With the help of this tutorial you will be able to make a jailbroken custom ipsw, activated and which will keep the baseband intact during the update to iOS 4.1. This version of PwnageTool works with all iDevices compatible with iOS 4.x, except iPhone 2G and iPod Touch 1G which cannot run iOS 4.x due to limitations imposed by Apple. If you have baseband 05.14.02 you cannot decode your terminal because there is no decoding solution and you will have to wait until the Dev Team can launch such a decoding solution.
For Apple TV 2G you only have the possibility to run commands via SSH because for now there is no interface that allows the installation of applications on this device. PwnageTool automatically installs afc2add, so you will only need to use ifunbox to copy files to Apple TV 2G.
For this process to work, it is necessary to have the latest version of iTunes installed on Mac OS X and enter the terminal in DFU Mode following the instructions in PwnageTool because the application injects an exploit that "fools" iTunes and allows you to use the custom ipsw made by you. If you do not follow this step, you will receive errors when you try to restore.
PwnageTool 4.1 works with:
- Apple TV 2G
- iPad (firmware 3.2.2)
- iPod touch 4G
- iPod touch 3G
- iPhone4
- iPhone 3GS
- iPhone 3G
PwnageTool 4.1 ONLY works on Mac OSX and there will never be a Windows version.
Step 1
Download iOS 4.1 for your phone version here:
It's best to download the firmware with Firefox because other download managers will unzip it, but if you've extracted using anything other than Firefox and the firmware has the zip extension instead of ipsw, then just change the extension from zip to ipsw.
PwnageTool 4.1 can be downloaded from: [download id=”95″]
Step 2
Mount the image with PwnageTool, connect the phone to Mac OSX and open the application.
You will receive a warning message, press OK to continue.
Step 3
Select expert mode from the menu bar.
Step 4
Select the iPhone version for which you are doing the ipsw.
Step 5
Press continue and you will be asked to search the computer for the location where you downloaded the Apple firmware. Press the broswe button and go to the relevant directory. There is a possibility that the firmware will be found automatically if you copy the application to the folder where you downloaded the firmware.
Choose the firmware, then press continue.
Step 6
You will arrive in front of a menu with 4 options that give you the opportunity to customize the firmware. The General option will take you through all the secondary options of PwnageTool, so choose General and press the blue button to continue.
Now you will have the menu in front of you that allows you to select between activating the phone automatically through this custom ipsw or to allow the phone to update the baseband. If you do NOT have the telephone operator's card to do the activation, then leave the "Activate the phone" option checked. Besides that, there are a number of options for iPhone 3G users such as: activating multitasking; activating the wallpaper from the homescreen and the percentage to indicate the battery level.
The packages settings option will give you the possibility to select .deb files to be installed automatically in the restore process. Click on the Download packages tab, double-click on the desired applications to download them, then select what you downloaded and press the blue button to continue.
You will be brought to a window where only the selected applications will appear, press the blue button to continue.
You will now reach the menu for installing packages, leave Cydia checked and press the blue button to continue.
The Custom Logos Settings option will give you the opportunity to change the boot logos. Press browse to choose the images from your computer, but they must not be larger than 320×480 and must be .png files.
Press the blue button to continue.
Step 7
You will reach the initial page of optuni. To start the process press the build button then the blue button to continue.
Step 8
You will be asked to choose the location where the custom ipsw will be saved, choose it, click and click save to start the process. The process can take up to 10 minutes or more, depending on your computer.
You will be asked to enter your username and system password, which you must specify to continue the process.
You will receive a warning message in which you will be asked if the iPhone has ever been jailbroken. It is best to press No if you do not know or are not sure of the answer.
Step 9
After PwnageTool finishes creating the custom ipsw, it will ask you to turn off the phone. ATTENTION this step is necessary! You must have your phone connected to your computer to continue the process.
Step 10
If you put the phone in DFU Mode, do it ONLY by following the instructions in PwnageTool, otherwise use Recovery Mode to restore.
If the process fails, you will be greeted with a message similar to the one below, what you need to do now is to press Yes, remove the USB cable from the phone, close it, open it again, connect it again to USB and get ready to redo the process.
If you manage to enter the phone in DFU Mode, a message like this will appear:
If you have iTunes open, the following message will appear. If you haven't opened iTunes yet, you can do so.
Step 11
Simultaneously press Alt/Option to select the created custom ipsw and to start the restore process.
After the installation is finished the phone will restart but it will NOT be decoded, to do the decoding you need to install ultrasn0w from Cydia, you have a tutorial here.
If you followed the steps carefully then you should now have a jailbroken and decoded iOS 4.1 phone.
CONGRATULATIONS! You have a jailbroken phone, if you have other questions or problems you can ask me in the support page here.
