How to Jailbreak iPhone 3GS on OS 3.1 Pwnage Tool (Mac)
Posted by 
October 3, 2009 •
Finally Dev Team released Pwnage tool for iPhone 3GS Firmware 3.1, the latest firmware update OS 3.1 contains a baseband firmware update 5.11.04 which is not compatible with Ultrasn0w. Means if you upgrade your iPhone 3GS 3.0 to 3.1 your baseband also upgrades from Modem FW 04.26.08 to 5.11.04, Now the problem is you can’t unlock baseband 5.11.04 with any utility out in the wild. Thanks to Dev team, PwnageTool program let’s you update your main firmware without touching your baseband firmware, so you can still have the best of both worlds. Here we have a simple to follow guide which shows you how to upgrade and unlock your iPhone 3G from Firmware 3.0 to Firmware 3.1 without upgrading your baseband.
_____________________________________________________________________________________
Am i eligible for Pwnage tool or not ?
- I have an iPhone 3GS 3.0/3.0.1 redsn0wed : You are in
- I have an iPhone 3GS 3.1 and saved SHSH to Cydia : You are in But Downgrade to 3.0 with the following guide Downgrading iPhone 3GS from 3.1 to 3.0 with Cydia SHSH.
- I have an iPhone 3GS 3.1 but didn’t saved SHSH to Cydia : You are out of luck
In short new pwnage tool release is specifically for 3gs users who are using 3.0.X, If you updated to 3.1 without your shsh saved to Cydia then you can’t do anything with this release.
_____________________________________________________________________________________
Requirements :
- iPhone 3GS
- Mac OS X Leopard, Snow Leopard
- iPhone Firmware OS 3.1
- Pwnage Tool Download Here
_____________________________________________________________________________________
Step One). Download the required files and make a folder on Desktop called “iHackintosh” or whatever you want and put the Firmware 3.1 and Pwnage tool in iHackintosh folder.
Step Two). Close all other running programs and launch Pwnage tool from iHackintosh folder by double click.
Step Three). Choose your Mode, Simple Mode or Expert Mode
- Simple Mode - Which provides step by step instructions as below and automatically detects your correct firmware and adds the unlock and activation and jailbreak with Cydia automatically to your
custom firmware. - Expert Mode – Where you can adjust the settings on the various different additions to the custom firmware – if you click through and do not change anything in expert mode it will make the same
In the following post we used Expert mode for better reliability.
Step Four). In the next window click and select your iPhone. A big green check-mark will appear over the image of the phone which you selected. Once you selected the iPhone model then click the blue arrow button at bottom to continue.
Step Five). You will be brought to the "Browse for IPSW" Windows. On my Hackint0sh, it automatically found the IPSW. If PwnageTool doesn’t automatically find the ipsw file you can click Browse for IPSW(Just in Case)
Step Six). In the next screen click to select General then click the blue arrow button at the bottom right corner.
Step Seven). You’ll get to the General Settings Screen. The General settings allows you to decide the partition size, Activate the phone and Enabled baseband update. The most crucial step of your process so be careful and read it 3-4 times before getting in to the business. Check Activate the phone if you are not with an official carrier then click the blue arrow button. Deselect Activate if you have an iPhone legitimately activated on an official carrier.
- If you are using an Official service provider (i.e. AT&T) you do not need to "Unlock Baseband", therefore you can Uncheck “Activate the phone”.
- If You are using an Unofficial service provider (i.e. T-Mobile) then check “Activate the phone” So you can enjoy Ultrasn0w with the 3.1
Step Eight). The next window Cydia settings menu allows you to create custom packages so you do not have to manually install them later.
- Click to select the Download packages tab. Then click the Refresh button to display all the available packages. Double clicking the package you want will download it and make it available in the Select Packages tab.
- Checkmark the ones you want then Click the blue arrow button.
- The Custom Packages Settings menu displays listed package settings for your custom IPSW. For know leave these settings as is. Click the blue arrow button to continue.
Step Nine). The Custom Logos Settings menu allows you to add your own images, you can pick your custom logo settings. If you uncheck them both, the originals will remain. Once done click the blue arrow button to continue.
Step Ten). You are now ready to begin the Pwnage process! Click the Build button to select it then click the Blue arrow button to begin.
Step Eleven). You will be asked to save your custom .ipsw file. Save it to your Pwnage folder you created on your Desktop.
- Your IPSW is not being built. Please allow up to 10 minutes.
- You will be asked to enter your administrator password. Do this then click the OK button.
Step Twelve). PwnageTool makes your iPhone into the mode of repair, called "Recovery Mode", Make sure your iPhone is connected to the computer then follow Step Thirteen to put your iPhone into recovery mode.
Step Thirteen). How to put your iPhone in recovery mode.
- Turn the device completely off and disconnect it from cable/dock.
- Hold down the home button.
- While holding down the home button connect to a computer with a cable (easiest) or dock.
- Keep holding down the home button until you see a connect-to-itunes screen You are now in recovery mode.
When done correctly your iPhone will display an image of the iTunes logo and a usb cable. iTunes will also pop-up saying it has detected an iPhone in recovery mode.
Step Fourteen). Now enter in iTunes to restore your iPhone. Logo of guy that tells iTunes detected an iPhone in DFU mode and you need to restore.
Step Sixteen). In iTunes, hold the Alt/Option key and click Restore. Navigate to the iHackintosh folder on your desktop using the dialog window that appears. Select the custom IPSW that was created and click the Open button. iTunes will now restore the firmware on your iPhone. This can also take up to 10 minutes.
)
I also stuck after jail break my new iphone 3gs with 3.1.2 frameware, unable to start up.
Any body have the solution?
Hi Friends…
I’m a new member. I’m using Windows 7 and don’t know using Mac OSx. I recently purchased Iphone 3GS Factory Unlocked firmware 3.1.2 and latest baseband. Is it possible to jaibreak my iphone using Pwnage tool 3.1.4 on VM ware workstation (Mac OSx 10.5 Leopard running as Guest on Windows 7 Host). Anybody pls help me. I’ve tried the Pwnage tool on the Guest Mac ..it will run smoothly.. I want to confirm it is safe or not. Thanx in advance
Hi. How can I unlock my 3GS iPhone
3.1 05.11.07 carrier AT&T 5.5? I pay good money if somebody can do unlock for me?thanks.my email:Ira_d28@yahoo.com. Thanks
FOR all windows users who have:
iphone 3GS with 3.0 or 3.0.1 jaillbraked and unlocked
all you need is to download allready made custom 3.1 firmware that hasnt got any baseband update and than do the restore.
after restore rerun the ultrasn0w and unlock it
if there is no carrier name, find the app from cydia that is called fakecarrier, install it, and make a name for your carrier
google it
Same with Marshall. Factory Unlocked 3GS – Bought with FW 3.0 (not JB) – Updated to 3.1 before realizing there’s such a thing as Pwnage.
Tilda:
part of the process appears to downgrade the ATT carrier file to version 5.0. Just find a 5.5 carrier file on the Internet and do a shift+restore (Win) to install the 5.5 file. You should get your MMS back. This is exactly what I had to do after the jailbreak.
I have been trying to jailbreak my iphone 3gs for two days now using this method and each time I keep getting error code 1604. My iphone was jailbroken before 3.1 came out and I also have the phone’s SHSH registered with cydia.
Not sure why this new jailbreak method is not working on the phone, but I am now stuck with version 3.1.
If anyone has a similar issue and can help me resolve it, then please let me know.
presently my iPhone 3gs has 3.1 [7C144] with Modem Firmware 05.11.07. and AT&T carrier version at 5.5.
I know I can downgrade to 3.0, but don’t to loose my info and restore the phone again.
thank you
Are there any plans to release a pwnage tool that will overcome the 3GS v3.1 firmware lock. Silly me actually updated my iPhone to 3.1 without realising the consequences of not being able to unlock & jailbreak it. Well i am currently stuck with 3.1 & no unlock & jailbreak. Any word of a workaround to my problem???
I used the above process on my 3GS 3.0.1. Got no ATT signal after jailbreaking, so I unlocked it with ultrasn0w and got the signal back but no ATT indicator and my newtork shows “Not Available”. The phone seems to work. I can receive calls and text, though I’ve lost the MMS thing. Tried hard reboot as well, still no go. Help….
Hi so I have an iPhone 3GS factory unlocked but my shsh isn’t saved to cydia
and it’s not jailbroken at 3.0 so what do I do now ? R they coming out with anew one soon? Thanks
I bought an iPhone 3Gs a couple of weeks before 3.1 came out. I still have not jailbroken my phone at any version, nor have I ran the 3.1 update from Apple. Am I ok to run the Pwnage Tool on my phone to 3.1, or do I need to jailbreak at 3.0.1 first?
Based on this statement I think I am ok to run.
“In short new pwnage tool release is specifically for 3gs users who are using 3.0.X, If you updated to 3.1 without your shsh saved to Cydia then you can’t do anything with this release.”
Thanks
RC
Vinay,
What’s your experience w/ 3.1 in terms of stability? I read there are lots of bugs still to be resolved.
I am still w/ 3.0 on my main 3GS and 3.1 unlocked on a backup one. Question: is it worth the upgrade or should one wait for 3.1.1 or 3.2?
I used the above process on my 3GS 3.0.1. Got no ATT signal after jailbreaking, so I unlocked it with ultrasn0w and got the signal back but no ATT indicator and my newtork shows “Not Available”. The phone seems to work. I can receive calls and text, though I’ve lost the MMS thing. Tried hard reboot as well, still no go. Help….
hey i did every thing as shown above at last in restoring i gave me an error saying restore cannot be done
Can’t seem to enable the baseband update too. Anyone else having that problem?
3Gs – redsnowed 3.0 – factory unlocked
Hi,
If I update my iPhone 3GS to the jailbroken OS 3.1 by using this pwnage tool as you mentioned in here, does it mean all of my installed applications in my phone will be erased?
Thanks in advance..
Hello..
I would like to ask sumthing…
If i never save my ecid or shsh will it still work by using ecid n shsh grabber
and use this jailbreak..
Thank you
Ok so I’m a little confused here. My phone is jailbroken via redsnow on os 3.0. Am I suppose to update my os to 3.1 through itunes, if so wont it restore the whole phone???
Can anyone confirm that if I manage to buy a 3GS with 3.0 or 3.0.1 software, that I will be able to jailbreak it to 3.1?
Will I have to redsn0w it and then restore it with pre-jailbroken firmware from PwnageTool?
Should I in future need to restore (slow phone…), will this guide still apply?
And what if Apple in the future denies 3.1 restoring and newer firmwares are not jailbreakable – how can I keep restoring my pwned 3.1 firmware?
@ shah yeah it’s a common bug, don’t worry about that…
Vinay,
Thanks very much for the tip. That was the missing link! It’s working now.
Shah
Hi,
I unlocked my 3GS 3.0, using purpera1n and ultrasn0w. Then, I upgraded my from 3.0 ultrasn0wd to 3.1 using the process above. Everything worked fine, however after reboot I can’t seem to get any signal.
Just one hint maybe, when I ultrasn0wd 3.0, I forgot to switch off 3G. Could this be the reason?
The phone is locked to O2 UK. Thanks for any feedback or advise.
@Shah No 3G on or off doesn’t matters, did you ultrasn0wed your 3.1 again ? How to Unlock iPhone 3GS OS 3.1 With UltraSn0w
I was wondering if anyone is actually working on a jailbreak for those who rescenrly purchased iPhone 3GS 3.1… Kept hearing news about that coming out “this weekend”?
I’m actually planning to return this iPhone and get an older version.. Can someone fill me in?
Can somebody upload the custom firmware???
Hey don’t want to rain on the Windows parade here, but if you look on the web there are several MAC OSX that are ready to be virtualized on windows. I have 3 macs, dual boot, and also 2 windows running MAC OSX virtual. It’s out there, all you have to do is find it. May I suggest Google
You mentioned official service provider do you also mean iPhones thats factory unlocked too?
THANK YOU FOR MAKING ARE IPHONES BE ARE IPHONES !!!! WHEN WILL THE 3GS 3.1 JAILBREAK BE OUT FOR WINDOWS ??????
i am also so disappointed coz of this …. no windows …no option to those who are in 3.1 and didnt jailbreak the previous 3.0 …
WHEN WILL THIS JAILBREAK BE OUT FOR WINDOWS? THANK YOU FOR ALL THE HELP MAKING ARE IPHONES BE ARE IPHONES !!!!
Hi guys, So basically i used to have a jailbroken phone using redsn0w 3.0.1 but then i was forced to do a system restore in order for factory unlocked. Now i am on 3.1 and did not saved SHSH to Cydia.
I do not want to unlock just want to jailbreak. Will this allow me to jailbreak?
Thanks
because mac is the best and windows sucks
Vinay Dude,,
how long do u think it’ll take for the D Team to release a version without any restriction (i.e. saving SHSH, not saving,,, bla bla bla).
anciously waiting, coz im a dumba** who updated 3GS to 3.1 without anything saved. he he.
please give us an update on this will ya..
thanx pal.
Hello,
How about posting 3GS 3.1 Custom ware for us that use windows. I think it is unfare to ignore windows users. I habe a JB 3GS, all I need is a custom ware to upgrade.
Thanks in advance.
Why Mac first? Windows has by far many more users
thats not justice please immediately make it for Windows.
Nevermind, I guinea-pigged my iPhone and it works, you can use the Pwned 3.1 firmware with a 3.0 purplera1ned 3Gs iPhone.
OK, so we have made a great advance in 3.1. It is GREAT to see that they have gotten so far so quickly, on such a painful piece of software. DEV Team, thanks for your hardwork!!
OK, so here is my question. I have a new out of the box 3GS, and it has never had jailbreak. So I see that I am still waiting for them to get to it. Is there any manual software out there, for MAC, that will allow me to capture my SHSH?
I found one for windows, but it just didn’t do anything. If this software exists, can I use it to jailbreak with the steps above?
Patty: It’s just a guess, but I suspect these guys all own Macs of various flavours and do all of the primary coding and hacking on their Macs. Which means that the tools are largely “ready to go” when they finally do come up with a stable, reliable method of jailbreaking or unlocking. However, this means that they’ve got to take all of that code and port it over to Windows – a lot of work for people that don’t make any money off’ve all of this yet have already put in a lot of time. So they don’t have a lot of incentive to do a Windows version first, nor a lot of incentive to do a Windows version second-but-quickly.
Not too long after I bought my iPhone 3G I also bought a MacBook Pro. I didn’t see a reason to try to make two major pieces of hardware/software from two large, competing companies try to work with each other when there was a hardware/software combination that would perfectly mesh with each other and everything else around them. I must say that I haven’t regretted my decision at all and if zero-day jailbreaking tools are very important to you …you’re going to have to stump for a Mac.
I am in category 1: I have an iPhone 3GS 3.0/3.0.1 redsn0wed : You are in
I have made it through creating the custom IPSW file using the PwnageTool; however I am stuck on the DFU Screen where it says Connect device to USB. My iPhone is connected to my mac, but I cannot get PwnageTool to see it.
What am I doing wrong?
I have a 3Gs with 3.0 firmware jailbreaked. But it’s purplera1ned, not redsn0wed. Can I still use this tutorial?
You can’t check “Enable baseband update”, it’s grayed out
My 3Gs 3.0.1 JB is factory unlocked so i want to update the baseband.
I see many people asking the same, but no answer.
Why Mac first? Windows has by far many more users