Tutorial:How To Skip iPhone Activation on Windows
August 11th, 2007
So far most of the hacking tools are based on Mac other than Windows. So something which may be pretty easy, i guess, on Mac, are not so easy at all on Windows, like copy file from your computer to iPhone, esp for those who are not so skilled people.
OK, back to the topic. Actually iPhone activation has been completely hacked by the talented hackers on iPhone Dev Wiki. See the words from their page:
Once jailbraked, iphone can be patched to skip activations at all.
All you need is to apply the patch below to file /usr/libexec/lockdownd and write it back to phone.
The patch sets ActivationState to FactoryActivated and no more activation requests. You can see iPhoneInterface log:iPhoneInterface v0.3.1 built on Jul 14 2007 Waiting for phone... established. iPhone state: FactoryActivated
So, actually, the tutorial is about how to copy files from Windows to your iPhone :) Anyway, let’s get it started.
Step 1: Download PSCP (an SCP client, i.e. command-line secure file copy) from here. Save it anywhere in your local directory, say “c:\phonedmg”;
Step 2: Setup SSH on iPhone by following the instructions of The first 10 steps to modding the iPhone, except the part about WinSCP now that it won’t works any more.
Step 3: Connect your iPhone to your Windows. No iTuens needed.
Step 4: Download the prepatched file from iPhone Dev Wiki provided link(which also included the tool by which you can edit the binary file, totally 1.94MB) or directly from my hosted here(the prepatched file only,379KB).
Save and extract the file to “c:\phonedmg” and rename ’lockdownd.hacked’ to ’lockdownd’.
Step 5: Backup your original ‘lockdownd’ file from iPhone to your computer by running the following command: pscp -scp root@YOURiPhoneIP:/usr/libexec/lockdownd lockdownd.old. You can get YOURiPhoneIP from your iPhone->Settings->Wi-Fi..You can see mine is 192.168.1.100. If you haven’t change your root’s password yet, type “dottie” when your are asked for.
Step 6: Upload the prepatched ‘lockdownd’ to iPhone to replace the old one. Here’s the command: pscp -scp lockdown root@YOURiPhoneIP:/usr/libexec/lockdownd.
Here’s the screenshot(click to enlarge):
Step 7: Reboot your iPhone. And you are done. Enjoy.
From the following pictrue you can see the file ‘lockdownd’ has been modified and updated.
BTW, the SSH client in the above picture is PuTTY. See my last post for details.
Enjoy!
Update(Feb 4th,2008): You can use the elite team’s iPatcher to patch the original lockdownd to skip the activation step(download link) for any firmware version less than 1.1.3. For 1.1.3, check out George’s post for more details.
Don forget to backup your original lockdownd first.
Update(Jun.12,2008): Things have changed a lot. For now please turn to iLiberty+ or iplus to do the activation and other hacking jobs. They both work pretty well.
August 26th, 2007 at 12:52 am
[...] Prepatched lockdownd still works; 2. Hacked phones CAN NOT “Backup” from previous [...]
September 16th, 2007 at 11:19 pm
i did all in the guide untill the step 5 then here starst the errors jeeje: when i try writing the command
pscp -scp root@127.0.0.1:/usr/libexec/lockdownd lockdownd.old
in the YOURiPhoneIP i put my local ip addres that is 127.0.0.1 but any way the ip is not the problem its the command pscp in the cmd say :
¨psc¨ not identified like a command … it say that is a program or file for lotes executable how i can fix it plaase and thanks ejeje
September 18th, 2007 at 12:25 am
1.Your IP IS a problem.
You can’t put 127.0.0.1 here. Settings->Wifi, click blue right arrow on the network you connected and check out the real IP there.
2.Make sure the path you gonna launch pscp is the right one where the executable is located.
Good luck.
June 12th, 2008 at 8:25 am
Hi. this link is pretty old and likely i wont get a responce but is this patch good for 1.1.4 ?
June 12th, 2008 at 10:16 am
khira, sorry,it’s not for 1.1.4.
actually you can try iLiberty+ or iplus to do the activation job instead.
any questions, contact me.