Tutorial:Unlock iPhone 3G with TurboSim"

From The iPhone Wiki
Jump to: navigation, search
(Installation)
m
 
(41 intermediate revisions by 16 users not shown)
Line 3: Line 3:
 
This article is a step by step instruction to use a net-locked iPhone-3G with a different provider.
 
This article is a step by step instruction to use a net-locked iPhone-3G with a different provider.
   
The dev team states on [http://blog.iphone-dev.org/post/44428446/updates their blog] that the SIM hacks they examined send illegal signals. <nowiki><!--</nowiki> The unlock method here uses zero-g which has been published by Zf, member of dev team, so it can be considered not to cause illegal actions. <nowiki>--></nowiki>
+
The dev team states on [http://blog.iphone-dev.org/post/44428446/updates their blog] that the SIM hacks they examined send illegal signals.
 
 
<table border=1 width=100%><tr>
 
<table border=1 width=100%><tr>
 
<td bgcolor=#ffA4A4>
 
<td bgcolor=#ffA4A4>
Line 10: Line 9:
 
'''Update / Warning:'''
 
'''Update / Warning:'''
   
'''ZeroG''', was '''''not intended''''' ''' to do trickery to your cellular network'''. But due to the way the iPhone's 2.x baseband firmware handles the login, '''actually it does'''. Short overview: ZeroG starts up the SIM replacing MCC / MNC with test IMSI codes, leaving the MSIN untouched. Then it restarts the SIM giving the correct IMSI afterwards. Unfortunately the iPhone asks the SIM exactly ''one'' time for the IMSI, it doesn't care about the restart. So effectively the login into the cellular network is done in test IMSI mode. Now it is up to your provider, how it handles such requests. For normal logins (no turboSIM) the login request is processed by your provider. In the roaming case your login request is routed from the guest provider to your provider. There is no provider for 'test' MCC / MCN. Your provider has to recognize this upon login (This implies you have to manually select cellular network right from the start.) If your provider accepts the test IMSI code and does authentication with your MSIN (this implies, (real) roaming is not possible, as only _your_ provider can process MSIN correctly), everything ''could'' be fine. You don't spoof your identity, there should also be no billing problems. But if you try this method, have successfully installed ZeroG.trb and do _not_ gain access, probably your provider does not accept test IMSI mode. In this case better do not retry as you might risk your IMSI beeing blacklisted.<BR>
+
'''ZeroG''', was '''''not intended''''' ''' to do trickery to your cellular network'''. But due to the way the iPhone's 2.x baseband firmware handles the login, '''actually it does'''. Short overview: ZeroG starts up the SIM replacing MCC / MNC with test IMSI codes, leaving the MSIN untouched. Then it restarts the SIM giving the correct IMSI afterwards. Unfortunately the iPhone asks the SIM exactly ''one'' time for the IMSI, it doesn't care about the restart. So effectively the login into the cellular network is done in test IMSI mode. Now it is up to your provider, how it handles such requests. For normal logins (no turboSIM) the login request is processed by your provider. In the roaming case your login request is routed from the guest provider to your provider. There is no provider for 'test' MCC / MCN. Your provider has to recognize this upon login (This implies you have to manually select cellular network right from the start.) If your provider accepts the test IMSI code and does authentication with your MSIN (this implies, (real) roaming is not possible, as only _your_ provider can process MSIN correctly), everything ''could'' be fine. You don't spoof your identity, there should also be no billing problems. But if you try this method, have successfully installed ZeroG.trb and do _not_ gain access, probably your provider does not accept test IMSI mode. In this case better do not retry as you might risk your IMSI being blacklisted.<BR>
   
 
</td>
 
</td>
Line 30: Line 29:
   
 
Everyone who dislikes pink T's, over-priced unlocked iPhones and likes investigating exciting techniques ... (a.s.o.)
 
Everyone who dislikes pink T's, over-priced unlocked iPhones and likes investigating exciting techniques ... (a.s.o.)
  +
  +
<br>
  +
=== Supported Basebands ===
  +
  +
<table cellpadding=5 border=1>
  +
<tr>
  +
<td style="text-align: center">Baseband</td>
  +
<td style="text-align: center">Exploitable</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">01.43.00</td>
  +
<td style="background-color: #c0c0c0; text-align: center">unknown</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">01.45.00</td>
  +
<td style="background-color: #64ff64; text-align: center">yes</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">01.48.02</td>
  +
<td style="background-color: #64ff64; text-align: center">yes</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">02.04.03</td>
  +
<td style="background-color: #c0c0c0; text-align: center">unknown</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">02.08.01</td>
  +
<td style="background-color: #64ff64; text-align: center">yes</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">02.11.07</td>
  +
<td style="background-color: #64ff64; text-align: center">yes</td>
  +
</tr>
  +
<tr>
  +
<td style="text-align: center">02.28.00</td>
  +
<td style="background-color: #64ff64; text-align: center">yes</td>
  +
</tr>
  +
</table>
  +
<br>
   
 
=== Prerequisites ===
 
=== Prerequisites ===
Line 39: Line 77:
 
* SCP client (e.g. [http://winscp.net/eng/download.php#download2 WinSCP]) or FTP Client such as [http://rsug.itd.umich.edu/software/fugu/ Fugu] for Mac and [http://rsug.itd.umich.edu/software/fugu/ SmartFTP] for Windows
 
* SCP client (e.g. [http://winscp.net/eng/download.php#download2 WinSCP]) or FTP Client such as [http://rsug.itd.umich.edu/software/fugu/ Fugu] for Mac and [http://rsug.itd.umich.edu/software/fugu/ SmartFTP] for Windows
 
* TurboSIM programming sw [[http://dl.free.fr/pzijbVjXl/turbo-cable-utils-iPhone-0.7.0-rev3-firmware-v2.tar.gz download]]
 
* TurboSIM programming sw [[http://dl.free.fr/pzijbVjXl/turbo-cable-utils-iPhone-0.7.0-rev3-firmware-v2.tar.gz download]]
* TurboSIM app zero-g [[http://www.bladox.com/pub/zerog-0.95.tar.gz download]] (The version [http://dl.free.fr/nz1Tbj2sC/lamesaft.trb here] basically does the same, reset is removed, so you can turn flight mode on and off, without card re-insertion.)
+
* TurboSIM app zero-g [[http://www.bladox.com/pub/zerog-0.95.tar.gz download]]
   
 
----
 
----
Line 45: Line 83:
 
=== Installation ===
 
=== Installation ===
   
  +
1. Insert your simcard in another 2G phone, and remove the SIM Card Pin Code. You should also go to the Network Selection, and Manually select your network. Then cut your SIM card to fit with the TurboSIM. Google a little bit how to do this, or use YouTube and insert both into your iPhone 3G.
Before I begin, I will assume that you know some basic stuff, such as FTPing to your iPhone, and SSHing. If you require help, please email me at [nayef@fireblazehost.com nayef@fireblazehost.com].
 
 
 
1. Insert your simcard in another 2G phone, and remove the SIM Card Pin Code. You should also go to the Network Selection, and Manually select your network. Then cut your SIM card to fit with the TurboSIM. Google a little bit how to do this, or use YouTube and insert both into your 1st generation iPhone running 1.1.4.
 
   
 
2. Unpack turbo-cable-utils
 
2. Unpack turbo-cable-utils
   
3. Rename all files in bin-iphonev2 by adding 2 at the end of each file.
+
3. Copy contents of bin-iphonev2 to folder /bin/ on your iPhone. (username: root password: alpine)
   
  +
4. Unpack zerog-0.95 and copy zerog095.trb to /private/var/root/
4. Copy contents of bin-iphonev1 and bin-iphonev2 to folder /bin/ on your 1st generation iPhone. (username: root password: alpine)
 
 
3. Unpack zerog-0.95 and copy zerog095.trb to /private/var/root/
 
   
 
[[Image:Winscp_turbo-utils.png]]
 
[[Image:Winscp_turbo-utils.png]]
Line 67: Line 100:
   
 
7. Run
 
7. Run
launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist in your SSH client in the 1st Generation iPhone
+
launchctl unload -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
   
8. You should now lose your signal, but WiFi should stay connected
+
8. You should now lose your signal, and WiFi. Restart your phone. You will now have WiFi on and CommCentre unloaded.
   
9. Run turbo-info2
+
9. Run turbo-info
   
# turbo-info2
+
# turbo-info
 
initializing modem
 
initializing modem
 
modem initiated
 
modem initiated
 
OK. No Error
 
OK. No Error
   
  +
NOTE: If you get an error from turbo-info, look for turbo-iphone-smsreset and run it.
10. Now run turbo-info
 
   
  +
10. Now run turbo-app /private/var/root/zerog095.trb
# turbo-info
 
initializing modem
 
modem initiated
 
Kernel Version 1.2.9.0
 
Serial Number bosu-e8f8t6o30
 
OK. No Error
 
 
11. Now run turbo-app /private/var/root/zerog095.trb
 
   
 
# turbo-app /private/var/root/zerog095.trb
 
# turbo-app /private/var/root/zerog095.trb
Line 96: Line 122:
 
OK. No Error
 
OK. No Error
   
12. Run
+
11. Run
launchctl load /System/Library/LaunchDaemons/com.apple.CommCenter.plist
+
launchctl load -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist
   
13. Now you should see Zero-G in the Sim Applications in Settings -> Phone -> Sim Applications
+
12. Now you should see Zero-G in the Sim Applications in Settings -> Phone -> Sim Applications
   
   
Line 113: Line 139:
 
15. Remove your card and TurboSIM from the 1st Generation iPhone
 
15. Remove your card and TurboSIM from the 1st Generation iPhone
   
  +
16. You will get No Service
16. Insert the card and TurboSIM into your iPhone 3G
 
 
17. You will get No Service
 
   
 
[[Image:Ip_noservice.png]]
 
[[Image:Ip_noservice.png]]
   
   
10. Open Settings -> Phone -> Sim Applications and click on Zero-G
+
17. Open Settings -> Phone -> Sim Applications and click on Zero-G
 
You may be interrupted by a popup which says Going to Switch, just choose Accept (Green Button) If you do not get interrupted, it will appear in a minute after choosing Zero-G from Sim Applications.
 
You may be interrupted by a popup which says Going to Switch, just choose Accept (Green Button) If you do not get interrupted, it will appear in a minute after choosing Zero-G from Sim Applications.
   
Line 128: Line 152:
   
   
11. That's it!!
+
18. That's it!!
   
 
[[Image:Ip_unlocked.png]]
 
[[Image:Ip_unlocked.png]]
Line 141: Line 165:
 
=== 3G-SIM / USIM ===
 
=== 3G-SIM / USIM ===
   
  +
A new adapter was released in {{date|2008|12}} (Gevey-3G Plus 2) which allows full unlocking of any firmware version (2.2 and previous), without the need of first placing the simcard in another unlocked device. You may have to turn 3G off, then insert the adapter placed with your sim card. After that you can turn 3G on. You'll have a full unlocked iPhone, including 3G signal. Also, this particular adapter does not require to cut your simcard, since the memory component is placed in the bottom part. This new version allows "flight mode" use, seamless 3G/EDGE working, as well other functions. In some cases a jailbreaking is needed in order to have it working properly.
It works with (some?) USIMs (blau.de Germany) as well. 3G '''must no be activated''' on the iPhone. Once 3G is activated, it stops working, even if it is deactivated afterwards. To revive such SIM, put it in a non UMTS capable phone (did it together with turboSIM), check phone and GPRS functions and then this USIM will work again on the iPhone-3G. The SIM application (zero-g) was not visible, but it worked though. If GPRS does not work after a while (3 minutes or so), reboot your phone and try again.
 
  +
  +
It works with (some?) USIMs (blau.de Germany) as well. 3G '''must not be activated''' on the iPhone. Once 3G is activated, it stops working, even if it is deactivated afterwards. To revive such SIM, put it in a non UMTS capable phone (did it together with turboSIM), check phone and GPRS functions and then this USIM will work again on the iPhone-3G. The SIM application (zero-g) was not visible, but it worked though. If GPRS does not work after a while (3 minutes or so), reboot your phone and try again.
   
 
=== GPRS-'Fix' ===
 
=== GPRS-'Fix' ===
Line 173: Line 199:
 
Actually this table gives a rough overview of all *sim solutions because it reflects working of MCC/MNC = 001/01 and all *sim known so far use this method. The table doesn't give information about 3G though, as turbosim does not support 3G SIM-ME communication at the moment. So could be, some *sim solutions work with 3G where this table indicates no. Most probably there isn't any *sim solution that works in a specific configuration if this table indicates 'no' for the method at all.<br>
 
Actually this table gives a rough overview of all *sim solutions because it reflects working of MCC/MNC = 001/01 and all *sim known so far use this method. The table doesn't give information about 3G though, as turbosim does not support 3G SIM-ME communication at the moment. So could be, some *sim solutions work with 3G where this table indicates no. Most probably there isn't any *sim solution that works in a specific configuration if this table indicates 'no' for the method at all.<br>
   
  +
{| class="wikitable sortable" style="text-align: center; width: auto; table-layout: fixed; border-collapse: collapse;" border="1"
<table cellpadding=5 border=1>
 
  +
|-
<tr>
 
  +
! Country
<td style="text-align: center">Locked (Official)<BR>Provider</td>
 
<td style="text-align: center">Unlocked Provider</td>
+
! Unlocked Provider
  +
! SIM/USIM
<td style="text-align: center">SIM type</td>
 
  +
! Calls?
<td style="text-align: center">calls</td>
 
  +
! SMS?
<td style="text-align: center">SMS</td>
 
  +
! GPRS/EDGE?
<td style="text-align: center">2G data</td>
 
  +
! UMTS/HSDPA?
<td style="text-align: center">3G data</td>
 
  +
! Comments
</tr>
 
  +
|-
<tr>
 
  +
| Brazil
<td style="text-align: center">Swisscom</td>
 
  +
| TIM
<td style="text-align: center">Congstar</td>
 
  +
| SIM
<td style="text-align: center">3G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
</tr>
 
  +
|-
<tr>
 
  +
| Brazil
<td style="text-align: center">Swisscom</td>
 
  +
| Claro
<td style="text-align: center">Blau.de Germany</td>
 
  +
| SIM
<td style="text-align: center">3G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
</tr>
 
  +
|-
<tr>
 
  +
| Brazil
<td style="text-align: center">Swisscom</td>
 
  +
| Vivo (Telefónica)
<td style="text-align: center">O2 Germany</td>
 
  +
| SIM
<td style="text-align: center">2G, V?<BR>(1996)</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: white; text-align: center">?</td>
 
  +
| {{yes}}
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
| 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
</tr>
 
  +
|-
<tr>
 
  +
| Brazil
<td style="text-align: center">Swisscom</td>
 
  +
| Oi
<td style="text-align: center">O2 Germany</td>
 
  +
| SIM
<td style="text-align: center">3G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
</tr>
 
  +
|-
<tr>
 
  +
| Germany
<td style="text-align: center">AT&T</td>
 
  +
| Blau.de
<td style="text-align: center">Turkcell</td>
 
  +
| USIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
|
</tr>
 
  +
|-
<tr>
 
  +
| Germany
<td style="text-align: center">AT&T (US)</td>
 
  +
| Congstar
<td style="text-align: center">TIM Brazil</td>
 
  +
| USIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
| N/A
</tr>
 
  +
|-
<tr>
 
  +
| Germany
<td style="text-align: center">O2 (UK)</td>
 
  +
| O2
<td style="text-align: center">VodaFone (UK)</td>
 
  +
| USIM
<td style="text-align: center">2G</td>
 
  +
| {{no}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: white; text-align: center">?</td>
 
  +
| {{no}}
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
| They realized the challenge, striking back. Don't stress them. Don't use it.
</tr>
 
  +
|-
<tr>
 
  +
| Germany
<td style="text-align: center">O2 (UK)</td>
 
  +
| O2
<td style="text-align: center">Tesco</td>
 
  +
| SIM
<td style="text-align: center">2G</td>
 
  +
| {{no}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: white; text-align: center">?</td>
 
  +
| N/A
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
| They realized the challenge, striking back. Don't stress them. Don't use it.
</tr>
 
  +
|-
<tr>
 
  +
| Israel
<td style="text-align: center">O2 (UK)</td>
 
  +
| Orange (Partner)
<td style="text-align: center">Virgin (UK)</td>
 
  +
| USIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: white; text-align: center">?</td>
 
  +
| {{no}}
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
|
</tr>
 
  +
|-
<tr>
 
  +
| Jordan
<td style="text-align: center">O2 (UK)</td>
 
  +
| Orange
<td style="text-align: center">T-Mobile</td>
 
  +
| SIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| N/A
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
|
</tr>
 
  +
|-
<tr>
 
  +
| Jordan
<td style="text-align: center">O2 (UK)</td>
 
  +
| Umniah
<td style="text-align: center">Orange (UK)</td>
 
  +
| SIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| {{yes}}
<td style="background-color: #ff6464; text-align: center">no</td>
 
  +
| N/A
<td style="background-color: #c0c0c0; text-align: center">-</td>
 
  +
|
</tr>
 
  +
|-
<tr>
 
  +
| Jordan
<td style="text-align: center">Rogers (Canada)</td>
 
  +
| Zain
<td style="text-align: center">Zain (Jordan)</td>
 
  +
| SIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| N/A
<td style="background-color: #c0c0c0; text-align: center">Not Available</td>
 
  +
|
</tr>
 
  +
|-
<tr>
 
  +
| Netherlands
<td style="text-align: center">eXamPLE</td>
 
  +
| KPN
<td style="text-align: center">mYiPhone uk</td>
 
  +
| USIM
<td style="text-align: center">2G</td>
 
  +
| {{yes}}
<td style="background-color: #64ff64; text-align: center">yes</td>
 
  +
| {{no}}
<td style="background-color: yellow; text-align: center">incoming</td>
 
  +
| {{no}}
<td style="background-color: white; text-align: center">unknown</td>
 
  +
| {{no}}
<td style="background-color: #c0c0c0; text-align: center">n.a.</td>
 
  +
| Unstable.
</tr>
 
  +
|-
</table>
 
  +
| Turkey
 
  +
| Turkcell
<br>
 
  +
| SIM
  +
| {{yes}}
  +
| {{yes}}
  +
| {{yes}}
  +
| N/A
  +
|
  +
|-
  +
| UK
  +
| Orange
  +
| SIM
  +
| {{no}}
  +
| {{no}}
  +
| {{no}}
  +
| N/A
  +
|
  +
|-
  +
| UK
  +
| Tesco
  +
| SIM
  +
| {{yes}}
  +
| {{yes}}
  +
| N/A
  +
| N/A
  +
|
  +
|-
  +
| UK
  +
| Virgin
  +
| SIM
  +
| {{yes}}
  +
| {{yes}}
  +
| N/A
  +
| N/A
  +
|
  +
|-
  +
| UK
  +
| Vodafone
  +
| SIM
  +
| {{yes}}
  +
| {{yes}}
  +
| N/A
  +
| N/A
  +
|
  +
|-
  +
| N/A
  +
| T-Mobile
  +
| SIM
  +
| {{no}}
  +
| {{no}}
  +
| {{no}}
  +
| N/A
  +
|
  +
|-
  +
| Bermuda
  +
| Mobility
  +
| SIM
  +
| {{no}}
  +
| {{no}}
  +
| {{no}}
  +
| {{no}}
  +
| No Signal, Works With Yellowsn0w, but loses signal as soon as TurboSim is insrted.
  +
|-
  +
| Australia
  +
| Three
  +
| USIM
  +
| {{yes}}
  +
| {{yes}}
  +
| {{no}}
  +
| {{yes}}
  +
| Airplane mode not working. Turn 3G off needs reboot if you want signal again. Using "i-SmartPhone" TSim
  +
|-}
   
 
=== Remarks ===
 
=== Remarks ===
Line 309: Line 405:
 
* If you get ''ERROR: Not Enough RAM'' run '''turbo-rm-apps'''
 
* If you get ''ERROR: Not Enough RAM'' run '''turbo-rm-apps'''
 
* If you should encounter any problems with your TurboSIM (no access anymore, wrong app, ...) there is an easy method to remove installed turbo sim applications: instead of giving your SIM-Pin, enter the TPIN which you can find next to the serial number on the cover. This will reset your TurboSIM. Afterwards the phone asks a second time for your PIN, now use the SIM-Pin.
 
* If you should encounter any problems with your TurboSIM (no access anymore, wrong app, ...) there is an easy method to remove installed turbo sim applications: instead of giving your SIM-Pin, enter the TPIN which you can find next to the serial number on the cover. This will reset your TurboSIM. Afterwards the phone asks a second time for your PIN, now use the SIM-Pin.
  +
   
 
[[Category:Unlocking Methods]]
 
[[Category:Unlocking Methods]]
  +
[[Category:Tutorials]]

Latest revision as of 01:02, 17 September 2021

By following these instructions, you acknowledge your responsibility for any damage you cause to your device, and you recognize that you may void your iPhone's warranty.

This article is a step by step instruction to use a net-locked iPhone-3G with a different provider.

The dev team states on their blog that the SIM hacks they examined send illegal signals.

Update / Warning:

ZeroG, was not intended to do trickery to your cellular network. But due to the way the iPhone's 2.x baseband firmware handles the login, actually it does. Short overview: ZeroG starts up the SIM replacing MCC / MNC with test IMSI codes, leaving the MSIN untouched. Then it restarts the SIM giving the correct IMSI afterwards. Unfortunately the iPhone asks the SIM exactly one time for the IMSI, it doesn't care about the restart. So effectively the login into the cellular network is done in test IMSI mode. Now it is up to your provider, how it handles such requests. For normal logins (no turboSIM) the login request is processed by your provider. In the roaming case your login request is routed from the guest provider to your provider. There is no provider for 'test' MCC / MCN. Your provider has to recognize this upon login (This implies you have to manually select cellular network right from the start.) If your provider accepts the test IMSI code and does authentication with your MSIN (this implies, (real) roaming is not possible, as only _your_ provider can process MSIN correctly), everything could be fine. You don't spoof your identity, there should also be no billing problems. But if you try this method, have successfully installed ZeroG.trb and do _not_ gain access, probably your provider does not accept test IMSI mode. In this case better do not retry as you might risk your IMSI being blacklisted.


Swisscom -> O2 Germany

Preamble

Apart from the warning and some other things, the method is quite stable if it works with your provider at all. You have to take care of:

  • never switch on 3G mode
  • before you use your SIM card that you want to unlock, put it in a different 2G phone and manually select provider and check GPRS works
  • for GPRS, "data roaming" has to be enabled on the iPhone (it is not roaming for your provider, but the iPhone thinks it's roaming)

Motivation

Everyone who dislikes pink T's, over-priced unlocked iPhones and likes investigating exciting techniques ... (a.s.o.)


Supported Basebands

Baseband Exploitable
01.43.00 unknown
01.45.00 yes
01.48.02 yes
02.04.03 unknown
02.08.01 yes
02.11.07 yes
02.28.00 yes


Prerequisites

You need:


Installation

1. Insert your simcard in another 2G phone, and remove the SIM Card Pin Code. You should also go to the Network Selection, and Manually select your network. Then cut your SIM card to fit with the TurboSIM. Google a little bit how to do this, or use YouTube and insert both into your iPhone 3G.

2. Unpack turbo-cable-utils

3. Copy contents of bin-iphonev2 to folder /bin/ on your iPhone. (username: root password: alpine)

4. Unpack zerog-0.95 and copy zerog095.trb to /private/var/root/

Winscp turbo-utils.png

5. For Windows users, SSH into your iPhone using Putty. For Mac users, SSH into your iPhone using Terminal (Applications::Utilities::Terminal)

6. Change the permissions of the turbo files to 755

chmod 755 /bin/turbo-*

7. Run

launchctl unload -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist

8. You should now lose your signal, and WiFi. Restart your phone. You will now have WiFi on and CommCentre unloaded.

9. Run turbo-info

# turbo-info
 initializing modem
modem initiated
OK. No Error

NOTE: If you get an error from turbo-info, look for turbo-iphone-smsreset and run it.

10. Now run turbo-app /private/var/root/zerog095.trb

# turbo-app /private/var/root/zerog095.trb 
SRC /private/var/root/zerog095.trb
SIZE 1032
initializing modem
modem initiated
OK. No Error

11. Run

launchctl load -w /System/Library/LaunchDaemons/com.apple.CommCenter.plist

12. Now you should see Zero-G in the Sim Applications in Settings -> Phone -> Sim Applications


Ip simapp.png

Ip zerog.png


14. Click on Zero-G

15. Remove your card and TurboSIM from the 1st Generation iPhone

16. You will get No Service

Ip noservice.png


17. Open Settings -> Phone -> Sim Applications and click on Zero-G You may be interrupted by a popup which says Going to Switch, just choose Accept (Green Button) If you do not get interrupted, it will appear in a minute after choosing Zero-G from Sim Applications.


Ip zerog2.png


18. That's it!!

Ip unlocked.png


2G data settings

  • roaming must be enabled
  • make sure APN settings are correct (if APN options don't show up, just install a configuration file created with Apple's 'Web Configuration Utility' (Mac / Windoze) (In Windoze you can reach it with http://localhost:3000 ). Send this file to yourself and open it with the mail client.
  • in BossPref (if you don't use it, don't care) 'edge' should be left enabled, even if network does not provide it (seems the BossPref option is a little bit misleading and 'edge' actually means 'GPRS/edge')

3G-SIM / USIM

A new adapter was released in December 2008 (Gevey-3G Plus 2) which allows full unlocking of any firmware version (2.2 and previous), without the need of first placing the simcard in another unlocked device. You may have to turn 3G off, then insert the adapter placed with your sim card. After that you can turn 3G on. You'll have a full unlocked iPhone, including 3G signal. Also, this particular adapter does not require to cut your simcard, since the memory component is placed in the bottom part. This new version allows "flight mode" use, seamless 3G/EDGE working, as well other functions. In some cases a jailbreaking is needed in order to have it working properly.

It works with (some?) USIMs (blau.de Germany) as well. 3G must not be activated on the iPhone. Once 3G is activated, it stops working, even if it is deactivated afterwards. To revive such SIM, put it in a non UMTS capable phone (did it together with turboSIM), check phone and GPRS functions and then this USIM will work again on the iPhone-3G. The SIM application (zero-g) was not visible, but it worked though. If GPRS does not work after a while (3 minutes or so), reboot your phone and try again.

GPRS-'Fix'

Today GPRS stopped working for me. Seems to be there are some 'states', stored on the SIM. This fixed the issue:

  • removed SIM+TSim
  • put SIM (without TSim) into non UMTS, but GPRS/edge mobile
  • checked GPRS
  • repacked Sim+TSim and put it back to the iPhone

Voilà, here we go :-) GPRS for another few days :-)

Tho' this might really not be the ultimate solution, I could hardly switch back to my old XDA Orbit. But XDA is a good device to revive the TSim solution... For that, I still love it a litte bit ;-)


Stuck in No Signal after a period

Randomly you can get stuck in a bad No Signal. To correct that:

  • remove SIM+TSim
  • put SIM (without TSim) into non 3G phone
  • Manually select your provider (desired to unlock) network
  • repack Sim+TSim and put it back to the iPhone

Here we go again, unlock iphone for a few days more also.


TurboSIM Compatibility with Operators

Actually this table gives a rough overview of all *sim solutions because it reflects working of MCC/MNC = 001/01 and all *sim known so far use this method. The table doesn't give information about 3G though, as turbosim does not support 3G SIM-ME communication at the moment. So could be, some *sim solutions work with 3G where this table indicates no. Most probably there isn't any *sim solution that works in a specific configuration if this table indicates 'no' for the method at all.

Remarks

  • Important is you get zero-g into your turboSim. So you could also try with a first gen iphone, this needs the other version of turbo-cable-utils (bin-iphonev1) in case you didn't upgrade to 2.x yet.
  • If you get ERROR: Not Enough RAM run turbo-rm-apps
  • If you should encounter any problems with your TurboSIM (no access anymore, wrong app, ...) there is an easy method to remove installed turbo sim applications: instead of giving your SIM-Pin, enter the TPIN which you can find next to the serial number on the cover. This will reset your TurboSIM. Afterwards the phone asks a second time for your PIN, now use the SIM-Pin.
Country Unlocked Provider SIM/USIM Calls? SMS? GPRS/EDGE? UMTS/HSDPA? Comments
Brazil TIM SIM Yes Yes Yes Yes 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
Brazil Claro SIM Yes Yes Yes Yes 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
Brazil Vivo (Telefónica) SIM Yes Yes Yes Yes 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
Brazil Oi SIM Yes Yes Yes Yes 3G signal with Gevey-3G adapter. Turn off 3G, insert simcard, then turn 3G on.
Germany Blau.de USIM Yes Yes Yes No
Germany Congstar USIM Yes Yes No No N/A
Germany O2 USIM No No No No They realized the challenge, striking back. Don't stress them. Don't use it.
Germany O2 SIM No No No N/A They realized the challenge, striking back. Don't stress them. Don't use it.
Israel Orange (Partner) USIM Yes Yes Yes No
Jordan Orange SIM Yes Yes Yes N/A
Jordan Umniah SIM Yes Yes Yes N/A
Jordan Zain SIM Yes Yes Yes N/A
Netherlands KPN USIM Yes No No No Unstable.
Turkey Turkcell SIM Yes Yes Yes N/A
UK Orange SIM No No No N/A
UK Tesco SIM Yes Yes N/A N/A
UK Virgin SIM Yes Yes N/A N/A
UK Vodafone SIM Yes Yes N/A N/A
N/A T-Mobile SIM No No No N/A
Bermuda Mobility SIM No No No No No Signal, Works With Yellowsn0w, but loses signal as soon as TurboSim is insrted.
Australia Three USIM Yes Yes No Yes Airplane mode not working. Turn 3G off needs reboot if you want signal again. Using "i-SmartPhone" TSim