iHackintosh

Jailbreak your iPhone

Jailbreak iPhone 3GS iOS 4.1 with Pwnage Tool (Unofficial)

Advertisements

Apple released the iPhone Software update iOS 4.1, the latest firmware update contains baseband update and it’s un-compatible with Ultrasn0w. So if you are on pwned iOS 4.X.X, then you can update to iOS 4.1 pwned with the help of modified pwnage tool. Following is the guide to jailbreak your iPhone 3GS with iOS 4.1 final version. Please read the whole post thoroughly and then try to jailbreak your iPhone.

pwnage tool

Note / Warning :

  • The revised version of Pwnage Tool can not activate the phone. This means that if you own an iPhone 3G alien force you to use the original SIM Card or the Phonebook Card.
  • Pwnage tool linked in this guide isn’t released by Dev team, it’s an unofficial release by Criminal90. Big thanks to Criminal90 and iSpazio
  • You must be on already pwned 4.X.X / Old Bootrom or check if you satisfies the following conditions.

I am on iPhone 3GS 3.0/3.0.1 Redsn0wed  : You are in

I am on iPhone 3GS 3.0/3.0.1/3.1/3.1.2/ iOS 4 GM Pwned  : You are in

I am on iPhone 3GS 3.1.3 Spirit : Stay Away and Wait

  • iPhone 3GS and Mac OS only.
  • Use this guide on your own risk, i am not responsible for any damage (if any).

Requirements:

Instructions :

Step One). Download the required files and make a folder on Desktop called “iHackintosh” or whatever you want and put the Firmware 4.1 and Pwnage tool in iHackintosh folder.

Step Two). Close all other running programs and launch Pwnage tool from iHackintosh folder by double click.

Step Three). Choose your Mode, Simple Mode or Expert Mode

  • Simple Mode – Which provides step by step instructions as below and automatically detects your correct firmware and adds the unlock and activation and jailbreak with Cydia automatically to your
    custom firmware.
  • Expert Mode – Where you can adjust the settings on the various different additions to the custom firmware – if you click through and do not change anything in expert mode it will make the same

In the following post we used Expert mode for better reliability.

Step Four). In the next window click and select your iPhone. A big green check-mark will appear over the image of the phone which you selected. Once you selected the iPhone model then click the blue arrow button at bottom to continue.

Step Five). You will be brought to the “Browse for IPSW” Windows. On my Hackint0sh, it automatically found the IPSW. If PwnageTool doesn’t automatically find the ipsw file you can click Browse for IPSW(Just in Case)

Step Six). In the next screen click to select General then click the blue arrow button at the bottom right corner.

pwnagetoo

Step Seven). You’ll get to the General Settings Screen. The General settings allows you to decide the partition size, Activate the phone and Enabled baseband update. The most crucial step of your process so be careful and read it 3-4 times before getting in to the business. Check Activate the phone if you are not with an official carrier then click the blue arrow button. Deselect Activate if you have an iPhone legitimately activated on an official carrier.

  1. If you are using an Official service provider (i.e. AT&T) you do not need to “Unlock Baseband”, therefore you can Uncheck “Activate the phone”.
  2. If You are using an Unofficial service provider (i.e. T-Mobile) then check “Activate the phone” So you can enjoy Ultrasn0w with the 4.1

Note : Enabling the Baseband option is no more available so check the Activate the phone, no matter you need an unlock or not.

Step Eight). The next window Cydia settings menu allows you to create custom packages so you do not have to manually install them later.

  • Click to select the Download packages tab. Then click the Refresh button to display all the available packages. Double clicking the package you want will download it and make it available in the Select Packages tab.
  • Checkmark the ones you want then Click the blue arrow button.
  • The Custom Packages Settings menu displays listed package settings for your custom IPSW. For know leave these settings as is. Click the blue arrow button to continue.

Step Nine). The Custom Logos Settings menu allows you to add your own images, you can pick your custom logo settings. If you uncheck them both, the originals will remain. Once done click the blue arrow button to continue.

Step Ten). You are now ready to begin the Pwnage process! Click the Build button to select it then click the Blue arrow button to begin.

Step Eleven). You will be asked to save your custom .ipsw file. Save it to your Pwnage folder you created on your Desktop.

  • Your IPSW is not being built. Please allow up to 10 minutes.
  • You will be asked to enter your administrator password. Do this then click the OK button.

Step Twelve). Now another question, if your iPhone has been pwned before, or if you already unlocked or did jailbreak earlier. If you do not know, simply answer “No”.

If you’re already jailbroken (by whatever means), you don’t need to mess around with DFU mode at all.  Just create (or get from a friend) your custom IPSW and Option-Restore (Shift-Restore on Windows) to it via iTunes.  Don’t enter DFU mode at all.  Please make sure you are restoring to the custom IPSW, not the stock one from Apple!  For best results, use the latest iTunes (10) — which includes a nice new application organizer.

16208

Step Thirteen). Now one of the most important steps since the PwnageTool makes your iPhone into the mode of repair, called “DFU mode”, but then we need your help by pressing the buttons on / off in conjunction with the “home” for 10 seconds after releasing the button on / off and keeping the “home” for another 10 seconds.

Step Fourteen). Don’t worry if your timing goes wrong, because if you can not do at the right time Pwnage toll will ask you to try again. If everything worked, you get into DFU mode and your iPhone is ready to be unlocked. The Pwnage Tool has created an image software on your iPhone containing the release and to be able to finish your iTunes to restore this file “unlocked.”

162

Step Fifteen). Now enter in iTunes to restore your iPhone. Logo of guy that tells iTunes detected an iPhone in DFU mode and you need to restore. .

Step Sixteen). In iTunes, hold the Alt/Option key and click Restore. Navigate to the iHackintosh folder on your desktop using the dialog window that appears. Select the custom IPSW that was created and click the Open button. iTunes will now restore the firmware on your iPhone. This can also take up to 10 minutes.

_____________________________________________________________________________________

Stay tuned with us for your daily dose of iPhone news, you can follow us on twitter via @ihackinjosh You can also subscribe to our daily free e-mail news letter and keep your self updated with the latest of iPhone community.

Advertisements


Comments ( 25 )

Have Something To Say ?

  1. omar October 16, 2010 Reply

    have a iphone 3gs upgraded that to 4.1 using i tunes. i got stuck at the emergency call mode how to jailbreak ir now …any Help?

  2. Mick111 October 5, 2010 Reply

    Yeah, you HAVE to launch the iOS4.1Jailbreaker.pkg when PwnageTool 4.1 is asking for the password, or you will get the a long wait at “preparing the iPhone for restore”, then a 1604 error.

    What I did:
    – I was @4.1 official (iPhone 3GS).
    – Downgrade @3.1.2 official with Saurik method (change the /etc/hosts)
    – Jailbreak with BlackRa1n RC3
    – Creating the custom 4.1 with PwnageTool 4.1 by using the iOS4.1Jailbreaker.pkg while password prompt.
    – remove the last line in /etc/hosts from Saurik method
    – install the custom 4.1 without getting into DFU mode
    – restore my phone from the itunes sync backup

    Once more, launching iOS4.1Jailbreaker.pkg is mandatory but NO-ONE tell it in tutorials…

    I wonder if the guys who wrote them have actually did it or just copy/paste without credits to quickly make a new article…

  3. kenjubas September 23, 2010 Reply

    in order to restore to custom firmware you must:
    1)have old bootrom iPhone 3GS (Some MC models are also old bootrom! Your iphone’s serial must start with XX940 or be less! Mine is XX939)
    2)downgrade to 3.1.2 or 3.1.3 and pwn it using redsn0w, blackra1n or pwnagetool (jailbreakme doesn’t work) For 3.1.3 you can use spirit (must install spirit2pwn before trying to upgrade to 4.1 custom) Otherwise you’ll get 1600 in DFU or 1604 in restore mode.
    If you made your custom with pwnagetool 4.1 (unofficial) then ultrasn0w won’t work (you phone will lag alot and will be stuck at “Searching”)
    Here is a link to custom I made using pwnagetool 4.0.1 and a 3GS bundle from msft.guy. It has updated kernel to make ultrasn0w work perfectly on 4.1 . You also won’t need safari fix and cydia will work fine.

    http://www.megaupload.com/?d=G7GRP97I

    You do need original sim to activate your phone.
    This will preserve whatever baseband you are on.
    ultrasn0w will work if your modem is <=5.13.04
    tested on xx939

  4. enigma September 21, 2010 Reply

    works fine on 3Gs FW 4.0! but this guide misses an important part! when asked vor password you have first to install the jailbreaker 4.1 from ispazio!

  5. Jayoh September 19, 2010 Reply

    Your instructions are missing a step. When it asks for your password while building the ipsw your supposed to install the ios4.1jailbreaker package then enter your password. I dont know if this is the reason people are having problems with it but i did that step and it worked fine for me.

  6. Chris Lowe September 19, 2010 Reply

    Yes this does not work. What is the extra installer file that is included in this package? I have done this 100’s of times and the firmware that is built here is not working for iTunes10. Getting error 1600 every single time.

  7. syli September 17, 2010 Reply

    Did not work for my iPhone GS3 with the newest OS 🙁

  8. Varun360 September 16, 2010 Reply

    Does this work, did any one try this?

  9. Wall_E September 15, 2010 Reply

    I think you should correct 4.1 instead of 4.0.1 under Requirements.
    (* iPhone 3GS iOS 4.0.1 Download Here)

  10. Fidelx5 September 14, 2010 Reply

    This is not working for me, I have old boot and did everything above and is marking an error when restoring (1600), any ideas?

  11. richard September 14, 2010 Reply

    Nope, it gets stuck at “Preparing iPhone for restore” then 1604. – 3gs on 3.1.3 Jailbroken

  12. Ice September 12, 2010 Reply

    Tried it today on my 3GS 4.0 pwnd. Unfortunately it was unsuccessful. When I tried to apply the customized firmware, the phone froze and I got “unknown error (2009)”. 🙁
    Tried it several times. Result always the same.

  13. Samson September 12, 2010 Reply

    Should the above in “Requirements”:
    Phone 3GS iOS 4.0.1 Download Here

    the downloaded firmwaree should be iOS 4.1?

    Yes is usable for iPod Touch 3 MC version?

  14. netsba September 12, 2010 Reply

    it works but ultrasn0w does not working

  15. scott September 12, 2010 Reply

    I get error “2009” when trying to update this. I have a 3GS with the old bootrom version.

  16. Chris Carey September 11, 2010 Reply

    I tried it on Mac with 3GS old bootrom and was unsuccessful. Error 1600 this last attempt. Since this device was Pwned I tried the first time in recovery mode, then the second time in DFU mode. Neither worked.

  17. Victor September 11, 2010 Reply

    Don’t use this manual if you have NEW bootROM, I just found that mine is new.

  18. Kay September 11, 2010 Reply

    I downloaded to my windows vista desktop and not working on it just MAC I guess

  19. Victor September 11, 2010 Reply

    Ona last step when Itunes goes to upload custom firmware I got 1600 error. WTF?

  20. Strpwnsulol September 11, 2010 Reply

    Hey so if I’m on 4.01 and used jailbreakme to jailbreak my iphone 3GS does that mean that this isn’t gonna work for me?

  21. gilbo September 11, 2010 Reply

    Could not get this to work.

    Started with 3GS, Old Boot Rom, Pwned at OS 4.0

    Whichever mode I tired (DFU/Recovery/Nothing) could not get past various iTunes errors #1600, #1611, #2009.

    So tried going back to the pwned 4.0 IPSW and it restored fine.

    Any ideas?

  22. BuffDaddyJR September 10, 2010 Reply

    Anyone try this yet? If so was it successful?

  23. Michael September 10, 2010 Reply

    Can I apply this tutorial for my iPhone 3GS on Windows 7? Or does it only work on Mac OS?

    • Vinay September 10, 2010 Reply

      @Michael for Mac OS only

  24. mogli September 10, 2010 Reply

    hey guys!
    good news, but i’ve got the old bootrom but also my iphone 3gs is a MC model! i’m on 4.0 pwned & unlocked. can i give it a try or should stay away? thx

Leave your comment here