rss

How to Unlock iPhone 3GS Baseband 05.16.01 & 05.16.02 on iOS 4.3.3?

Author: Ben Johnson on May 15, 2011

WARNING: DO NOT install the iPad baseband on the 3GS. The newer 3GS (week 36 & above of the year 2011 (Serial No:xx136xxxxx)) will DEFINITELY brick your device during 06.15 baseband flash. It has been confirmed to permanently damage the built-in radio hardware, thus rendering it useless pretty much forever. It doesn't matter whether you integrate it into a custom IPSW or use Redsn0w. As of now the only solution is to return to Apple store & get it replaced. The iPad BB unlock solution had its share of happy times & now its over. So think twice. The older iP3GS's (week 35 & below) are safe. A more detailed discussion about this can be found at JailbreakQA.

Here is a complete step-by-step guide to jailbreak and unlock iPhone 3GS 05.16.01 or 05.16.02 baseband on iOS 4.3.3. For those who do not know, restoring stock iOS 4.3 IPSW on your iPhone upgrades its baseband to 05.16.01 and restoring stock iOS 4.3.1, iOS 4.3.2 or iOS 4.3.3 IPSW will upgrade your iPhone 3GS baseband to 05.16.02. As both of these bands are less in value than 06.15.00, so it is technically possible to upgrade them to iPad baseband which is unlockable using Ultrasn0w 1.2.3.

WARNING: After upgrading your iPhone 3GS to iPad baseband, you MIGHT lose your GPS functionality. MuscleNerd of iPhone Dev-Team has already promised to devise a downgrade method for iPhone 3GS/3G iPad baseband users which should restore GPS functionality. Before continuing, please read the conclusion at the end of this note.

Redsn0w 0.9.6RC16 (Main)

Jailbreak iOS 4.3.3 on iPhone 3GS on Windows or Mac Using Redsn0w:

These steps below will help you to jailbreak and upgrade your iPhone 3GS 05.16.01 or 05.16.02 baseband to iPad baseband. If you are already jailbroken on iOS 4.3.3 but do not have iPad baseband, you still need to follow the steps below to re-jailbreak and upgrade your baseband to 06.15.00. If you are already jailbroken on iOS 4.3.3 and have iPad baseband, skip to step 18.

  1. Download iTunes 10.2.2 for Windows or Mac OS X from here
  2. Download Redsn0w 0.9.6RC16 for Windows or Mac OS X from here
  3. Download stock iOS 4.3.3 IPSW for iPhone 3GS from here.
  4. Launch Redsn0w 0.9.6RC16 and click on the Browse button. Select iOS 4.3.3 IPSW which you downloaded in step 3 and let Redsn0w to process the provided IPSW.

    5. Browse for iOS 4.3.3 IPSW

  5. If your iPhone 3GS has new-bootrom, choose YES and if your iPhone 3GS has old-bootrom, choose NO. If you are unsure about the bootrom of your iPhone, use iDetector tool by iH8sn0w.

    6. iPhone 3GS Old+New Bootrom

  6. Once IPSW has been successfully processed and identified, click on the Next > button.

    7. Redsn0w 0.9.6RC16 (IPSW Successfully Identified)

  7. Now wait while Redsn0w patches the kernel of the provided IPSW.

    8. Redsn0w 0.9.6RC16 (Patching Kernel)

  8. ( Update: Please read the Updates section towards the end of this post first before proceeding. )
    Choose Install Cydia and Install iPad baseband from the available jailbreak options. If you have jailbroken your device already, then please do not tick the Install Cydia option again.

    9. Redsn0w 0.9.6RC16 (Install iPad Baseband)

  9. Now you will see iPad baseband upgrade warning. Read it and if you agree to the involved risks, click YES. Click on the Next > button to continue.

    10. iPad Baseband Warning

  10. Connect your iPhone to your PC or Mac via USB cable and make sure it is completely powered OFF.

    11. Redsn0w 0.9.6RC16 (Prepare for DFU)

  11. Now use the following instructions to put your iPhone in DFU mode:
    • Hold down the Power (corner) button for 3 seconds.
    • Without releasing the Power button, also hold down the Home (bottom center) button for 10 seconds.
    • Without releasing the Home button, release the Power button BUT KEEP holding the Home button for 15 seconds until Redsn0w detects your iDevice in DFU mode.

    Redsn0w 0.9.6RC16 (DFU Instructions)

  12. Now wait while Redsn0w fetches the iPad baseband files. This will take sometime depending on the speed of your internet connection, so be patient.

    13. Redsn0w 0.9.6RC16 (Fetching iPad Baseband Files)

  13. Once iPad baseband files has been downloaded, Redsn0w will patch the iBoot of your iPhone using Limera1n exploit.

    14. Redsn0w 0.9.6RC16 (Exploiting with Limera1n)

  14. Now wait while Redsn0w uploads the patched ramdisk to your iPhone. Once done, your iPhone will reboot automatically.

    15. Redsn0w 0.9.6RC16 (Uploading Ramdisk)

  15. Thats it. Click on the Finish button to close Redsn0w. Rest of the process will be done on your iPhone.

    16. Redsn0w 0.9.6RC16 (Done)

  16. Once your iPhone has been fully jailbroken and hacktivated on iOS 4.3.3, it should be running iPad baseband. To confirm this, go to Settings -> General -> About and see the value in-front of Modem Firmware. It should be 06.15.00 which represents iPad baseband.
  17. Go to Cydia and install Ultrasn0w 1.2.3 by following this guide.

    18. Install Ultrasnow 1.2.3

  18. Once done, reboot your iPhone and enjoy your fully jailbroken and unlocked iPhone 3GS on iOS 4.3.3.

    19. iPhone 3GS Unlocked on iOS 4.3.3

Update#1: Many users reported in comments that Redsn0w crashes while fetching iPad baseband files from Apple servers. As suggested by Kristina and Nicolas in comments, here are the two workarounds:

  • You are using wrong bootrom version in step 6. If your bootrom is NEW then choose YES and if your bootrom is OLD then choose NO.
  • First choose Cydia in step 9 and complete the procedure. Re-run Redsn0w (Skipping step 1, 2, 3 & 4) and choose Install iPad baseband in step 9. Do NOT choose Cydia and Install iPad baseband at the same time.

Update#2: Fix iPhone 3GS (iPad Baseband) Battery Life Issues on iOS 4.3.3 [Tips]



Older Comments
Newer Comments
  • Nirmal

    Can I use this guide to unlock my iPhone 3Gs having iOS 4.3 with BB 5.16.01 ?. Do I have to just point to 4.3 stock IPSW instead of 4.3.3 mentioned in this tutorial ? Thanks.

    • http://twitter.com/pram0dm Pramod

      Yep, that's all what you need to do. Also, use JBMe to jailbreak your device because Redsn0w is still tethered for iOS 4.3.

  • Alex Quintana

    what i was thinking was... Downgrade my 3GS iOs 4.3.5 to 4.3.3 and upgrade my BB from 5.16.02 to 6.15.00... that is possible right?

    what IPSW do i need to download so i can downgrade my iOs version?

    Thanks for the quick replies.

    • http://twitter.com/pram0dm Pramod

      You can perform the update of your BB by following the same set of instructions, but instead point Redsn0w to iOS 4.3.5 as this is the iOS that your currently running on your device. So download iOS 4.3.5 & use Redsn0w 0.9.9b8 for your update.

  • Alex Quintana

    do i need to download the stock IPSW before i can do the jailbreak or just boot will be ok... how can i downgrade iOs 4.3.5 to 4.3.3 so that ican chane the baseband to unlock it?

    • http://twitter.com/pram0dm Pramod

      You can't downgrade your BB unlike the iOS if that's what you want to try. A BB update is always a permanent change.

  • Anil

    Worked perfect. Thank you

  • Alex Quintana

    I just purchased an Iphone 3GS iOs 4.3.5 with baseband 5.16.04. the seller told me it was unlocked. when it arrived the battery was drained. i charged it and tried it out... i saw cydia but it was not opening, when you click it it just closed instantly. also, the same with safari... so i can't connect to a wifi hotspot and browse the web. what is the problem with this? and how can i fix it? thank you for your help

    • http://twitter.com/pram0dm Pramod

      Your iPhone is jailbroken tethered on iOS 4.3.5. So each time you reboot / shut down your device, you need use Redsn0w's Just Boot option to boot it back & get the stock apps & Cydia working.

  • Asif

    hi, i just restored my iphone with ios 4.3.3 and then tried to jailbreak it as well as change the baseband through redsn0w but nothing happens as it get to the step fetching ipad baseband files pls wait and it just stucks there for more than 10 mins then the redsn0w automatically closes itself.......then i tried next time and just marked install cydia and so it did and i jailbroken the firmaware (4.3.3) but when i am again trying to change the baseband same problem is happening .....don't know what to

    help will be greatly appreciated
    thank you

    • http://twitter.com/pram0dm Pramod

      Run Redsn0w with the Windows XP SP3 compatibility mode. That's should do the trick.

  • salvatore

    Hi after jailbreak iphone 3g ios 5.01 no network service ..help me!!

    • http://twitter.com/pram0dm Pramod

      You need to wait until the Dev-Team pushes out an Ultrasn0w update for iOS 5.0.1.

  • ROCKER

    Which one do you think i should choose, i have no idea? i heard 4.1 saves more battery life!

    btw i dont have shsh blobs saved, is this required for me to do the restore?
    kindly a bit more detailed instructions would help me much :)

    • http://twitter.com/pram0dm Pramod

      Well, if you don't see any SHSH blobs already on Cydia (as detailed in the picture), then you can't pretty much restore to any iOS versions at all. As of now, the only option for you is to restore back to the iOS that your currently running & not anything else.

  • ROCKER

    Hi thanks for your prompt reply,

    by the way yes I did unlock my iphone with your tutorial myself so I believe I can do a restore to a custom IPSW by my self too, don't you think?

    Can you provide me FULL instructions (because im quiet new to the jargon used in apple software) for the steps you mentioned please?

    "You need to always restore to a custom IPSW i.e if your an unlocker & have the necessary SHSH saved for your device / iOS on Cydia already."

    thanks in advance :)

    • http://twitter.com/pram0dm Pramod

      Fire up Cydia first & check the iOS versions that's listed here http://bit.ly/qS5bjW. You can only restore to them, so first decide to which one you would like to restore to.

  • ROCKER

    Hi,

    My phone is slow after unlocking and jailbreaking from this blog, may be its normal because this seems to be so since recently, it was smooth for about 3 months.
    if i restore this device from itunes will it lock the device or will I only have jailbreak it again?

    i just need to get it back to a fresh start, how can I do this?

    some advice please??

    • http://twitter.com/pram0dm Pramod

      Your device becomes slow / non-responsive if you have tons of tweaks / apps running that you may have installed over the course of 3 months or so. Unlocking your device has got nothing to do with how fast your device runs. You need to always restore to a custom IPSW i.e if your an unlocker & have the necessary SHSH saved for your device / iOS on Cydia already.

  • Naveen

    Thanks for the tutorial here. My 3gs was on 4.3.3 and 5.16.02 bb. I followed the steps here to first install cydia and then upgraded the bb to 06.15.00.

    It worked fine until Step 16.

    And now I am trying Step 17, when I open cydia, it is stuck at the "preparing file system" screen forever. I tried to redo steps 1 to 16 but no help.

    Any advice? Thanks.

    • http://twitter.com/pram0dm Pramod

      Did you redo the Install Cydia option over an already jailbroken iPhone via Redsn0w?

      • Sami

         I have the same probleme. I didn't try any other thing else.
        A solution?
        Thank you!

  • Ritul Sonania

    Hi Pramod,

    I tried saving the shsh blobs with Redsn0w 0.9.9b6 too but that didnt work
    it say 14 of 16 blobs verified.

    Also, I told you wrong baseband, mine is 5.15.4, tell me there is any way to unlock it without ipad bb upgrade. And if not, what needs to be done to unlock it :)

    Ritul

    • http://twitter.com/pram0dm Pramod

      Shouldn't be so. Rerun Redsn0w once again & make sure that you have saved them first. If not, use iFaith instead to save them.
      There is no way to unlock your device at the moment than to update your BB to the iPad BB whilst keeping all the risks & consequences in mind. To unlock, follow this same guide by pointing Redsn0w to iOS 4.2.1 instead of 4.3.3. The rest of the procedure are all the same.

  • Gary Craine

    Hi,i updated to 5.0 also!!!!!...,i have my SHSH BLOBS saved upto and inc 4.3.5 but when i try to downgrade like i have done a million times before i keep getting error 3200 when restoring with itunes???
    Ive tried all the usual stuff i.e checking/unchecking the correct boxes on tiny umbrella,i also downloaded the ios for 4.3.3 from Felixsbruns like usual,but something keeps causing the error,i also get error 20 thrown in occasionally for good measure!!!
    Im no iphone hacker but ive got a fairly good understanding on jailbreaking & downgrading and have never had a problem besides when we were ALL waiting for the 4.2.1 jailbreak release race.
    Im pretty sure i remember checking this previously and that im running the old bootrom!!
    Please help

    • http://twitter.com/pram0dm Pramod

      Its because the Apple servers are currently failing to process your current restore requests. Wait out for a few hours before you try it the next time & all should be good by then.

  • Ritul Sonania

    Hi,

    I have just got a locked ATT iphone 3GS.
    it has baseband 5.16.2 and firmware 4.2.1

    I want to have it unlocked, jailbreak is not necessary as of now.

    I have few questions to it -
    1. I am not able to save shsh blobs of any version for this phone. It says .."you are just late". So I am assuming I would nt be able to restore it. So what shall I do ? and in case something goes wrong.. do I need to put iOS5 ?

    2. If I put a custom IPSW of 4.3.3 then what would happen to baseband ? and whether it will be unlocked?

    3. What shall I do, If I have to preserve my baseband + I need to have an unlocked phone.

    Please assist, I dont want mess up this phone.

    Regards,
    Ritul

    • http://twitter.com/pram0dm Pramod

      1. Use Redsn0w 0.9.9b6 to save your current 4.2.1 SHSH onto Cydia. (Under Extras>>SHSH blobs option) Unfortunately, this is the ONLY SHSH that you can currently save for your device / iOS. If saved & in case something goes wrong, you will be able to revert back to iOS 4.2.1.
      2. A custom IPSW will always preserve your BB no matter what. But to restore to that particular iOS version, you need to have its SHSH.
      3. Use a custom IPSW for you restores.

  • KOK

    Hi, I'm a newbee to iPhone. (3Gs iOS 4.3.2 bb05.16.02)

    Could anyone advise if this step-by-step is a tethered or untethered solution??

    Thanks.

    • http://twitter.com/pram0dm Pramod

      For 4.3.2, you can use the same procedure by pointing Redsn0w to the stock 4.3.2 iOS & it is an untethered JB. Make sure that your already aware of the risk of updating your BB to the iPad BB & only then follow this post. ( Google it if necessary. )

  • Kebson

    I have an iphone 3gs running 4.3.5 with bb 05.16.02 (I lost my jailbreak and my unlock by upgrading from 4.0.1 to 4.3.5, i have no shsh but i have an old bootrom), i heard that apple still signing the ios 4.1, so i want to know if after downgrading my iphone to 4.1 I can then upgrade it to 4.3.3 and apply your tutorial? and by the way when one upgrade or downgrade the ios did it affect the baseband, would it change the baseband (maybe frotunatly change it to an unlockable version lol)....thanks a lot

    • http://twitter.com/pram0dm Pramod

      Nope. You can very well downgrade to iOS 4.1 using a custom IPSW, but you can't update to iOS 4.3.3 w/o really having an SHSH saved for that version. Also, make sure that your aware of the forever consequences that comes with the iPad BB update. (Google it.)

  • http://n/a Onur

    if accidently updated ios 5 on 3gs 06.15.00bb , iphone cant unlock with ultrasnow, i've solved the problem like that:

    - with tiny umbrella install 4.3.3 original (if u have shsh for 4.3.3) and then run redsn0w_win_0.9.9b4 select the original restore 4.3.3 file and install cydia and ipad baseband (my iphone is in old bootrom by the way)

    - if the process complete phone can unlock with ultrasnow 1.2.4...
    (sorry for my bad english but hope all understand that)

    • http://twitter.com/pram0dm Pramod

      Yep, that's the right way.

  • mike

    stuck on black screen saying - applebcmwlan::handleok it busy watchdog timeout(): error, no successful firmware do wnload after 60000 ms!! Giving up. What do i do now?? Please?

    • http://twitter.com/pram0dm Pramod

      Its because there isn’t a completely successful install of an iOS on your device just yet for it to work with. Did you restore your device by using a valid saved SHSH for your device / iOS or not ?

  • Matt

    I accidently updated my iphone 3gs to iOS 5. I got excited and forgot it was jailbroken (yes, i'm an idiot). I'm having a hell of a time fixing it so my phone is functional. what do i do?

    • http://twitter.com/pram0dm Pramod

      Did you by any chance rely on an unlock & then update to iOS 5? Explain what's not working on your device as of now.

  • dejan

    can u send me the article again pls?

  • Sjinobi

    Thanks!

    I had the problem with the crashing redsn0w, but first running redsn0w with only install cydia and after that install ipad baseband worked for me:)

  • TJ

    idk how i got rc19.. got rc16 followed the instructions.. just checked my VM so it worked.. Thank you for the guide. btw i enabled verbose booting and got stuck at the itunes thing.. just add a few seconds to the steps for entering DFU..

  • Deepika Jain

    Hi, no dont want to downgrade to Ipad BB,

    Cant i use redsnow and jailbreak my phone..
    Ip 3gs 4.3.4 and 05.16.02...
    i want the adroid lock and sbs setting features..

    • http://twitter.com/pram0dm Pramod

      iOS 4.3.4 is still a tethered JB. If you know what are the drawbacks of a tethered JB, then yes, you can use the latest Redsn0w0.9.9b5 for the same.

  • TJ

    I have redsn0w_mac_0.9.6rc19 and don't get the option to install the IPad baseband.. I'm trying to unlock an Iphone 3GS which is already unlocked at 4.3.3 (8J2) & 05.16.02.. idk how it got to the state it is but cydia is on it. what am I missing i tried both the newer (first) and older options.. the SN starts with 5K023.. so is this phone just an ipod touch now?

    • http://twitter.com/pram0dm Pramod

      Use Redsn0wRC18 / Redsn0w 0.9.9b5 instead. That version of redsn0w doesn't have the Install iPad BB option.

  • dejan

    yeah i am stuck on black screen\dfu mode but the error doesnt show up

    • http://twitter.com/pram0dm Pramod

      Can't do anything w/o a valid SHSH saved for your device. You will know why once you have read the article I linked you to in my previous reply.

Older Comments
Newer Comments