Tutorial:Re-Provisioning iPhone 4 using file system (Incomplete)

From The iPhone Wiki
Revision as of 07:38, 25 February 2011 by Amoamare (talk | contribs) (Prerequisites)
Jump to: navigation, search

Prerequisites

You need:

  • Jailbroken iPhone 4G CDMA with OpenSSH installed.
  • SSH client.
  • pList Editor
  • In order to obtain 3G(EVDO)/MMS on the CDMA iPhone, the Carrier and PRI Signatures must be bypassed either by patching the commcenter or in other methods. As of right now the 4.2.6 Firmware for iPhone CDMA Commcenter has been patched to bypass Carrier Signatures. Still looking/figuring out how to bypass the PRI Signature.
  • To BE clear Re-provisioning your iPhone is in NO WAY illegal. Sense you do NOT have to rewrite/modify/change the MEID on the phone because carriers such as, Cricket, MetroPCS, Pageplus, Pocket and a few other carriers. AGAIN TO BE CLEAR IT IS 100% LEGAL TO RE-PROVISION YOUR CDMA iPhone TO OTHER CARRIERS AS LONG AS YOUR CARRIER IS WILLING TO ACCEPT THE iPhone's MEID.

Setting UP Windows

1. Download Tunnelier, WINSCP, or PUTTY. In this guide we will be using Tunnelier.

  Download Tunnelier Here

2. In order to connect via SSH you must have a Wi-Fi connection setup. Turn on your phone and your phone's Wi-Fi by going to Settings, Wi-Fi, and connect to your networks Wi-Fi connection.
File:Example.jpg

3. In this example will connect to linksys. Once connected you will have the Wi-Fi icon in the status bar at the top. Click on the blue > icon to show details about the connection. Write down or remember the "IP Address". In this example mine is 192.168.1.103, yours might be similar.
File:Example.jpg

4. Install Tunnelier and launch it. Setup your settings similar to this, remember to use your "IP Address" and not mine, this was just an example. See screen shoot. Username: root Password: alpine
File:Example.jpg

5. Press the login button, and you will be presented with two new windows. A "Shell" window and an "Explorer" window.
File:Example.jpg

6. You are now connected to the iPhone4 CDMA using Tunnelier and SSH.


Manually Updating PRL

1. Using the explorer window in Tunnelier browse to "/System/Library/Carrier Bundles/iPhone/Zeppelin_US.bundle".

  File Contents / Size
  310VZW.dmu      260bytes
  310VZW.pri      ***bytes
  310VZW.prl      ***bytes
  carrier.plist   ***bytes
  ERI.plist       ***bytes
  info.plist      ***bytes

2. Backup all the files to your HDD and make another backup of them. This is so you don't have to restore the phone in case something goes wrong.

3. To manually update the PRL to your new carrier's PRL. Get or obtain your carriers PRL from google. In this example I will be using the Cricket_42500.prl

4. Rename your PRL to 310VZW.prl and upload it to "/System/Library/Carrier Bundles/iPhone/Zeppelin_US.bundle" making sure to overwrite the original 310VZW.prl

5. Open carrier.plist in a pList editor. For Windows I use "pList Editor" Look for "PRL Push Flag" and enable "True".

  Normally
  <key>PrlPushFlag</key>
  <false/>
  Switch to True
  <key>PrlPushFlag</key>
  <true/>

6. Save the newly edited "carrier.plist" MAKE SURE NOT TO CHANGE ANYTHING ELSE. You will break the sign if you do. After you save upload and overwrite the old "carrier.plist" found in "/System/Library/Carrier Bundles/iPhone/Zeppelin_US.bundle". Reboot your phone.

7. Once the phone completes rebooting you "WILL NOT" have service. Thats normal. You will now need to "SSH" back into the phone and edit the "carrier.plist" boolean to say "false" like it originally was.

8. After you have uploaded the new "carrier.plist" with the boolean as "false" this time. Reboot the phone again.

9. Once your phone powers on check the PRL version by dailing *#5005*4357#, send. Your carriers new PRL should now be installed.
NewPRL.jpg


Modifying The PRI

First thing's first. As of right now the PRI needs to be signed. There is no way of getting the phone to write the PRI back to the phone until the signature is either figured out or bypassed.

You can open the PRI using a "pList" editor. In my case for windows I use "pList Editor". The PRI contains information about the carriers, ERI, EVDO, NAM, OTA Features, and Other Misc stuff.

1. Will write more.

2. For those wondering after they edit the PRI you need to incremint it in "carrier.plist" by 1. Where it shows "PRI Version".

  Original 
  <key>PriVersion</key>
  <string>00.01.023</string>
  
  New
  <key>PriVersion</key>
  <string>00.01.024</string>

3. Once you change file version to 1 number higher, just restart the phone. You check that it tries to write by enabling "syslog". Problem is because it needs to be signed. It just currently crashes the baseband untill you revert the PRI version back to the 00.01.023.


Modifying The ERI

Reserved...