Downgrade and Unlock iPhone 3GS on Baseband 6.15.00 to iOS 4.1 without SHSH

Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic!

UPDATE: Click here on how to officially unlock AT&T iPhone or click here for other worldwide network.

So your iPhone had some issues and you tried to restore it directly via iTunes but it failed. In the end your iPhone won’t boot and it’s stuck on recovery loop. You read online that there’s no way to downgrade it. You’re left with no choice but to update it to iOS 4.3.5 which has a tethered jailbreak. To make it worse, you have the iPad baseband 6.15.00 which doesn’t allow you to restore directly via iTunes.

Thankfully, there’s still a way out from this misery. Apple is silently signing iOS 4.1 for 3GS which means you can still downgrade to this version and have an untethered jailbreak. There are many apps which are no longer supported on iOS 4.1 but hey, beggars can’t be choosers right?

Here are the steps:

Editor's note: learn more by reading our ebook on starting your own iPhone repair & unlock business

1. Download iOS 4.1 firmware for iPhone 3GS from here.

2. Download sn0wbreeze 2.1 from here.

3. Launch sn0wbreeze and build a custom firmware (for beginners choose simple mode). You can also download iOS 4.1 hacktivated custom firmware from here. Once done, iREB will guide you on how to pawn-DFU your iPhone to allow it to accept custom firmware. Simply follow the on-screen instructions.

4. Check to make sure your host file will only point to Apple server. If you’ve used TinyUmbrella before, there’s a chance that the host file is set to Saurik’s server. To be sure, a clean host file will look something like shown below.

5. To edit your host file, go to C:\WINDOWS\system32\drivers\etc. Right click ‘hosts’ file and open it with Notepad. Remove any line that says gs.apple.com (On Windows 7 or Vista, choose Run as Administrator).

6. Once you’ve checked your host file, launch iTunes and click Shift+Restore and point to the custom firmware you’ve just created.

7. Sit back and relax. You’ll notice that iTunes allows you to restore to iOS 4.1. Nice!

8. Once the restore is complete, your iPhone is already in jailbroken state (Cydia installed). Now go ahead and unlock it with ultrasn0w.

Did it work for you? Buy me a drink!

[donateplus]

Any issues? Leave your comments below.

Final note: If you intend to post this on a forum, please kindly provide a link back to this website. Thank you!

Share this and be awesome!

Comments & Discussion

  1. i
    have iphone 3gs with ios 5.0.1 bb 06.15.00 jailbreak
    but suddenly it show sim failuier
    so i tried to unlock it again from google and you tube
    but i was unable to start it
    finaly i got ios 4.1 with bb 06.15.00 bui still i can make call from my sim
    iit show no servise
    i am vey helpless

  2. I have an iPhone 3GS old bootroom which is running ios 5.1 with 6.15.00 baseband. I read this thread, i would like to make a question that can i downgrade to ios 4.1 (i’ve got 4.1 SHSH in cydia) to downgrade baseband 5.16, because i took an email to AT&T to unlock my iphone, and AT&T confirmed to subbit my request just some business days. So if i downgrade to ios 4.1, the baseband 6.15.00 could be downgraded too?

    Thx so much…

  3. Hi, it didn't work for me. I have an AT&T unlocked 3GS with ios 6.1.3 and bb 6.15.00 that won't pass the Activation Screen and all the methods online to downgrade the bb don't work with me…new bootrom. I will be happy to donate if you can help me.

    • 1. downgrade to iOS 4.1
      2. download latest redsn0w from dev team's blog (google)
      3. launch redsn0w and follow on screen instructions
      4. hit jailbreak and select 'downgrade iPad baseband' only
      5. follow on screen instructions

Leave a Reply

Your email address will not be published. Required fields are marked *