BBUpdaterExtreme

This is the tool used by Apple to updateflash the Baseband of XGOLD basebands. It also allow to do some more things like changing the IMEI SV or just powercycling damaged baseband.

The tool seems to make a connection to the device to flash the firmware, the eeprom and the bootloader. The Device is the Emergency Bootloader of the iPhone which also is the only gate to flash the baseband.

There have been some tries to make custom fls / eep files ( which are needed to flash the baseband of the device ). This method could bring back 06.15.00 devices back which are now damaged.

With this tool it is not possible to downgrade any baseband version.

Commands

 * BBUpdaterExtreme help [unknown option] [?]
 * BBUpdaterExtreme queryversion | prints the current status of baseband firmware
 * BBUpdaterExtreme update -f ICE2_xx.xx.xx.fls -e ICE2_xx.xx.xx.eep | UPDATES ( not downgrades!!! ) Firmware version
 * BBUpdaterExtreme imeisv [option] | changes the imeisv value
 * BBUpdaterExtreme automatic -S -F [or -L for BL] | for automatic update (while firmware restores)
 * BBUpdaterExtreme audioparameters [?]
 * BBUpdaterExtreme ice3dump [?]
 * BBUpdaterExtreme staticeep [?]

Undocumented Commands
Source:

 update // performs manual update of Baseband BBUpdaterExtreme update -f /mnt1/gecko/bin/ICE2_05.16.05.fls ^^attempts an upgrade of single .FLS (flash) file only BBUpdaterExtreme update -e /usr/local/standalone/firmware/ICE2_05.16.05.fls ^^attempts an upgrade of single .EEP '(eeprom) file only BBUpdaterExtreme update -l bl.fls ^^attempts an upgrade of single .FLS bootloader file only

 automatic // performs automatic update of Baseband  BBUpdaterExtreme automatic -S -L /mnt1/bin -x ^^ this will update bootloader (if newer versions is available) BBUpdaterExtreme automatic -S -F /mnt1/bin -x ^^ this will update both fls and EEP in specified folder (if newer version is available)

 imeisv // Sets the IMEI software version bits  BBUpdaterExtreme imeisv -v 018

 queryversion // prints current Baseband status (AT+XGENDATA)  BBUpdaterExtreme queryversion

 audioparameters // sets baseband EEP audio parameters  BBUpdaterExtreme audioparameters -p /mnt1/bin/BasebandAudioParameters.c

 powercycle // powercycles the modem  BBUpdaterExtreme powercycle -o 5

 staticeepcheck // Checks the backup of a static eep  BBUpdaterExtreme staticeepcheck -F /mnt1/tmp

 nukegnvram // Clears specific data from non volatile RAM  BBUpdaterExtreme nukegnvram

 memtest // Performs a Memory test  BBUpdaterExtreme memtest

''' staticeep // Backs up static eep? ''' BBUpdaterExtreme staticeep -d backup.bin -f ICE2_05.16.05.eep -S &lt; ??? change

 help  supposed to show help, does nothing in recent versions

 List of switches with args 

-a ?? example: BBUpdaterExtreme update -e ICE2_05.16.05.eep -a 10

-b sets a specific boot code example: BBUpdaterExtreme update -e ICE2_05.15.04.eep -S -b 4154 &lt;X-GOLD

-i Version ID; customize flashing per device example: BBUpdaterExtreme queryversion -i K48 &lt; iPad 1 (X-GOLD) BBUpdaterExtreme queryversion -i 1 &lt;iPhone 3G? (S-GOLD) BBUpdaterExtreme queryversion -i 2 &lt;iPhone 3GS? (X-GOLD) BBUpdaterExtreme queryversion -i 3 &lt;iPhone 4? (XMM)

on 3GS : choosing 1 will give you &quot;Opening device for pinging failed, did you forget to stop CommCenter?&quot; Choosing 2 will successfully boot and flash Choosing 3 will hang on sending Boot code Choosing K48 will successfully boot and flash

-f file / flash file / firmware example: BBUpdaterExtreme update -f /mnt1/bin/ICE2_05.16.05.fls

-F Folder example: BBUpdaterExtreme automatic -S -F /mnt1/bin -x

-v Version example: BBUpdaterExtreme imeisv -v 018

-t test count? (iterations) example: memtest -t 5

-L points to a folder for bootloader upgrade in automatic mode example: BBUpdaterExtreme automatic -S -L /mnt1/bin

-p path? / parameters? example: BBUpdaterExtreme audioparameters -p /mnt1/bin/params.c

Switches with no args

-! uses &quot;old style&quot; AT upgrade sequence (boot pattern 0x41, 0x54) example: BBUpdaterExtreme update -f ICE2_05.16.05.fls -!

-# ?? example: BBUpdaterExtreme update -f ICE2_05.16.05.fls -#

-D Disable sleep (useful when flashing from userland) example: BBUpdater queryversion -D

-P disables the initial AT+ XGENDATA ping/check sequence (baseband info will shown as 'unknown') example: BBUpdaterExtreme queryversion -P

-S run without disabling sleep (useful in ramdisk) example: BBUpdater queryversion -S

-l load/ bootloader