Hacked: iPhone 1.1.1 Down on the Canvas

October 6th 2007

It's complex, it's hardcore, but it works: a blog at The Unofficial Apple Weblog says. Here's the full Monty of how the ugly hack was achieved, using iPhuc:

Ingredients

One iPhone, still at version 1.0.2 with ssh access.

One 1.1.1 iPhone upgrade, still not applied.

Firmware for 1.0.2 for downgrading.

iPhuc

The basic method

1. Using ssh: cd /var/root

2. mv Media backup

3. ln -s / Media

4. Upgrade to 1.1.1

5. Use iphuc to access the changes and hopefully get execute access.

Getting started

10:13 AM. My 1.0.2 iPhone is sitting here next to me. It is running ssh and I'm ready to start the hack. I do the linking method as follows:

=% cd
=% pwd

/private/var/root

=% mv Media backup

=% ln -s / Media

=%

I've now closed the shell and attached the iPhone to my Mac and am about to start the upgrade. Man, it really physically repels me to hit that Update button... The fear. The uncertainty. The doubt.

The iPhone upgrade

10:20 AM. Right now it's extracting software and getting ready to do the install. I have never unlocked this phone so I'm hoping the update will proceed smoothly. Lets see if I get bricked or not.

10:22 AM. It's "Updating iPhone software..." now.

10:23 AM. Verifying updated iPhone software. Oh noes! I can has the 1.1.1 upgrade now?

10:24 AM. Updating iPhone firmware...Pleasant elevator music plays in the background. (Because every great hack must be accompanied by elevator music.)

10:26 AM: Your iPhone has been updated, and is restarting. Activate iPhone, connect to iTunes.

10:27 AM: Wrong SIM!!!!! Oh man. (Trust me, it's a pure AT&T SIM on a pure AT&T account.)

10:28 AM: I pull the phone out of the dock and then I reconnect to iTunes. iTunes could not connect to the iPhone "Bologna" because of an unknown error occurred.

10:29 AM: Switching to my Intel Mac from my G4 Mac

10:32 AM: I have the full tree. Getting screen shot now. The phone is not activated but iPhuc connects to it without trouble. w00t!

Now all we need in an installer app and/or a GUI (okay, and a little more testing a work), and Apple might just have to go back to the drawing board again. Sometimes, the cat doesn't always beat the mouse.

Third-party apps also work on 1.1.1 and you may get your non-Apple ring tones back. If you try it, let us know how you go with this one.