It is here: iPhone DevTeam just released PwnageTool 4.1. PwnageTool’s main advantage to ramdisk-based methods (limera1n, greenpois0n, redsn0w) is for unlockers — those that need to keep their current baseband and preserve their ultrasn0w unlock. But in this new age of both bootrom- and userland-based exploits, its an excellent platform for continuing the jailbreak through all future firmwares.
AppleTV 2G users: Welcome to the JB family! Right now, about all you can do is command-line stuff via ssh. You also have afc2 available, so you can use tools like ifunbox to move files around. These are the *very* early days of AppleTV 2G jailbreaking, so it’ll take some time for JB app developers to come up with methods to use your AppleTV 2G from the remote, versus the command line. PS: Your ssh password is “alpine”…please change it when you can 🙂
Expert mode: By popular demand, the IPSW file selection in Expert mode is now completely manual (doesn’t use Spotlight). Just pick your IPSW file directly instead of waiting for the Spotlight search to complete. In Expert mode, the default is to hacktivate (“Activate the iPhone”), so if you have a legit SIM card be sure to deselect that option in Expert mode.
DFU button: That “DFU” button in PwnageTool is more than it looks like. It guides you through the DFU process, but then also runs the appropriate exploit to convince your device and iTunes that all is legit. The DFU button in PwnageTool is not just your average DFU.
Through a combination of the recently released geohot limera1n exploit comex’s recently released pf exploit, and our original pwnage2 exploit, PwnageTool 4.1 works on these devices at firmware 4.1:
- AppleTV 2G
- iPad (firmware 3.2.2)
- iPod touch 4G
- iPod touch 3G
- iPhone4
- iPhone 3GS
- iPhone 3G
You need:
- PwnageTool 4.1
- Stock firmware for your device – download here
How to do it:
1. Load iTunes and sync your iDevice so you can backup. If you dont want to backup with iTunes, you can to it manually…
2. Download and load PwnageTool 3.1.5. You will get a pop-up window, click OK
3. Click on expert mode button, select your device and click on the blue arrow to continue.
4. In the next window, you will need to select the original firmware for your device. Click on Browse for IPSW and then click on the blue arrow…
5. In the next window select “General” and lets start customizing the firmware
5.1. In the next screen adjust the size of the partition or leave as it is and click on continue.
NOTE: Deselect Activate if you have an iPhone legitimately activated on an official carrier.
NOTE: You may need to increase the size of the root partition slightly. My first attempt failed at creating the IPSW until I increased the size to about 695 MB.
5.2 In the next screen you can add repositories and install any application that you want so when you restore your iDevice it will already be full of everything you need. To do this, first go to “Manage Sources” and add all the sources that you want. Now go to the “Download Packages” tab, refresh the list and select the apps that you want to be install and click on “Add to queue”. All the apps will be displayed in the “Select Packages” tab. Make sure everything is right and than click on the blue arrow to continue
5.3 In the next window you have the option to install Cydia or not. We suggest you do….
6 Now select “Build” and than click on the blue arrow to continue and start creating your custom firmware
6.1 Now you will be asked where you want to save the custom firmware. Choose your path and click on Save
7. Now wait until the custom firmware is built and saved on your computer
8. Now it’s time to put the iOS device into DFU mode. Connect your device to your computer turned ON and follow the steps on the screen
10. Once you are into DFU mode, open iTunes ( it will recognize a device in recovery mode ) , alt+restore and browse for the custom FW you just created. Wait for the restore
11. That’s it you’re done!
12. If you preserved the baseband you can install ulran0w via Cydia.