Reprogramming the NAND Flash and device ID on iPhone and iPad

Could you explain a bit more? I've got a locked 6 for parts and like to try this out.

So the question is what(tools/software) is needed to change the SN of the NAND?

Also I don't get this line "You just need to understand the SN nomenclature, all you have to do is change an "1" to "i" or "0" to "O" etc."

Any help is appreciated.

Yes, interested to know this too ..

Jacub, firstly you need to be able to desolder the NAND chip from the mainboard, this is done with a hot air gun @ 380° celcius. Secondly, you need soldering paste + flux ( not soldering wire ) and a metal soldering frame to lineup the NAND for reballing the chip.

When desoldered the NAND chip, clean it up free from flux and soldering leftovers. the nyou need to put it in a programmer like the Wozniak 3000 or the P1000 S. these can be obtained from china f.e. Alibaba webshop. Along with the programmer you need the right NAN holder, these differs between 32b/64b/PCI-E so for each kind of chip you need its specific NAND holder.

then you can read the SN, MLB, IMEI, WIFI + BT Mac address and so on from the chip you desoldered. There you can simply change the SN of the NAND Chip but leave the rest of the data intact. The serial number build-up is allways in a certain order for each type of device, you can f.e. change 1 figure or letter from the last part of the SN of an Iphone 6, or the first part of an Ipad air.

Thank you xafman for taking time to clarify the process.Now it's getting clear to me.

But what about the eeprom and baseband chips? I don't know what others keep telling we need to change them as well. The seller at Alibaba has in their description the NAND is for storage expansion only and for icloud: "Notice: CPU+eeprom+baseband+nand flash chip for iCloud unlock".

Will replacing the NAND alone unlock the icloud?

I noticed there are programmed NAND chips out there on ebay for around 10$. So "programmed" means they have already a new SN and IMEI on them right?

I'm wondering if they'll work because that way we can save a lot we would otherwise have to spend on a programming tool.

Cheers mate.

Some forum say iOS 11 activation with UDID, any change with SN/BT udid will change and not activate maybe , Somebody confirm???? I did not test.

And costly! So why go to the trouble?

@danj if it was a 7 or a 6s, I would do it. For anything older, not worth it.

Not possible! the 6 onward have TouchID. Throw in the towel ;-} Apple did a very good job to prevent phone theft.

@danj Bring it to Apple afterward and say Touch ID won't work

They'll smell the switch-a-rio - No dice

If you got a 300 $$$ or up, find a site that will do it all for a small price...trust me when i say this...I personally hacked a couple of phones, its not worth the headache, that is if you want the challenge...

I am currently encountering this problem but in another blend, in that my jc pro1000s cannot read from old nand chip, it keeps returning an error when I try to extract nand, this has happened in all iphone 6s, 7 and 7plus stucked on apple logo issue, what I do is, i put phone in recovery mode and get the SN using 3utools, I then program the new nand with SN only as I can't read WM and BM figures... After soldering nand chip to logic board and restoring the phone, everything goes well but alas iphone cannot be activated and there am stucked.

I want to get past this if anyone has an idea that can help please share, thanks.

Anybody ever have any luck with this on any model iPhone 6-8? If so what chips did u replace and which did u rewrite? Thanks