Jailbreak and Unlock iPhone 3GS on iOS 5 Baseband 5.16.05

So you think you just bricked your previously unlocked iPhone 3GS after updating to iOS 5? There’s still a solution to get your iPhone to work as a phone again. Read on.

UPDATE: If you have an AT&T iPhone 3GS/4/4S, unlock it forever using this.

First thing first, the untethered jailbreak for iOS 5 is not yet available at posting time and baseband 5.16.05 can’t be unlocked. There’s no unlock available since baseband 5.14.02 was released with iOS 4.1.

However, it is still possible to unlock your iPhone by updating the baseband to 6.15.00. This is an iPad baseband and you must read the risks here. If you don’t wish to install iPad baseband 6.15.00 then consider our baseband chip replacement service. If you have a 3GS produced after week 28 of year 2011, do not flash it with iPad baseband!

Did you read and understand all the risks? Then let’s continue.

For some reason, Apple is still signing iOS 4.1, and you need to downgrade to this iOS version so that you can update your baseband to 6.15.00. There are other methods e.g. using SHSH blobs but that will add more steps and may not be suitable for beginners.

Warning: Proceed at your own risks!

Steps:

1. Backup your contacts, photos, apps etc and remove your SIM card.

2. Download iOS 4.1 firmware for iPhone 3GS.

3. Download redsn0w 0.9.8rc18 for Windows or Mac.

4. Download latest version of TinyUmbrella from here.

5. Remove iTunes 10.5 and install iTunes 10.4 for Windows or Mac.

5. Launch iTunes, connect your iPhone, hold down the SHIFT for Windows or Option for Mac while you click the RESTORE button in iTunes and select the iOS 4.1 firmware file you have just downloaded. If you get an iTunes error 3194, read here on how to fix it.

6. The restore will end with error 1015 and recovery loop on the iPhone, this can be resolved using the “Exit Recovery” button in TinyUmbrella.

7. Start redsn0w 0.9.6rc18 that you have downloaded in step 3.

8. Browse for the iOS 4.1 firmware you just downloaded.

9. Select ‘Install Cydia’ and ‘Install iPad Baseband’. Read the warnings!

10. Follow on screen instructions to put your device into DFU mode to begin jailbreak.

11. When the process is done, you will find that your iPhone is now jailbroken on iOS 4.1 with iPad baseband 6.15.00. To make sure you can always go back to iOS 4.1, launch Cydia and select ‘Make my life easier.’

If you’re happy with iOS 4.1 and would like to unlock it, go to step 17 now.

I’m sure you want iOS 5 right? Let’s update it to iOS 5 and then unlock it with ultrasn0w 1.2.4.

12. Download custom iOS 5 for 3GS from here. If you don’t have the official carrier SIM card, be sure to download the ‘hacktivated’ version.

13. Download the latest redsn0w from the Dev Team’s website or from here. Start redsn0w, go to Extras > Pwned DFU. This allows your iPhone to accept custom firmware.

14. Reinstall iTunes 10.5.

15. Connect your iPhone to your computer and hold shift+restore (Windows) or option+restore (Mac) and select the custom iOS 5 IPSW you just downloaded. If you get an iTunes error 3194, read here on how to fix it.

16. Once the restore is done, your iPhone will now have iOS 5 with baseband 6.15.00.

Note: Once your iPhone has booted up you will see new setup screens. When you start iOS5 for the first time, you’ll be asked about Location Services.  Be sure to select “Disable Location Services” when asked in the setup, you’ll have the chance to turn on Location Services again when asked if you want to use “Find my iPhone”.  It’s fine to turn it back on at that point, if that’s your desire (or you can always go in and enable it in Settings.app). This is no longer required as of redsn0w 0.9.9b6.

17. Launch Cydia from Springboard (home menu). Do you have a broken WiFi? Read this.

18. Search for ultrasn0w on Packages in Cydia. If you cannot find it, add new sources by typing ultrasn0w repo:

repo666.ultrasn0w.com (with zero, not o).

19. Install Ultrasnow 1.2.4.

20. Reboot your iPhone. Please note that since the jailbreak is tethered it may not boot up properly (stuck on Apple logo). If this happens, start redsn0w 0.9.9 again, go to Extras > Just Boot. Follow on screen instructions.

21. Turn off 3G and insert your SIM card. It should pick up your mobile signal.

Good luck and leave your comments or questions below. If it works, tell us!

[first published on our partner site]