Steven0Ritt
07-12-2012, 12:54 AM
EDIT: This is just a quick TEXT tutorial. I Made a WAY better tutorial on insanelyi with pictures and videos. Check it out here ([How to] Fully Unlock CDMA iPhone 4S 5.1.1 And fix MMS, Data, iMessage, FaceTime, and Carrier Settings - insanelyi ([Only registered and activated users can see links])) Not trying to promote traffic to their website, I just didn't want to take another 2 hours putting it here.
After a week of looking for solutions to every problem the Gevey Ultra S Unlock
causes, I've finally gotten everything working. I figured there's a lot of
people who also need this information so I'm making this tutorial.
Since there is a lot to do to have a fully-functional iPhone 4s on an
unsupported carrier, such as T-Mobile US in my case, I've split this tutorial
into 6 sections.
Section I: Jailbreaking your iPhone 4s
Section II: Installing Furi0us Mod and Unlocking via Gevey Ultra S
Section III: Patching the CommCenter
Section IV: Fixing FaceTime / iMessage
Section V: Misc. Fixes and Cosmetics
Section VI: Fixing MMS
Basically, before we start, let's understand what needs to be done. For a
fully-functional iPhone 4s, we want talk, text, mms, data, and all the iOS
specific features of a phone such as iMessage and FaceTime.
Now let's go over what tools you need as well as what knowledge. OBviously
you'll need a computer, and on that computer you'll need to install 3 new
programs. First we need absinthe 2.0.4 to jailbreak the iPhone, download it
here (Greenpois0n.com ([Only registered and activated users can see links])). Next is i-Funbox which can be downloaded from
here (i-FunBox | File Manager, Browser, Explorer, Transfer Tool for iPhone, iPad & iPod ([Only registered and activated users can see links])). Next we need a Hex Editor. I Prefer HxD, which can be
downloaded here (HxD Hex Editor - CNET Download.com ([Only registered and activated users can see links])).
NOTE: Most of the steps can cause system instability and force you to restore
your iphone and start over. So read, re-read, and re-re-read this tutorial
until you have it memorized.
START!
-Section I- Jailbreaking
Connect your iPhone and open up iTunes.
Right click your iPhone in the sidebar and hit Backup.
After your iPhone's backed up, restore it.
Once it finishes, dont do anything on the phone yet, it will say iPhone has
been activated on CDMA network (if you don't have the original SIM card) in
iTunes.
Click OK, then register your iPhone.
Click Set up as new iPhone and choose not to sync apps or contact data. Wait
for it to finish syncing. (Helpful tip: Deselect Open iTunes when this device
connects while you're at it.
Close iTunes and open up absinthe 2.0.4.
You might have to unplug and plug your iPhone back in for it to read.
Click Jailbreak.
Wait until it says "Done! Enjoy."
You have officially jailbroken your iPhone 4s.
Restore your iPhone using the Backup you made earlier.
-Section II- Unlocking
On your iPhone, open up Cydia and wait while it rearranges the filesystem.
After it resprings, open Cydia again, click expert, ok. Click the Manage tab.
Click Sources, Edit, Add, and add this repository
([Only registered and activated users can see links]), click add source.
Within that repository, find Furi0usMod-iPhone4s that says iOS 5.1.1 under it.
Click install, then continue queuing.
Also add to the install list: OpenSSH and Link identity editor (can be found
under Development Section)
Install them all. Close out of Cydia when they finish installing.
Place the White Reset sim ontop of your Gevey Ultra S and insert them both into
your iPhone. (Verizon iPhone users place your unofficial sim card on top of the
Gevey, as this step is unnecessary)
Reboot your iphone. A list will show up, click the carrier your Phone is locked
to.
Remove the Gevey and replace the White sim with your unnoficial sim (Verizon
users already did this). Reboot iPhone again.
Wait until a popup appears saying you have successfully unlocked with Gevey. It
will have a 6-digit register code. Write this code down.
Open up Furi0usMod, input your code and hit register. Turn both items on if
they are not. Reboot once more.
The same "Success" screen from earlier will pop up 3-4 more times. just keep
hitting accept. After a bit, your unofficial carrier name should pop up on the
left of the status bar.
You have officially unlocked your iPhone 4s.
NOTE: Some of you may be satisfied with your iPhone at this point, but iMessage
and FaceTime will not work. MMS and Data APNs also need fixed. The voicemail
button in the phone app will not work, and all the carrier settings will be
messed up if you live in the US. To fix this, we need to edit certain carrier
setting files, which CommCenter will reject because their Signatures will no
longer be valid. So now we need to patch CommCenter to accept unsigned carrier
bundles.
-Section III- CommCenter
Plug your iPhone in and open up i-Funbox.
Click Raw Filesystem and navigate to
/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter
Copy this file to a folder or your desktop.
Open CommCenter in HxD,
Navigate to offset A9C00. look for 30 46. Change it to 01 20. Save the file.
Replace the CommCenter File on you iPhone with the modified one. DO NOT REBOOT.
Click SSH Terminal under USER's iPhone | iPhone 4S (5.1.1)
Type ldid -s
/System/Library/Frameworks/CoreTelephony.framework/Support/Commcenter. Click
Enter.
Type chmod +x
/System/Library/Frameworks/CoreTelephony.framework/Support/Commcenter. Click
Enter.
Click on USER's iPhone | iPhone 4S (5.1.1) and then Device Safe Eject. After it
Disconnects, Reboot your iPhone. If it reboots properly, congratulations, you
have successfully patched CommCenter.
If it doesn't, your only option is to put it in DFU mode and restore.
NOTE: The last three steps, if done properly, can all be done at once before
rebooting.
-Section IV- FaceTime/iMessage
You will either need to 'obtain' iFile from cydia, or download a plist editor
for your computer. This depicts the iFile route.
Open iFile on your iPhone. Navigate to /System/Library/Carrier
Bundles/iPhone/00101/carrier.plist.
Make a backup of this file (as well as all others we edit).
Open the file in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set it to: +011447786205094.
Find RedialOnRRCConnection and Change it to ON.
Save the file.
Go back to carrier bundles and find Unknown.bundle/carrier.plist.
Open the file in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set all 10 sets of numbers to
+011447786205094.
Save the file.
Open the carrier bundle your iPhone is locked to (this can be found by opening
the settings app, going to General, About, and looking at the Carrier).
Open the carrier.plist file in that bundle in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set it to +011447786205094.
Click the plus in the bottom right of the screen.
Type RedialOnRRCConnection. Type: Boolean. Click Create. Switch it to ON.
Click Done.
You can reboot now or continue to Section V without rebooting.
After you reboot, switch FaceTime and iMessage off then on and they should
activate.
-Section V- Misc. Fixes and Cosmetics
Open iFile and navigate to the carrier bundle your phone is locked to.
Open the carrier.plist file in property list viewer.
Tap apns. 0: is your Data APN. 1: is your MMS APN. Change these to match your
SIM carriers recommended APNs, and find your carriers correct MMS settings
while you're at it.
NOTE: Those using this unlock for T-Mobile US, i will have all the correct
settings at the end.
Change CarrierName to your carrier's name.
Tap MMS. Change these settings to match your SIM carriers recommended MMS
settings.
MyAccountURL and MyAccountURLTitle Show up under Phone/Services in the settings
app. Change MyAccountURL to the web address you use to sign in to your carriers
account. Change MyAccountURLTitle to something like Carrier MyAccount. (These
can be anything you want, the URL could be facebook if you want it to).
Tap Services. Change each dictionary to a number code you use to e.g. check
minutes. e.g. ServiceName: Check Minutes, ServiceCode: #646#
Find VoicemailPilotNumber. Change this to the number you would call to check
your voicemail. Dont forget country code e.g. US - +1.
Save the file.
Reboot your iPhone.
Your Phone should now seem as though it's on the right carrier.
Test the voicemail button and go through your settings to make sure you did
everything right. You should see no sign of the other carrier.
NOTE: Section VI was going to be manually editting apns from the settings app,
but I found the much easier and permanent carrier.plist solution after I'd
written the first half of this tutorial. When I was doing Section V it made
sense to stick it in there instead. If you go to settings, General, Network
Cellular Data Network, and it has the wrong settings, click reset Network
settings. This will reset them to the defaults from the carrier.plist file that
we editted.
-Section VI- MMS
The only thing we need to do to fix MMS, since we did most of it in Section V,
is add a UA Prof URL. Go to Settings, General, Network, Cellular Data Network,
MMS UA Prof URL. Make it ([Only registered and activated users can see links]).
If you hit Reset Network Settings after this, this is the only thing you need
to re-enter.
-Congratulations!!!!!-
You've official cleaned up the mess of an unlock that the Gevey Ultra S
provides.
Try to avoid anything on Cydia that could cause system instability, since
you'll have to start from scratch again :(
I spent MANY hours figuring all this out, compiling it all, and making a
tutorial, so please thank me and give me credit when it's due. Thanks :D. I'll
Be posting this on several iPhone oriented websites since I believe this
information is desperately needed for a lot of people.
If you dont understand something please respond and I will try to help. I will
be constantly monitoring to respond fast and make this easy for everyone.
-Credits-
Jailbreak: Chronic Dev Team - Greenpois0n.com ([Only registered and activated users can see links])
Unlock: Gevey Ultra S - Apple N Berry | Your iPhone Repair and iPhone Unlock Specialists ([Only registered and activated users can see links])
CommCenter Patch Tut: MrFabius - Guide to Patch CommCenter 5.1.1 Iphone 4S - insanelyi ([Only registered and activated users can see links])
patch-commcenter-511-iphone-4s/
FaceTime/iMessage Fix: cooldayr - Support: How to fix iMessage/Facetime for Gevey users on iPhone 4/4S ([Only registered and activated users can see links])
Misc. Fixes and Cosmetics/MMS: Steven0Ritt (ME)
Full tutorial: Steven0Ritt (ME)
T-Mobile US carrier.plist settings
APNs:
0: epc.tmobile.com
1: epc.tmobile.com
CarrierName - T-Mobile
MMS:
GroupModeEnabled - ON
MaxImageDimension - 1024
MaxMessageSize - 1048576
MaxRecipients - 10
MaxVideoBitrate - 131072
MMSC - ([Only registered and activated users can see links])
Proxy - 216.155.165.50:8080
MyAccountURLTitle - T-Mobile MyAccount
MyAccountURL - ([Only registered and activated users can see links]
src=myaccount&redirectUrl=[Only registered and activated users can see links])
Services:
ServiceName - Check Minutes
ServiceCode - #646#
ServiceName - Check Text Usage
ServiceCode - #674#
ServiceName - Check Balance
ServiceCode - #225#
VoicemailPilotNumber - +18056377243
After a week of looking for solutions to every problem the Gevey Ultra S Unlock
causes, I've finally gotten everything working. I figured there's a lot of
people who also need this information so I'm making this tutorial.
Since there is a lot to do to have a fully-functional iPhone 4s on an
unsupported carrier, such as T-Mobile US in my case, I've split this tutorial
into 6 sections.
Section I: Jailbreaking your iPhone 4s
Section II: Installing Furi0us Mod and Unlocking via Gevey Ultra S
Section III: Patching the CommCenter
Section IV: Fixing FaceTime / iMessage
Section V: Misc. Fixes and Cosmetics
Section VI: Fixing MMS
Basically, before we start, let's understand what needs to be done. For a
fully-functional iPhone 4s, we want talk, text, mms, data, and all the iOS
specific features of a phone such as iMessage and FaceTime.
Now let's go over what tools you need as well as what knowledge. OBviously
you'll need a computer, and on that computer you'll need to install 3 new
programs. First we need absinthe 2.0.4 to jailbreak the iPhone, download it
here (Greenpois0n.com ([Only registered and activated users can see links])). Next is i-Funbox which can be downloaded from
here (i-FunBox | File Manager, Browser, Explorer, Transfer Tool for iPhone, iPad & iPod ([Only registered and activated users can see links])). Next we need a Hex Editor. I Prefer HxD, which can be
downloaded here (HxD Hex Editor - CNET Download.com ([Only registered and activated users can see links])).
NOTE: Most of the steps can cause system instability and force you to restore
your iphone and start over. So read, re-read, and re-re-read this tutorial
until you have it memorized.
START!
-Section I- Jailbreaking
Connect your iPhone and open up iTunes.
Right click your iPhone in the sidebar and hit Backup.
After your iPhone's backed up, restore it.
Once it finishes, dont do anything on the phone yet, it will say iPhone has
been activated on CDMA network (if you don't have the original SIM card) in
iTunes.
Click OK, then register your iPhone.
Click Set up as new iPhone and choose not to sync apps or contact data. Wait
for it to finish syncing. (Helpful tip: Deselect Open iTunes when this device
connects while you're at it.
Close iTunes and open up absinthe 2.0.4.
You might have to unplug and plug your iPhone back in for it to read.
Click Jailbreak.
Wait until it says "Done! Enjoy."
You have officially jailbroken your iPhone 4s.
Restore your iPhone using the Backup you made earlier.
-Section II- Unlocking
On your iPhone, open up Cydia and wait while it rearranges the filesystem.
After it resprings, open Cydia again, click expert, ok. Click the Manage tab.
Click Sources, Edit, Add, and add this repository
([Only registered and activated users can see links]), click add source.
Within that repository, find Furi0usMod-iPhone4s that says iOS 5.1.1 under it.
Click install, then continue queuing.
Also add to the install list: OpenSSH and Link identity editor (can be found
under Development Section)
Install them all. Close out of Cydia when they finish installing.
Place the White Reset sim ontop of your Gevey Ultra S and insert them both into
your iPhone. (Verizon iPhone users place your unofficial sim card on top of the
Gevey, as this step is unnecessary)
Reboot your iphone. A list will show up, click the carrier your Phone is locked
to.
Remove the Gevey and replace the White sim with your unnoficial sim (Verizon
users already did this). Reboot iPhone again.
Wait until a popup appears saying you have successfully unlocked with Gevey. It
will have a 6-digit register code. Write this code down.
Open up Furi0usMod, input your code and hit register. Turn both items on if
they are not. Reboot once more.
The same "Success" screen from earlier will pop up 3-4 more times. just keep
hitting accept. After a bit, your unofficial carrier name should pop up on the
left of the status bar.
You have officially unlocked your iPhone 4s.
NOTE: Some of you may be satisfied with your iPhone at this point, but iMessage
and FaceTime will not work. MMS and Data APNs also need fixed. The voicemail
button in the phone app will not work, and all the carrier settings will be
messed up if you live in the US. To fix this, we need to edit certain carrier
setting files, which CommCenter will reject because their Signatures will no
longer be valid. So now we need to patch CommCenter to accept unsigned carrier
bundles.
-Section III- CommCenter
Plug your iPhone in and open up i-Funbox.
Click Raw Filesystem and navigate to
/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter
Copy this file to a folder or your desktop.
Open CommCenter in HxD,
Navigate to offset A9C00. look for 30 46. Change it to 01 20. Save the file.
Replace the CommCenter File on you iPhone with the modified one. DO NOT REBOOT.
Click SSH Terminal under USER's iPhone | iPhone 4S (5.1.1)
Type ldid -s
/System/Library/Frameworks/CoreTelephony.framework/Support/Commcenter. Click
Enter.
Type chmod +x
/System/Library/Frameworks/CoreTelephony.framework/Support/Commcenter. Click
Enter.
Click on USER's iPhone | iPhone 4S (5.1.1) and then Device Safe Eject. After it
Disconnects, Reboot your iPhone. If it reboots properly, congratulations, you
have successfully patched CommCenter.
If it doesn't, your only option is to put it in DFU mode and restore.
NOTE: The last three steps, if done properly, can all be done at once before
rebooting.
-Section IV- FaceTime/iMessage
You will either need to 'obtain' iFile from cydia, or download a plist editor
for your computer. This depicts the iFile route.
Open iFile on your iPhone. Navigate to /System/Library/Carrier
Bundles/iPhone/00101/carrier.plist.
Make a backup of this file (as well as all others we edit).
Open the file in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set it to: +011447786205094.
Find RedialOnRRCConnection and Change it to ON.
Save the file.
Go back to carrier bundles and find Unknown.bundle/carrier.plist.
Open the file in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set all 10 sets of numbers to
+011447786205094.
Save the file.
Open the carrier bundle your iPhone is locked to (this can be found by opening
the settings app, going to General, About, and looking at the Carrier).
Open the carrier.plist file in that bundle in property list viewer.
Find PhoneNumberRegistrationGatewayAddress, and set it to +011447786205094.
Click the plus in the bottom right of the screen.
Type RedialOnRRCConnection. Type: Boolean. Click Create. Switch it to ON.
Click Done.
You can reboot now or continue to Section V without rebooting.
After you reboot, switch FaceTime and iMessage off then on and they should
activate.
-Section V- Misc. Fixes and Cosmetics
Open iFile and navigate to the carrier bundle your phone is locked to.
Open the carrier.plist file in property list viewer.
Tap apns. 0: is your Data APN. 1: is your MMS APN. Change these to match your
SIM carriers recommended APNs, and find your carriers correct MMS settings
while you're at it.
NOTE: Those using this unlock for T-Mobile US, i will have all the correct
settings at the end.
Change CarrierName to your carrier's name.
Tap MMS. Change these settings to match your SIM carriers recommended MMS
settings.
MyAccountURL and MyAccountURLTitle Show up under Phone/Services in the settings
app. Change MyAccountURL to the web address you use to sign in to your carriers
account. Change MyAccountURLTitle to something like Carrier MyAccount. (These
can be anything you want, the URL could be facebook if you want it to).
Tap Services. Change each dictionary to a number code you use to e.g. check
minutes. e.g. ServiceName: Check Minutes, ServiceCode: #646#
Find VoicemailPilotNumber. Change this to the number you would call to check
your voicemail. Dont forget country code e.g. US - +1.
Save the file.
Reboot your iPhone.
Your Phone should now seem as though it's on the right carrier.
Test the voicemail button and go through your settings to make sure you did
everything right. You should see no sign of the other carrier.
NOTE: Section VI was going to be manually editting apns from the settings app,
but I found the much easier and permanent carrier.plist solution after I'd
written the first half of this tutorial. When I was doing Section V it made
sense to stick it in there instead. If you go to settings, General, Network
Cellular Data Network, and it has the wrong settings, click reset Network
settings. This will reset them to the defaults from the carrier.plist file that
we editted.
-Section VI- MMS
The only thing we need to do to fix MMS, since we did most of it in Section V,
is add a UA Prof URL. Go to Settings, General, Network, Cellular Data Network,
MMS UA Prof URL. Make it ([Only registered and activated users can see links]).
If you hit Reset Network Settings after this, this is the only thing you need
to re-enter.
-Congratulations!!!!!-
You've official cleaned up the mess of an unlock that the Gevey Ultra S
provides.
Try to avoid anything on Cydia that could cause system instability, since
you'll have to start from scratch again :(
I spent MANY hours figuring all this out, compiling it all, and making a
tutorial, so please thank me and give me credit when it's due. Thanks :D. I'll
Be posting this on several iPhone oriented websites since I believe this
information is desperately needed for a lot of people.
If you dont understand something please respond and I will try to help. I will
be constantly monitoring to respond fast and make this easy for everyone.
-Credits-
Jailbreak: Chronic Dev Team - Greenpois0n.com ([Only registered and activated users can see links])
Unlock: Gevey Ultra S - Apple N Berry | Your iPhone Repair and iPhone Unlock Specialists ([Only registered and activated users can see links])
CommCenter Patch Tut: MrFabius - Guide to Patch CommCenter 5.1.1 Iphone 4S - insanelyi ([Only registered and activated users can see links])
patch-commcenter-511-iphone-4s/
FaceTime/iMessage Fix: cooldayr - Support: How to fix iMessage/Facetime for Gevey users on iPhone 4/4S ([Only registered and activated users can see links])
Misc. Fixes and Cosmetics/MMS: Steven0Ritt (ME)
Full tutorial: Steven0Ritt (ME)
T-Mobile US carrier.plist settings
APNs:
0: epc.tmobile.com
1: epc.tmobile.com
CarrierName - T-Mobile
MMS:
GroupModeEnabled - ON
MaxImageDimension - 1024
MaxMessageSize - 1048576
MaxRecipients - 10
MaxVideoBitrate - 131072
MMSC - ([Only registered and activated users can see links])
Proxy - 216.155.165.50:8080
MyAccountURLTitle - T-Mobile MyAccount
MyAccountURL - ([Only registered and activated users can see links]
src=myaccount&redirectUrl=[Only registered and activated users can see links])
Services:
ServiceName - Check Minutes
ServiceCode - #646#
ServiceName - Check Text Usage
ServiceCode - #674#
ServiceName - Check Balance
ServiceCode - #225#
VoicemailPilotNumber - +18056377243