Friday, November 25, 2011

Using SAM to officially activate an iPhone and receive valid Push Certificates.

As mentioned in the last post, Push notifications (as used by the facebook app, or Find My iPhone) on the iPhone rely on valid and unique certificates on the iphone that are tied to that particular iPhones UUID number. These certificates are handed out by the apple servers when a phone is first activated through iTunes, and when an the first app that uses push notification is run. As such, a “hack-tivated” does not have valid certs, resulting in Push not working, the iPhone quickly draining its battery as it continuously contacts the apple servers with invalid certs, or both. To get valid certificates, you will need to do the following:
  1. Follow the guide available here:
  2. I got an “invalid sim” error in iTunes when I went to try and activate the iPhone. There is a way around this by specifying the original carrier that the phone is locked to in the Sam Prefs settings. However, if, like me, you dont know which carrier the iPhone is originally locked to, and you are unsuccessful in getting your phone activated in this way, you can do the following:
  3. Go to Settings->About->Model, and make a note of the model number.
  4. Go to http://forum.gsmhosting.com/vbb/archive/t-1007919.html and look up the model number to see which carrier the iPhone was originally on.
  5. Under Settings->SAM, click on “method”, and change to country and carrier. Then under “method” you should be enter in the original carrier and country details. If even that doesnt work, change back to “automatic” and it should work.
  6. Install an application that uses Push to finalise the process. You can download “iPusher” from the app store, or “Push Checker” from cydia (add the http://cydia.pushfix.info repo) from to test if your push notifications are working.
  7. If iPusher reports an error, make sure that the iphone is disconnected from the computer, go to Settings->SAM->Utilities and click on “Backup activation”. Then wait a minute, and click on Restore Activation. Restart the iPhone, and connect it up to iTunes again. Run iPusher or Push Checker again and you should have valid and unique certificates.
  8. To backup your certificates, you can use the guide here: http://modblog101.wordpress.com/2010/03/07/how-to-backup-your-push-certificates/


This will allow you to restore the official push certificates back onto the iphone again if you restore the iphone in future.

How to get Push notifications working properly on your iPhone.

Push notifications (as used by the facebook app, or Find My iPhone) on the iPhone rely on valid and unique certificates on the iphone that are tied to that particular iPhones UUID number. These certificates are handed out by the apple servers when a phone is first activated through iTunes, and when an the first app that uses push notification is run. As such, a “hack-tivated” does not have valid certs, resulting in Push not working, the iPhone quickly draining its battery as it continuously contacts the apple servers with invalid certs, or both.  To get valid certificates, you have three choices:
  1. Get valid certificates using ”Push Doctor” from cydia. A guide is available here: http://www.redmondpie.com/fix-push-notifications-on-iphone-3.1.3-hacktivated-unlocked-9140492/. I have had great success with the method, and am very grateful for them for giving the valid certificates for free. Unfortunately it is becoming increasingly rare to find valid certificates on the server to grab. You will get an error during the installation if there //www.cmdshft.ipwn.me/blog/?p=791 and checking the “remaining” counter on the left hand side.
  2. You can also pay for valid certificates using PushFix. First pay the $6 at the PushFix website here: http://www.pushfix.info/purchase, and then install PushFix from Cydia using the guide here: http://www.pushfix.info/forum/viewtopic.php?f=4&t=39. I have had mixed results with this method. Although I did get valid certificates on my iPhone and thus Push notification worked, the batter began to drain very quickly. I have my suspicions that the certificates handed out by PushFix are not unique, causing the iPhone to keep trying the Apple Push servers until it gets a response, which is especially shitty considering they are charging money for them.
  3. The other option is to return the iPhone to a pre-activated state, and get an official activation and thus Push certificates by using iTunes to activate it. In the next post, Il outline just how to do that.

How to restore an iPhone that is stuck in DFU/recovery mode


I was given an iPhone 3GS on IOS 4.3.3, baseband 6.15.00 that required a restore to delete all the users data before the resold it. Now, as many of you reading this know, you cant just click "restore" in iTunes on a jailbroken or unlocked iPhone as iTunes will restore the iPhone with the latest iPhone iOS software, removing the lock and the jailbreak from the device. So I put the device into DFU mode and attempted a manual restoration (ctrl-click or alt-click on restore in iTunes) of a 4.3.3 firmware to the device. I then went off for a cup of tea. Unfortunately, when I returned, the iPhones screen was black, and iTunes was reporting an error. It wouldnt even charge from a wall adapter. The phone was also unresponsive to a hard reset (hold down the home and on/off button for 15 seconds). The "exit recovery" button in the application Tinyumbrella wouldnt work, and I had no SHSH blobs for the iPhone saved locally. However, it would show up as a "iPhone in recovery mode" in iTunes. After a good bit of trial and error, I finally got it working again.
  1. First off, you will need to get the iphones ECID. On the mac, click on the little apple logo in the top left corner and then “About this mac”. Then click on “more info” and then “system report”. Click on “USB” in the top left and then on the iPhone. Look for “ECID”, and the number should be beside it. (you may need to have the iphone in DFU mode for this number to show up)
  2. Power up tinyumbrella. Click on Manual ECID, and enter in the one that you got from the previous step. Click on the newly added iphone on the left and then “Save ALL SHSHs”. If you click on the log, it should tell you if it finds any previously backed up SHSH blobs on the Cydia server. If it doesnt, you may be able to use “iFaith” to recover the curent SHSH blob on the iPhone.
  3. If tinyumbrella does find a SHSH blog on the server, it will save it to your local drive. If you click on the iPhone on the left, under the general tab, you should see a list of firmwares that the SHSH blog has been saved for. Make a note of one that you wish to restore your iPhone to.
  4. Download the the corresponding firmware for your iPhone off the internet (google is your friend). If you wish, use PwnageTool to customise the firmware to your liking (unlock your phone, etc)
  5.  Go back to tinyumberalla. Click on “Start TSS Server”. This will enable tinyumberella to serve the SHSH blob(s).
  6. Open iTunes. Under the iphone menu, alt-click (or ctrl-click) on “restore” and select your firmware. Follow the instructions. If you have Tinyumberella open in the background, click on “log”, and you should see iTunes requesting the SHSH blob and TinyUmberella returning the blob.
  7. If during the restore you get a “10**” error in iTunes, use Tinyumberella to exit the phone out of recovery mode.
  8. Congratulations, the phone should be working now. If the phone needs to be jailbroken activated or unlocked at this stage, you can use redSn0w along with the firmware file.