So far most of the hacking tools are based on Mac other than Windows. So something which may be pretty easy, i guess, on Mac, are not so easy at all on Windows, like copy file from your computer to iPhone, esp for those who are not so skilled people.
OK, back to the topic. Actually iPhone activation has been completely hacked by the talented hackers on iPhone Dev Wiki. See the words from their page:
Once jailbraked, iphone can be patched to skip activations at all.
All you need is to apply the patch below to file /usr/libexec/lockdownd and write it back to phone.
The patch sets ActivationState to FactoryActivated and no more activation requests. You can see iPhoneInterface log:
iPhoneInterface v0.3.1 built on Jul 14 2007
Waiting for phone... established.
iPhone state: FactoryActivated
So, actually, the tutorial is about how to copy files from Windows to your iPhone 🙂 Anyway, let’s get it started.
Step 1: Download PSCP (an SCP client, i.e. command-line secure file copy) from here. Save it anywhere in your local directory, say “c:\phonedmg”;
Step 2: Setup SSH on iPhone by following the instructions of The first 10 steps to modding the iPhone, except the part about WinSCP now that it won’t works any more.
Step 3: Connect your iPhone to your Windows. No iTuens needed.
Step 4: Download the prepatched file from iPhone Dev Wiki provided link(which also included the tool by which you can edit the binary file, totally 1.94MB) or directly from my hosted here(the prepatched file only,379KB).
Save and extract the file to “c:\phonedmg” and rename ‘lockdownd.hacked’ to ‘lockdownd’.
Step 5: Backup your original ‘lockdownd’ file from iPhone to your computer by running the following command: pscp -scp root@YOURiPhoneIP:/usr/libexec/lockdownd lockdownd.old. You can get YOURiPhoneIP from your iPhone->Settings->Wi-Fi..You can see mine is 192.168.1.100. If you haven’t change your root’s password yet, type “dottie” when your are asked for.
Step 6: Upload the prepatched ‘lockdownd’ to iPhone to replace the old one. Here’s the command: pscp -scp lockdown root@YOURiPhoneIP:/usr/libexec/lockdownd.
Here’s the screenshot(click to enlarge):
Step 7: Reboot your iPhone. And you are done. Enjoy.
From the following pictrue you can see the file ‘lockdownd’ has been modified and updated.
BTW, the SSH client in the above picture is PuTTY. See my last post for details.
Update(Feb 4th,2008): You can use the elite team’s iPatcher to patch the original lockdownd to skip the activation step(download link) for any firmware version less than 1.1.3. For 1.1.3, check out George’s post for more details.
Don forget to backup your original lockdownd first.
Update(Jun.12,2008): Things have changed a lot. For now please turn to iLiberty+ or iplus to do the activation and other hacking jobs. They both work pretty well.