Free iPhone fw1.1.1 Unlock Solution

iphone firmware 1.1.1 finlay unlocked by downgrading 1.1.1 and the baseband,both your 1.1.1 virgin iphone and bricked iphone can use iPhone Elite team method

Stealth method :

How to Restore a 1.1.1 phone to 1.0.2 and fix the baseband! (Complete Tutorial)

There are alot of guides out there for downgrading your iphone from 1.1.1 back to 1.0.2 and unbricking it to the point of saying invalid sim. This is where this tutorial will pick up.

1. Put ICE03.14.08_G.eep and ICE03.14.08_G.fls into /usr/bin/

2. Download the Secpack of baseband firmware 4.0 (Can be found here: – you will need to rename this to secpack)

3. Download ieraser2 from or from Geohot’s blog.

4. copy over ieraser2 and the renamed secpack into /usr/bin/

5. SSH into the phone (user: root pass: dottie) and stop the CommCenter by typing
launchctl remove

6. run “bbupdater -v”

7. type “cd /usr/bin/” and then “chmod +x ieraser”

8. run ieraser (just type ieraser) this will WIPE your baseband, given a file “secpack” is in the same directory and this is a version 4 secpack.

9. run ” bbupdater -v ” again. it will not find any firmware now.

10. run ” bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls ”

11. run ” bbupdater -v ” it will tell you you run version 3.14

12. from here use any of your favorite programs like ibrickr to install anySim 1.2 and successfully recover your iphone from a 1.1.1 update.

This guide was written by Stealth to make it easier for people to understand, all of the original info was found @…radingBaseband

Thanks to those people who found this and shared it.

My phone is working on a Rogers network after following this method.

YouTube, Phone Calls, VoiceMail and Texting are working without any problems!

**Edit – As new posts come in that save people alot of time, ill be adding them here to reduce the redundancy of questions**

Here is a rar file i just created containing the ICE03.14.08_G .eep and .fls files, the secpack, and the ieraser that i used.


Originally Posted by coolconb

I can confirm that the method to down grade the baseband that stealth posted works on brand new out of the box 1.1.1 I’ve tested on two already.

thanks alot man

Thanks Serpy for pointing out that i forgot to mention to copy the secpack into the /usr/bin/ folder!

iPhone Elite Method:


How to Downgrade screwed up baseband 4.0 (after anySIM and 1.1.1 firmware upgrade).


Here’s the procedure to downgrade after you upgraded (by mistake) to firmware 1.1.1 on an anySIM unlocked iPhone.


0. Download iPhone 1.0.2 firmware from Apple Here

1. Change ipsw to zip then unpack it.

2. Extract the ramdisk file from it by typing

dd if=009-7698-4.dmg of=ramdisk.dmg bs=512 skip=4 conv=sync

3. Mount the ramdisk by double-clicking it (on Mac). On Windows use some HFS tools to peek inside it or get the files from someone who extracted it already.

4. Put your phone into DFU mode and do option-restore in iTunes. This will reflash everything to 1.0.2. You will get an error at the end because it couldnt reflash the baseband. You will end up with a yellow triangle.

5. Quit iTunes, launch iNdependence then quit it again. Now relaunch iTunes. Press the power button on the iPhone for 3-4 seconds. After about 10 seconds you end up on the activation screen.

6. Complete the baseband downgrade by jailbreaking/activating, installing SSH on to the iPhone etc. There are tons of wiki’s about that so I won’t repeat. (Probably also true for step 4 and 5.)

7. Extract the baseband firmware and EEPROM files of 3.14 from the ramdisk of firmware 1.0.2. The files are named ICE03.14.08_G.eep and ICE03.14.08_G.fls and are located under /usr/local/standalone/firmware.

8. Get the secpack of baseband firmware 4.0 (some people have that, I have no idea how they got it but its needed). I can’t give that one out unfortunately. Name it “secpack”.

9. Download iEraser2 here or from Geohot’s blog.

10. Install all the tools onto the iPhone (I use the location /usr/local/bin.) You need to have SSH access to the 1.0.2 firmware iPhone and upload iEraser2, the secpack, ICE03.14.08_G.eep, ICE03.14.08_G.fls and anySIM 1.0.2.

11. SSH to the phone. Stop CommCenter by typing:

launchctl unload -w /System/Library/LaunchDaemons/

12. Now run:

bbupdater -v

It will tell you you run version 4.01 of the baseband. “bbupdater” is a tool by Apple which is also on the ramdisk.

13. Execute this in the console, to give iEraser executable rights:

chmod +x ieraser

14. Run iEraser2. This will WIPE your baseband, given a file “secpack” is in the same directory and this is a version 4 secpack.

15. Run the bbupdater command again:

bbupdater -v

This time it will not find any baseband firmware

16. Now do:

bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls

This will flash the 3.14.08 baseband firmware back to the iPhone.

17. Now check to make sure it worked:

bbupdater -v

It should tell you the version is 3.14

At this point you will still have an IMEI number starting with 004999… and its not of use yet. So still bricked but at least downgraded to version 3.14.

18. Now run anySIM Version 1.0.2 (note: older versions might not be good here as 1.0.2 has a lot of fixes for this kind of stuff).

19. Start commCenter again:

launchctl load

Now you have an unlocked 3.14 baseband with IMEI being your original one!

Congratulations you now fully recovered from your botched update to 1.1.1 and are back to 1.0.2.

You can stop here if you want to remain unlocked with iPhone firmware 1.0.2 with working phone.

Do you want to return to factory-locked state?

Simply do:

launchctl unload -w /System/Library/LaunchDaemons/

To stop commCenter

then do:

bbupdater -e ICE03.14.08_G.eep -f ICE03.14.08_G.fls

This will reflash the “locked” version of the baseband.

Now restart commCenter:

launchctl load

If you don’t want to pay for iPhoneSIMFree to have a less …bad… unlock solution then stay tuned as we are actively working on our own safe unlock for both 1.0.2 and 1.1.1!

A tool automating all this is in the workings….

Discuss this here:

here is the Secpack:

iPhone Elite Home: