1. Root your phone.
2. Extract your nv_data.bin
3. Look at the file with an hex-editor and goto offset 0x181460 (Ultra Edit, HxD, Hex-Workshop etc)
4. Take the hashes from 0x18146e (20 bytes), 0x18148e, 0x1814ae, 0x1814ce, 0x1814ee
5. If the hash is 7D 3E 17 CF CD 81 6C AC D4 E0 25 FA A6 50 04 FD D1 7D 51 F8 ignore it since that is 00000000
6. Put the hash into the BF exe for example:-
ighashgpu.exe /h:EF63BF26E2382917D96850CCF9632458EE6E6C77 /t:sha1 /c:d /max:8 /min:8 /salt:0000000000000000
and wait for it to finish, do that for each hash which is not zeros, the Found password:  is the code.
7. Put unaccepted simcard in the phone and when it asks for the unlock code enter them in order
8. Job done, phone is now unlocked for free.
If you cannot find a block which looks like hashes @ 0x181460, then search for SSNV and add 5216, but from the files which I have seen the block appears to be fixed @ 0x181460.
If it will not accept the code which you believe to be correct, it means the attempts have been used up, so you need to use the MCK code to unfreeze your phone, note it will not request unfreeze code, just say network lock unsucessful even your code is valid. (MCK HASH is @ offset 0x180049)
Added an example for what you need to look for.
Dynamic located PERSO section, holds the mastercode (MCK / unfreeze), search for PERSO and look for a hash, can be multiple old sections, added screendump with an example.
MCK HASH is also in the SSNV section @ offset 0x180049
NET 0x18146e -
SUB 0x18148e -
SP 0x1814ae -
CP 0x1814ce -
MCK 0x180049 -
NET 0x18154b -
SUB 0x18155f -
SP 0x181573 -
CP 0x181587 -
MCK 0x1815af -
If this saved you a few quid, maybe you would like to buy me a beer
I could not have made this solution and proved my theory without the special help from pulser_g2 and Fall Guy.
I have been advised by pulser_g2 that Chainfire will make a software solution next week using this information.
(APK is here http://forum.xda-developers.com/show....php?t=1092451)