After reading my previous post on how to activate baseband core dump function now you can start to dump baseband memory. I told you many times how was essential to dump the memory; you could use it to find some baseband vulnerabilities and try to find your own exploits. And there is no need to say that you can use it to try to unlock iPhone for example or just to explore it. Since Apple integrated their devices with X-Gold chips by Infineon we can perform iPhone baseband core dump in a very simple way which I show you in my tutorial guide below.
This article will help to figure out how to send AT Commands to iPhone 4. The commands will be sent via iPhone shell. We’ve already published the list of AT commands and the tools that will help you to send that commands. In this tutorial we will use minicon (you can install it from Cydia) or just follow the link above to review the tools which can be used for communicating with your iPhone’s baseband.
Have you ever thought about deciphering Sim card of your iPhone? Because I thought. You may ask why? The answer is simple. You can do that to access iPhone Sim card’s hidden info. And here I’ll show you the way to do that using AT+ commands. You can access iPhone Sim card to get info and use it to decipher your SIM while your iPhone is connected to the network. It is good method if you don’t have handy Sim card reader.
It is really great to have a possibility to unlock iPhone using different exploits. Many of them are based on methods that involve baseband decrypting (NCK Unlock) or spoofing user SIM’s IMSI number (SAM unlock). Some of them are pretty hard to execute, some, like NCK unlock are right now applicable only to certain models of iPhones. Today I want to share analysis of activation exploits with you. This exploit is made to activate your locked iPhone. We will talk about WildcardTicket which is also called Activation ticket (record).
Sendmodem is a tool that can access iPhone’s and iPad’s 3G baseband (modem) through /dev/tty.debug port without the need to disable the CommCenter. The original code for SendModem was taken from iPhone’s SMS app and its output format was slightly modified by sendmodem developer PmgRiPhone. Usually the modem or baseband is accessed through Minicom with sending commands to /dev/tty.baseband. Minicom needs CommCenter to be disabled in order to work normally. After you’re done using Minicom you have to enable the CommCenter again.
Here’s the instruction how to check your iPhone’s lock state (baseband unlock status) using Minicom or other tool that can send AT+ commands to your iPhone’s baseband. Use this method if you want to know if your iPhone is unlockable. To get the info about your SIM state and unlock state do as follows:
Here’s the list of tools which can communicate with your iPhone’s baseband. Those are Minicom, sendmodem and igsm. They are text-based Unix systems which can send commands to the baseband (or modem) of iPhone. The difference between them is that Minicom needs CommCenter to be disabled while communicating with baseband. Sendmodem and igsm don’t require the CommCenter swith off in order to work properly. They execute the AT+ commands directly from the command line. Let’s take a closer look on each of the tools.
You may read my guide about Sendmodem program to send AT commands to your iPhone baseband. You can use these commands to get some baseband information for unlock or other thinks. Also you can read about Minicom. You can use this link to go there. But today I want to introduce you another program for this which is called iGSM. The new iGSM tool was developed to send AT commands. This tool was created by Marcio’s iPhone Apps and uses /dev/tty.debug without need to disable the commcenter during the process and has function to perform these jobs which means that you don’t need to manually enter:
This article explains what is Minicom and how to install and setup the software to control your iPhone or iPad 3G baseband. Minicom is a modem control and terminal emulation text-based program for operating systems based on Unix. Minicom emulates ANSI and VT102 terminals, has a dialing directory and is available to automatically download zmodem.