Jailbreak and Unlock iPhone 3GS on iOS 5.1 Using Sn0wbreeze Custom Firmware
Updated your iPhone 3GS to iOS 5.1 with baseband 5.16.05 and need to unlock it? Read on as this may be the solution you need.
UPDATE: If you have an AT&T iPhone 3GS, unlock it permanently using this.
Currently, the jailbreak for iOS 5.1 is tethered, which means you will need to use a computer to boot up your iPhone 3GS. There’s no unlock for modem firmware or baseband 5.16.05.
If you really need to unlock your iPhone 3GS it’s still possible to do it by updating the baseband to 6.15.00. However, take note of the following:
- This is an iPad baseband which can break your GPS.
- More risks here.
- If you have the new iPhone 3GS 8GB made after week 28 of 2011, you must read this or you will permanently break your iPhone.
- If you don’t fancy 6.15.00 then these guys can replace baseband chip.
- This guide is for Windows since sn0wbreeze is only available for this operating system. Mac users can download the ready made custom firmware below (step 9).
Did you read and understand all the risks? OK, let’s proceed.
[Final warning: Proceed at your own risks!]
Steps:
1. Backup your contacts, photos, apps etc. Remove your SIM card. (Note: If you made a backup on the latest iOS, you won’t be able to restore it if you’re running on an earlier iOS version.)
2. Download iOS 5.1 firmware for iPhone 3GS directly from Apple.
3. Download Snowbreeze 2.9.2 from ih8sn0w.com.
4. Launch sn0wbreeze and click on the blue arrow at the bottom right corner.
5. Browse for the firmware you just downloaded in step (2). Click next.
6. Select your Bootrom type. If you’re not sure, sn0wbreeze can detect it for you. IPSW is verified and click the blue arrow to continue.
7. Select Expert Mode. Click General and hit next. It’s very likely that you don’t have the official SIM card so check ‘Activate The iPhone [Hacktivate]‘. Hit next.
8. If you really sure of installing iPad baseband, check ‘Install 06.15.00 iPad Baseband.’ You will be presented with the warning below.
9. Click Build IPSW and hit next. Wait until the custom firmware is ready. Once done, you should find it on your desktop with the file name:
sn0wbreeze_iPhone_3GS-5.1-9B176.ipsw [you can also download it here]
10. Before restoring, you need to ‘pawn’ DFU your iPhone to allow it to accept custom firmware. Otherwise, you will get error 1600. Sn0wbreeze will guide you how to pawn DFU your iPhone using iREB.
11. Launch iTunes 10.6, then while pressing shift on your keyboard, click on Restore. Point it to the custom firmware on your desktop. Wait until the restore is complete. Your iPhone will boot up and you’re ready to unlock it once you’ve gone through the setup process. Just to be sure, go to Settings, General, About and check that your Modem Firmware (baseband) is 6.15.00.
At posting time, the latest ultrasn0w is not yet supported on iOS 5.1. You must intall an ultrasn0w fixer patch first. See below:
12. If you’ve installed ultrasn0w, remove it first.
13. Launch Cydia.
14. Add the following to your source:
http://repo.iparelhos.com
15. Tap on the iParelhos repo to see Ultrasn0w Fixer utility. Tap install to begin installation.
16. Once installation is complete, we need to install ultrasn0w. Launch Cydia.
17. Search for ultrasn0w on Packages in Cydia. If you cannot find it, add new sources by typing ultrasn0w repo:
repo666.ultrasn0w.com (with zero, not o).
18. Install Ultrasnow 1.2.5.
19. Reboot your iPhone. Just in case it’s stuck on Apple logo, run redsn0w again, go to Extras > Just Boot. Follow on screen instructions.
20. Turn off 3G and insert your SIM card. It should pick up your carrier signal.
Common Issues:
- If you get an iTunes error 3194, read here on how to fix it.
- Stuck on loading bar during reboot? This is because the boot is tethered. Run redsn0w, go to Extras then Just Boot.
- In any case if you get error 1015 and recovery loop on the iPhone, this can be resolved using the “Exit Recovery” button using TinyUmbrella.
Good luck and leave your comments or questions below.
Did it work? Buy me a beer! Never required but always appreciated (blogger motivation)!
Share This Article
Sign up Free Email Newsletter
Stay Updates with this Blog. Get Free email newsletter updates, Enter your Email here:Don't forget to confirm your email subcription
101 Comments to “Jailbreak and Unlock iPhone 3GS on iOS 5.1 Using Sn0wbreeze Custom Firmware”
When I am trying to do this sn0wbreeze keeps saying that the IPSW is invalid (79bdeac74a4ffeb3ed1406073701a1a18d)
I got everything to working using sn0wbreeze 2.9.3 and got the iphone to work on tmobile but then it randomly shut off and when i turned it back on it went to a screen that is yellow at the bottom and fades to white at the top. I tried "just reboot" using redsn0w and the "recovery fix" but when the phone reboots, it reboots to the same screen, is there any way to fix this?
Im still getting unknown error (28)
NAND chip corruption… Go to
http://www.beijingiphonerepair.com/fix/iphone-3gs…
Try steps (1) to (3), then do everything above
recently my idevice 3gs automatically upadted to ios 5.1
i jailbreak it but now my signals are gone.
my three numbers are (203) should i follow your guide?
if not then may i get network back by flashing or restore original iTunes ios 5.1 again?
please reply
your model can't be unlocked in any way, if you attempt to unlock it you will brick it
What happened if I restore ios 5.1 by shift + restore by itune in my case?
Can I claim my warranty by saying ios upgrade mess with my phone.
My baseband is 5.16.05 and all numbers are written correctly on general tab of setting.
does shift+restore ios 5.1 by itune also not work? or it will brick it.
i have 5.16.05 and all of my number like imei ccid etc written fine.
Can i claim warranty? with excuse of ios 5.1 upgradation?
yes, that should be ok, but you have no basis to claim for warranty as the phone is functioning and can be used on its official carrier
thanks for your concern brother.
Just tell me two more thing.
1. Is restore by itune safe(i hope it will not brick my phone)?
2. what user like us expect from our half broken device.Do you think there will be solution for his baseband in near future?
Ultrasn0w is not working for BB 6.15.00 on ios 5.1 for 3GS phones.
Please help
try this http://www.beijingiphonerepair.com/hack/unlock-ip…
I had the exact same problem, same BB, and same phone. I also went to 5.1 on Itunes, and then followed the RedSn0w steps to Unlock it again. Jailbreaking wasn't a problem, but the unlock wouldn't work. My phone said I had 6.15.00 BB still on it, and yet nothing. So I went into Redsn0w and installed the ipad BB (6.15.00) even though it said I had it.. and when it finished it worked. It found my carrier (Tmobile). So try that I suppose.. best of luck
I did everything step by step but when I insert my simcard it still says "No SIM".
are you sure the phone is OK?
I followed the direction. Was able to tether boot with redsn0w 0.9.10b6. But my baseband still show 5.16.05. I did do an itune restore once tether booted (is this a mistake?). Suggestion on next step? Should I start over and redo everything again?
you missed step (8)
You are right! I don't recall seeing that message nor seeing the checkbox for it with snowbreeze 2.9.3. Will re-do all the steps over again.
cool
I have 3gs on 6.15.00 on ios 4.1 can i update it to 5.1 using this method???
yes, but the jailbreak is tethered
dont even think about this… i hve bricked my iphone 3gs. its in dfu mode for the last 4 days. tried every soft to pull it back in normal mode but not so far. its not even restoring back to 4.1 and itunes error me 28.
ilocation works well on my iphone 3GS BB 6.15.00 and ios 4.1 jailbreak
after I followed this instruction to ios 5.1, ilocation can't work. how to solve?
Hello! I got the wrong message (1604) in itunes after restore. What can i do?
you didn't pawn DFU your iPhone, see step (10)
Hey dude,
Great help!!!!
Thanks a million….i just felt bored and tried the whole updated thing and success…real awesome for you guys to post things like these. i was gonna have to pay to get the job done but it worked fine.
Again Thanks.
if you sell blogposts on this site, please let me know at : teutz @ teutz . com
I'm stuck at step 11, after itunes restores the iphone it reboots and the apple logo displays on screen with a loading bar that does not fill up. It's been sitting there for the last hour. What can I do?
scroll up, see the end of the post for Common Issues
when i am trying to "just boot" my phone, I simply cant go into pwned mode anymore…you know anything I could do?
sorry, my fault – got it
Works perfectly! Thanks !
great!
My old iPhone (2009) 3GS is on 05.16.05 but it's on 5.0.1 (not on 5.1). Is it a problem? Can I just follow the steps and ignore this issue?
technically it should be fine, but you should do iOS 5.0.1 as the jailbreak is untethered for this iOS
Worked perfectly, thanks a ton!
As soon as I get my refund from the dumbass company that sells unlock service (yeah I thought that'd work
) I'll donate the money to you instead!
thanks Jonas!!
I got unknown error 9 after beginning to update with itunes :/ any help?
restart your computer
Last step is:
Turn off 3G and insert your SIM card. It should pick up your carrier signal.
ANY SIM card will do?
yes because the firmware will hacktivate your iPhone to accept any SIM card
Everything was successful but now I cannot reboot without using redsn0w to get the phone on. I tried to reset the phone as well and cannot do that either, it just get stuck on the revolving circle screen. Any ideas on a fix for this?
the jailbreak is tethered and the only way to boot it is to use redsn0w
It has been ~2 weeks since I followed these steps and everythings is working as expected (no GPS of course). However, I needed to reboot my 3gs twiced due to performance issue. After a few days, some Apps (mail & settings) does not open, or would open and closes itself, or open and just get stuck (3gs itself isn't lock as home button works). A reboot resolve it temporary.
I have not installed anything other than what's necessary to unlock.
Is this expected? Any clues?
thx
did you use redsn0w to reboot it? remember it's tethered jailbreak
Yes. Each time I powered it down, I would (have to since it is a tethered jb as you mentioned) use redsn0w to boot.
I tried this method all went good until trying to restore with the custom version it says error (2005) and before that it got the error (1601) so i couldnt restore it with the custom software but i exited dfu mode and it came back normal at least
any ideas on what could i be doing wrong
error 2005 – your iTunes version must be 10.6 (see step 11)
error 1601 – did not pawn DFU (see step 10)
You MUST follow each step, do not rush
Ok just check my itunes version it is version 10.6
also tried jailbreaking with redsnow and its saying expliot failed so either my iphone in unjailbreakable or it just doesnt want to work
not looking for unlock just only jailbreak
Jailbreak and unlock was successful but not when I try and power cycle the phone it will not boot back up. If I want it to turn back on I have to use redsnow which I do not mind, I just want to reset it but am unable to since it wont reboot. Any clue on a fix?
your NAND chip is corrupted, seperate the logic board from the battery for 4-5 hours, reassemble and then restore again with custom firmware
I followed the instructions but when I inserted my t mobile sim card it just says "NO SERVICE".. what should I do?
I have 3gs 4.3.5 with baseband 5.16.02..this is from week 39 of Dec 2011…Can I follow your steps to get my Iphone Unlocked..the only reason I am asking is that I don't want to brick my phone..
you will brick it
How can I know the current baseband if I haven't activated the phone yet? it's 3gs and I've updated it to 5.1 using itunes.
Download and run iTools from here: http://itools.hk/tscms/index.php?a=webpage&pi…
hello can i change my base band to 06.15.00, my s/n is XX943XXXXXX its a 3gs many thanks
Hello…
serial Number is 881054L53NP
can i jailbreak with this tutorial?
jailbreak is fine, flash with iPad baseband is at your own risk!
Hi, I would very much like to follow your instructions but I'm unable to download sn0wbreeze_iPhone_3GS-5.1-9B176.ipsw from the server you posted since I don't have a Premium Account. Does anyone have a working link to a free download of this? Thanks
Hi!
I used this 2 weeks ago and the jailbreak / unlock worked perfect for my 3GS, however my phone has become really, really slow now and I am unable to use the camera along with a couple of different apps that tryes to load but then just return me to the home screen. By slow I mean that it sometimes takes 10-15seconds for the phone to respond when clicking the home button and sometimes when using safari it freezes, any ideas what it could be or a possible solution?
did you install too many apps? how much space do you have left?
I've got about 15apps and more than 16GB free space
Me too – did you find a solution? My sloooow 3Gs/5.1/6.15 is driving me nuts!!
Im stuck at step 14. there's an erroer when it installs.
Forget what i posted earlier. It worked for me. Thank you very much.
awesome
still no carrier..:((
i got iTunes error -1 does anyone knows whats this
you broke the baseband chips see here http://goo.gl/k914X
I have 3Gs already unlocked and JB with ipad BB but I think it updated itself to 5.1 and now doesn't want the SIM card again and I can't load cydia or safari, everything else works but even when I tried to JB it again it's still the same so I can't fix it via cydia..what now??
the jailbreak is tethered, use iBooty or redsn0w to boot it properly.. see Common Issues above…
oh well I did all of it above except new BB because I already had 6.15.00 and I have signal again!! thank you very much! I hope there are no more automatic updates from apple!!
Hi , how can we restaure it , or downgrade ( if possible )
thanks
This worked for me after long struggles! recommended.
Hi,
I have a 3GS phone which i jailbreaked and unlocked using redsn0w. Now it is on 4.33 (8J2) and baseband 06.15.00.
I want to upgrade it to Ios 5. Please help me with some tutorial link
launch Cydia and check with version of SHSH you have, if you have 5.0.1, build a custom firmware, edit your hosts file and use shift+restore on iTunes to restore
If you don't have it, wait until the untethered jailbreak for 5.1 becomes available
i am not sure where to look for shsh.
but when i open cydia i see first line like this
SHSH : ios 4.1,4.3,55.0.1,5.1
can i build a custom firmware. if yes, please guide me what to do and how to do
build 5.0.1 custom ipsw
Sorry to be pain. you have been helping but it seems i am completely 0 in this.
Could you please explain how to create 5.0.1 custom ipsw with steps
Download sn0wbreeze from ih8sn0w.com, download original IPSW from felixbruns.de, launch sn0wbreeze and follow on screen instructions
Dnt see 5.0.1 listed at ih8sn0w.com.
there is 4.3.5 and 5.1 for 3 GS
just download the latest sn0wbreeze
I downloaded latest sn0wbreeze, created custom ipsw using expert mode. but when i do shit+ restore in itunes (latest version) I get 3194. i checked my host files (on win machines), there was no entries for gs.apple.com . i also tried by adding the entries that also didnt help.
I tried 5-8 times but i always end at 3194.
please help again
3194 is when you don't have your SHSH stored in Cydia
You can only restore to the latest iOS version
what is my option now ?
How to restore to latest version ?
I read one of your answer suggesting to "build custom iOS 5.1.1 with redsn0w". can i do it? is it untethered ?
it's tethered for now
Thank You so much….
I have successfully Unlocked my iPhone 3GS with the help of your steps & now working successfully in INDIA
Just like to add…
Snowbreeze 2.9.2 dosen't worked for me (Ended up with Error code 17)
Snowbreeze 2.9.3 has worked like a charm…
Thanks guys…
I'm on iOS 5.1 iphone 3gs with new bootrom. The phone is manufactured in 2010. I have gotten to the step where the phone starts and there is the empty loading bar. I know I have to boot from redsn0w, but I cannot get the phone into DFU. I've tried so many times, holding down the power button, then both, then the home. And redsn0w will never recognize it in DFU mode.
My itunes won't recognize it either. Not sure what to do next. I cannot get it into DFU mode from the empty loading screen.
I got the same problem, if any body can help us please.
Using 3GS with 5.1 & BB – 06:15:00, Getting error 3194 or Apple Update Software site couldn't be contacted. pls help. Followed all the steps as given above 2-3 times
build custom iOS 5.1.1 with redsn0w, 5.1 is no longer being signed
If I build custom iOS 5.1.1, the above steps will still remains same? in other words, is there a possibility of unlocking the device?? Please confirm/clarify if I need to to follow some steps differently
you can use redsn0w
Did the entire process. Still says no service
reflash your baseband (if it's 6.15.00)
Hello.. I got 5.1.1 for 3GS that WORKED!!!!!.. Thank you so much..
I followed all the steps exactly as shown and the 3GS still reads "no sim card installed". Any advice?
Hello i have download iPhone2,1_5.1_9B176_Restore , and when i brows it with snowbreez probleme ! invalide (79bdeac74a4ffeb3ed1406073701a1a18d) !!!! what should i do plzz helpp !!