iPhone Dev Team had released PwnageTool 4.01 to allow iPhone 3G and iPhone 3GS (old bootrom) users to update and jailbreak their iPhone with iOS 4.
In this article, we will take you through a step-by-step procedure to jailbreak the latest iOS 4 using PwnageTool 4.01. This guide is only for iPhone 3GS users.
Some important points before we proceed:
- Please note that jailbreaking your iPhone or iPod Touch may void your warranty and hence proceed with caution.
- This guide is only for iPhone 3GS users. iPhone 3G users can checkout this step-by-step guide.
- Do not forget to backup your iPhone before you proceed. You can refer to this post for instructions on how to backup your iPhone 3GS.
- After the jailbreaking process is complete, do not forget to checkout our article on tips to keep your iPhone secure. Also, remember to change the password of your jailbroken iPhone
- PwnageTool is only supported on Mac OS X and is not supported on Microsoft Windows
- PwnageTool does not unlock your iPhone 3GS. You can use Ultrasn0w to unlock your iPhone after you have successfully updated and jailbroken your iPhone 3GS with iOS 4.
- The latest PwnageTool only works on iPhone 3GS that have already been jailbroken. If your iPhone 3GS is previously jailbroken and comes with the old Bootrom, you can follow the instructions below to jailbreak iOS 4. However, please note that PwnageTool 4.01 does not work if you have used Spirit to jailbreak the device. You can checkout this article to find out your iPhone 3GS bootrom version.
We would like to reiterate that iPhone 3GS devices with the new Bootrom are NOT supported by PwnageTool.
If you meet the requirements mentioned above then you can proceed with the step-by-step instructions to jailbreak your iPhone 3GS.
Step 1: Download PwnageTool 4.01 from here or here and save it in a folder named "Pwnage" on your Mac desktop.
Step 2: You also need to download the iOS 4 firmware file (iPhone2,1_4.0_8A293_Restore.ipsw) from this link. Download the file using Firefox since Safari might auto extract it.
Step 3: Double click and launch the PwnageTool. This will create a PwnageTool icon that you can click and drag into the Pwnage folder.
Step 4: Double click on the PwnageTool icon to launch the application. You will be presented with a warning. Click 'OK' to proceed.
Step 5: The PwnageTool window will now open. On the top menu bar, click on the Einstein icon to select "Expert mode".
Step 6: You will also need to specify your device. Click on the iPhone 3GS picture to select the model. Click the blue arrow button at the bottom-right side of the window to continue
Step 7: The application will now ask you to "Browse for IPSW". If the application does not automatically pick the appropriate IPSW, you may click on the 'Browse for IPSW' link and select the IPSW file that you have saved on your desktop Pwnage folder. Click on the blue arrow to proceed
Step 8: You will now be shown the Firmware bundle customization page. Click on 'General' and press the blue arrow button to continue.
Step 9: In 'General Settings', you will find an option that reads 'Activate the phone'. Check this option if you are NOT using an official iPhone carrier. Deselect the option if you are with an official network carrier. Press the blue arrow to proceed.
Step 10: In the 'Cydia Settings' window, click on the 'Download packages' tab and press 'Refresh'. This will display all the available packages. Select the ones you want (OpenSSH and OpenSSL) and then click on the blue arrow button.
Step 11: Now click on the 'Select Packages' tab. You will see the selected packages displayed here. Press 'Select All' and click on the blue arrow button to continue.
Step 12: The 'Custom Packages Settings' window will list package settings for your custom .ipsw. Click on the blue arrow button to move to the next step.
Step 13: Here you have the option to change logos for Boot and Recovery. You can choose the default images or click on browse to provide your own logos. Do note that the images need to be in grayscale/RGB with a maximum dimension of 320×480. Once selected, press the blue arrow button to continue.
Step 14: You are now ready to start the Pwnage process. Click on the Build button to select it and then click on the blue arrow to start the Pwnage process.
Step 15: The application will now prompt you to save your custom .ipsw file. Save the file in the Pwnage folder on your desktop. The IPSW file will take close to ten minutes to be completely built.
Step 16: You will be prompted to enter your administrator credentials. Enter the details and click 'OK'.
Step 17: Once the IPSW file is built, you will be asked to put your iPhone in recovery mode. Click 'OK' and then connect your iPhone 3GS to the computer.
Step 18: Press and hold the Home button and the Sleep/Wake button on your iPhone simultaneously. The screen will now go black. At this point release the Sleep/Wake button while continuing to hold the Home button
Step 19: iTunes will now prompt you with a message that reads "iTunes has detected an iPhone in recovery mode". Press OK. Your iPhone is now in recovery mode
Step 20 : While on the iTunes window, hold the Alt/Option key and click on the 'Restore' button. (This is a VERY IMPORTANT STEP as just pressing the "Restore" button will result in restoring your iPhone with the latest firmware, which is iOS 4.0 firware currently, by holding down Alt/Option button, allows you choose the custom iPhone firmware file)
Step 21: Navigate to the Pwnage folder on your desktop and select the custom IPSW file that was just built. Click on the 'Choose' button to proceed.
Step 22: iTunes will now restore the custom firmware on your iPhone 3GS. The process will take up to 10 minutes. Once it is completed, your iPhone 3GS will reboot and should be updated with iOS 4. It should also be successfully jailbroken.
We hope you found this tutorial useful. Please let us know how it goes in the comments below.
[via iClarified]