Browsing Archive May, 2013

iPhone 5S Release Date in September 2013

Customers who wish to update their iPhone to the latest model should wait till fall 2013. Apple is expected to announce iPhone 5S launch in September. Such information comes from one of the Cupertino-based company’s suppliers.

READ MORE +

How To Hack iPhone baseband Using BBTool, DLOADTool, DBLTool and iOSUSBEnum

While one hackers working on iOS jalbreaking the others on baseband hacking. Now it is possible to hack iPhone baseband of the newer models. There are four tools that were written by P0sixninja to hack only with Qualcomm hardware iPhone 5, 4S and 4 (CDMA). There is a possibility to access iPhone 5 baseband using Minicom and Signal 2 app but here is something different.

You can use BBTool, DLOADTool, DBLTool and iOSUSBEnum to boot up Qualcomm baseband’s files which are related to QHSDLOAD protocol (Qualcomm DLOAD protocol). These program will allow you to open iPhone bb giving the possibility to find exploits and try to use them to unlock iPhone 5 and other models. It can be used for raw communication with the baseband like fuzzing. Fuzzing is one of the easiest and most efficient ways to find vulnerabilities.

  • iOSUSBEnum (Utility to enumerate USB (HSIC) devices on iOS)
  • BBTool (Tool for communicating with AppleBaseband Kext on iOS)
  • DBLTool (Tool for communicating with Sahara protocol (DBL) on iPhone4 CDMA, iPhone4s, and iPhone5 (Apple SAH Protocol)
  • DLOADTool (Tool for communicating with QHSDLOAD protocol on iPhone4 CDMA, iPhone4s, and iPhone5 (Qualcomm DLOAD protocol)

Important Notes

How to Boot Up iPhone baseband Files Using Hacking Tools

Step 1. Download CommCenter to use BBTool, DLOADTool, DBLTool and iOSUSBEnum. To perform this you need to SSH your device and add this command:

launchctl unload /System/Library/LaunchDaemons/com.apple.CommCenter.plist

Step 2. Make Qualcomm baseband to be not shown in the device list – type:

iosusbenum

Step 3. Now you need to access iPhone filesystem, because bb hasn’t internal flash to keep a firmware. Unzip these firmware files and access file system using the command below:

cd /usr/local/standalone/firmware/Baseband/Trek
unzip Trek-personalized.zip

If your device is still running iOS 5.x, just type the following:

cd /usr/standalone/firmware/Trek
unzip Trek-personalized.zip

There are will be various files but bbticket.der, dbl.mbn, osbl.mbn, and amss.mbn files you need.

Step 3.1. Now use BBTool to put iPhone in DLOAD mode (DFU mode). Enter the command below:

bbtool enter-dload

To make sure that your device entered DLOAD mode you will see the following using iosusbenum command:

Device Name: QHSUSB_DLOAD Vendor ID: 0x5c6 Product ID: 0x9008 Version: 0x0 Location: 0x1200000 Configuration: 0 Length: 0x9 Descriptor Type: 0x2 Total Length: 0x20 Num Interfaces: 0x1 Configuration Value: 0x1 …………………………………….. Endpoint Length: 0x7 Descriptor Type: 0x5 Endpoint Address: 0x1 Attributes: 0x2 Transfer Type: Bulk Max Packet Size: 0x200 Interval: 0x0

Step 4. Now you need DLOADTool to boot iPhone into DBL (SAH) mode. to make it work just enter the following:

dloadtool -f /usr/local/standalone/firmware/Baseband/Trek/dbl.mbn

After receiving and sending a bunch of messages you can use iosusbenum to verify if your device is in the DBLmode and get something like this:

Device Name: Qualcomm CDMA Technologies MSM Vendor ID: 0x5c6 Product ID: 0x900e Version: 0x0 Location: 0x1200000 Configuration: 0 Length: 0x9 Descriptor Type: 0x2 Total Length: 0x20 Num Interfaces: 0x1 Configuration Value: 0x1 …………………………………….. Endpoint Length: 0x7 Descriptor Type: 0x5 Endpoint Address: 0x1 Attributes: 0x2 Transfer Type: Bulk Max Packet Size: 0x200 Interval: 0x20

Step 5. You can also use DBLOADTool to enter the normal operating mode after DBL mode. As you may guess you will need to step to bbticket, osbl, and amss into DBLTool entering the following command to hack iPhone baseband:

dbltool -b /usr/local/standalone/firmware/Baseband/Trek/bbticket.der -o /usr/local/standalone/firmware/Baseband/Trek/osbl.mbn -a /usr/local/standalone/firmware/Baseband/Trek/amss.mbn

Step 6. Wait up to 30 seconds because AMSS loading may take some time. To see if the iPhone baseband was booted up, you can use iosusbenum command without CommCenter been loaded. The command output should be like these below:

Device Name: Qualcomm CDMA Technologies MSM Vendor ID: 0x5c6 Product ID: 0x9001 Version: 0x0 Location: 0x1200000 Configuration: 0 Length: 0x9 Descriptor Type: 0x2 Total Length: 0x118 Num Interfaces: 0xd Configuration Value: 0x1 ……………………………. ……………………………. ……………………………. ……………………………. Endpoint Length: 0x7 Descriptor Type: 0x5 Endpoint Address: 0x8 Attributes: 0x2 Transfer Type: Bulk Max Packet Size: 0x200 Interval: 0x20

Step 7. To reset the iPhone baseband to its original settings use command:

bbtool reset

Seeing this bunch of information you can be sure that you have just hacked iPhone baseband and fully boot it up even without CommCenter. The last thing left is to send commands to iPhone baseband using DIAGTool and QMITool and explore the modem firmware and filesystem in general. Use comment section below to share your experience with booting up iPhone bb.

Source: iPhone Wiki. Via: P0sixninja GitHub

READ MORE +

Hack Verizon iPhone to Get Faster Data Speeds

It is possible to improve iPhone data speeds for Verizon customers. You might have heard about hacks released for AT&T and T-Mobile companies with the help of which users were able to get more out of their connection. There is a new hack created especially to hack Verizon iPhone and improve your data speeds. It is perfect for iOS smartphones and tablet computers that have cellular capabilities in them.

READ MORE +

Double Retina Display in the Next iPhone 5S

How much will Apple improve iPhone 5S Retina resolution? What can it offer customers to keep them interested in getting the new iPhone and not look at smartphones by other companies? There are rumors that mention iPhone 5S double Retina display. I wish they were true.

Experts already call the next display for iPhone 5S as “Retina 2” and think it will get 489 pixels per inch. Such incredible resolution can surely impress consumers, especially people who already own one iPhone. They will wish to switch to a newer model as their old one can’t give them the same display.

 

You can remember how the world got crazy over the iPhone 4 release. Apple introduced a new Retina display with this model. The impressive-at-those-times [back in 2010] 326 ppi resolution make this smartphone very popular. The demand was so high Apple easily blew away competition.

Today a lot of handsets get displays with a better resolution. Now Apple wants to be the king of ppi displays again, if the rumors are true. There is no confirmation from the company that it has plans to release its next iPhone with an improved screen. Still fans don’t lose their hopes to see a 489 ppi display.

The unofficial news comes from China. Local sources, including SlashGear, claim the next-generation iOS smartphone will get the 4-inch 489 ppi Retina 2 display. The handset is reported to get the screen with aspect ration 1704 x 960. This is uncommon with 489 ppi resolution display, still these are just rumors.

Would you love to get an iPhone that would be a bit smaller than the sixth-gen device and feature an enhanced resolution? It will surely rock the market before Christmas 2013 if Apple launches such a gadget. Since the development of the next iOS 7 is postponed [we just hear no news about it yet], the Cupertino company is expected to release a new handset at fall.

READ MORE +

How to Factory Unlock iPhone 4 / 4s by Using Apple GSX Account

It is not a secret that there are a lot of various methods on how to unlock iPhone. Users can get third-party programs that change their smartphone’s code or use factory unlock. Some tools are free to get, but other services are paid for. Right now I want to tell you about an unconfirmed exploit to factory unlock any iPhone 4 / 4S runnig any firmware like iOS 6.14 / iOS 6.1.3, 6.1.2 or even 5.1.1 with the GSX help. Keep in mind that this method might work for you only if you don’t live in the U.S. because it it still illegal to perform iPhone unlock in the United States.

GSX Exploit to Factory Unlock any iPhone 4 / 4S [Unconfirmed]

First, I’ll explain what Apple’s GSX tool is. You can find it on the official site of the Cupertino-based techgiant at gsx.apple.com.

GSX exploit to factory unlock iphone 4 ,4s

This system is available to particular groups of users. For example, you can use it if you are a service provider and need to order device’s parts or process repairs. But you cannot access it if you are an ordinary user. Secondly, there is no way for you to unlock iPhone with GSX if you are not one of authorized service providers working in partnership with Apple. In other words, if you don’t have a GSX account you are not eligible to get unlock for your iPhone. Surely, there is a way to get such account if you become friends with iPhone carriers or repair shops that already have one.

apple gsx account

But this task is too difficult to achieve. If you are lucky to get important contacts at a repair shop or at the mobile operators, you should get a list of IMEI numbers on activation policy that unlocks gadgets’ status. The best is to find somebody from some Chinese repair shops or those who have serial numbers of iPhones from China Unicom, China Service and other.

To start with you need to have a GSX account or somebody who has it.

Step 1. Think about a reason [a fake one] why you need to repair an iPhone.

Step 2. Visit GSX Apple site and create a new “carry-in repair” tool. Mention the reason you have thought of in Step 1 and wait till your repair case is approved.

create gsx account


Step 3. You will be able to put the “New Serial Number” for the handset you wish to unlock. Actually, this area is designed for a replacement iPhone you need to transfer Apple’s warranty over to. It also transfers the activation policy with the unlocked status over to the iPhone. Simply enter the serial number of the handset and it will become unlocked.

iPhone GSX Unlock Problems

The method seems to be easy to apply. Still it has a lot of problems. Not everyone is eligible. There is also information that it works for particular iPhone models:

  • iPhone 4 8Gb [Serial Number must End with DP0N, and DPMW]
  • iPhone 4S 16 Gb [DTC0, DTD0, DT9V, DTD1, DT9Y, and DTD2]

How to Unlock iPhone for Sure

I believe the only way to unlock iPhone with 100% guarantee is to use factory IMEI unlock tool. It works for all smartphone models, iOS versions and modems / basebands. It is also good for a big variety of networks from around the world. This method is distant. It is safe to perform. It is affordable and it truly unlocks iPhone 4S / 4 / 5 / 3G and 3Gs.

Original Post: http://letsunlockiphone.guru/factory-unlock-iphone-4-4s-gsx-apple/

READ MORE +

How to Factory Unlock iPhone 4 / 4s by Using Apple GSX Account

It is not a secret that there are a lot of various methods on how to unlock iPhone. Users can get third-party programs that change their smartphone’s code or use factory unlock. Some tools are free to get, but other services are paid for. Right now I want to tell you about an unconfirmed exploit to factory unlock any iPhone 4 / 4S runnig any firmware like iOS 6.14 / iOS 6.1.3, 6.1.2 or even 5.1.1 with the GSX help. Keep in mind that this method might work for you only if you don’t live in the U.S. because it it still illegal to perform iPhone unlock in the United States.

READ MORE +

Download Skyfire Browser for iOS 6.1.3 iPhone and iPad

The Skyfire Labs company, that purchased Opera in February, this year, has released a major update of Skyfire browser. It is designed for smartphones iPhone and player iPod touch.

A unique feature is the ability to convert Skyfire Flash-Video format HTML5, compatible with Apple mobile devices. Video stores shrinks on Skyfire Labs servers, thereby saving the user on the mobile traffic. Also, the browser supports all the WEB 2.0 standards – Ajax, JavaScript, Flash, and reproduces the experience of surfing the Internet from your PC. Skyfire is different correct and fast processing code on any mobile platform.

You can watch millions available online Flash-rollers which do not work in other mobile Web browsers. News, sports games live (football, basketball, golf) and TV shows will always be at your fingertips, wherever you go.

The new version of Skyfire 5.0 for iPhone promises a smooth Flash playback in full-screen mode, and for ease of use lets you disable the toolbar. Notification of the availability of flash content on the page is moved to the top of the screen. Here you can also find a special button Play Flash Video on Page, which searches for Flash-content on the page.

Skyfire developers warn that the time before downloading the video may take 10-20 seconds. This is the peculiarities of the technology: the Web browser transcodes videos into a format that supports Apple mobile devices.

Skyfire browser is available in two versions – for iPhone / iPod touch and iPad. Both devices are compatible with the iOS 5.0 and above.

Download Skyfire Web Browser for iPhone and iPod touch [App Store]
Download Skyfire Web Browser for iPad [App Store]

READ MORE +

Unlock iPhone 3GS iOS 6.1.3 baseband 05.16.08 Using Redsn0w and Ultrasn0w

Unbelievable method to unlock with Ultrasn0w iPhone 3GS on iOS 6.1.3 baseband 05.16.08 (which is not supported by Ultrasn0w). To be honest I found the video on YouTube where the user ultimateidevicevids, showed interesting way to unlock 6.1.3 baseband with famous tool.

Last time I showed you how to use Ultrasn0w on iOS 6.1.3 iPhone 4, 3GS with old (preserved) baseband but here below you will definatelly find something new.

READ MORE +