HOW TO: Use SAM to Unlock Any iPhone Regardless of iOS Version or BaseBand!

It was only a few days ago that I was having a discussion with a friend about the reasons the masses have when they decide to make the leap and jailbreak their iPhone.

Generally there are only 3 main reasons many have for jailbreaking their iPhone, everything else made available when you do is simply an added bonus. One reason is to unlock your phone, allowing it to be used on any network. Another is for on-device development and testing purposes. The third is for installing pirated apps [which we neither support or agree with].

In the case of the first reason there has been very little to celebrate as there has been no release of the main tool, ultrasn0w, for quite some time which means you’re out of luck if you have an updated baseband or newer device.

However the SAM tool from developer sbingner has you covered with a little help from iTunes thanks to a little playing around from Chinese Researcher Loktar_Sun.

Unlock Process


REQUIREMENTS: Before following this procedure, users will need to have a jailbroken iPhone that is not listed on any IMEI blacklists. A computer with a fully working internet connection and the latest version of iTunes installed is also required, as is the original carrier information of the locked device in question.

Step 1: Open up Cydia on the jailbroken iPhone and add the official repository for the SAM package. The repo URL is and contains the official up to date SAM package and the required dependencies.

Step 2: Launch the SAM interface. This can be achieved by tapping the SAMPrefs icon that can be found on your Springboard, or by finding the SAM preferences bundle through the Make sure that the SIM card that you intend to use is present in the iPhone.

Step 3: After SAM has been launched, select the ‘Utilities‘ option before selecting ‘De-Activate iPhone‘. If this has been done correctly, the device ActivationState should now read as ‘Unactivated‘.

Step 4: Keep SAM enabled and choose ‘By Country and Carrier‘ in the Method options. The next step is to find your carrier in this list. Be aware that some networks work with more than network ID, therefore meaning users may need to select the ‘SIM ID‘ option.

Step 5: Head on over to ‘More Information‘ and make a note of the IMSI that is present in the ‘SAM Details‘ section before tapping ‘Spoof Real SIM to SAM‘. Head back to the main SAM screen and change ‘Method‘ to manual and paste or enter the IMSI string that you should have made a copy of.

Step 6: The next step is to connect the iPhone to the computer using the supplied USB cable and allow iTunes to re-activate the phone. When done, double click the Phone Number section of the device details and make sure that the displayed ICCID matches that found on the SIM card. If the strings do not match, the process will need to be repeated from the beginning.

Step 7: If the strings match then unplug the device and disable the SAM package. Re-connect the device to iTunes and do not be alarmed by any error messages that may pop-up saying that the device cannot be activated. This error is normal and requires iTunes to be shut down and then re-opened.

Step 8: After a short period of time, the iPhone should display those beautiful signal bars meaning that the process has been successful. If you find that push notifications have ceased working, this can be resolved by selecting the ‘Clear Push‘ option in SAM and then connecting the device to iTunes.

As I mentioned earlier on, following this procedure means that the iPhone will only work with the SIM that was used during the unlock process. If you intend on using multiple SIM cards with the unlocked iPhone then the process will need to be repeated with each SIM on an individual basis. The team involved in producing this unlock have also recommended it as good practice to make a manual save of each ticket that is generated due to the fact that it could prove crucial going forward.

Manually saving each valid unlock ticket
Step 1: Run through previous steps 1-8 above for each required SIM card, making sure that the method is successful each time.

Step 2: SSH into the jailbroken device using something like iFile or a desktop client.

Step 3: Navigate to /var/Root/library/Lockdown and make a local copy of everything that is found in that directory for each SIM card.