Dev Team has just released the latest version of PwnageTool 4.3 which allows us to make a custom ipsw for iOS 4.3.1 Using this custom ipsw we will be able to do untethered jailbreak on iOS 4.3.1 but we will also be able to update without updating the baseband- of our terminals. This new version of PwnageTool has implemented the bootrom exploit from limera1n plus the untethered exploit from i0n1c, but it doesn't work for iPad 2 either. Unfortunately, even ultrasn0w doesn't work with iOS 4.3.1 for now, so don't update if you need an unlock.
PwnageTool only works on Mac OS X and is compatible with the following devices:
- iPhone3GS
- iPhone4 (GSM)
- iPod touch 3G
- iPod touch 4G
- iPad1
- AppleTV 2G (PwnageTool only for now)
This new version of PwnageTool NU it unlocks for basebands 05.14.x, 05.15.x, 02.10.x or 03.10.x so don't try. You will not solve the problems with the 06.15.00 baseband using this version of PwnageTool, nor will you downgrade the baseband using it.
It doesn't matter what bootrom or baseband your devices have, you will be able to use the custom ipsw made with PwnageTool 4.3.
Step 1
Download iOS 4.3.1 for your terminal from here.
It's best to download the firmware with Firefox because other download managers will unzip it, but if you've extracted using anything other than Firefox and the firmware has the zip extension instead of ipsw, then just change the extension from zip to ipsw.
PwnageTool 4.3 can be downloaded from: [download id=”125″]
Step 2
Mount the image with PwnageTool, connect the phone to Mac OSX and open the application.
You will receive a warning message, press OK to continue.
Step 3
Select expert mode from the menu bar.
Step 4
Select the iPhone version for which you are doing the ipsw.
Step 5
Press continue and you will be asked to search the computer for the location where you downloaded the Apple firmware. Press the browse button and go to the relevant directory. There is a possibility that the firmware will be found automatically if you copy the application to the folder where you downloaded the firmware.
Choose the firmware, then press continue.
Step 6
You will arrive in front of a menu with 4 options that give you the opportunity to customize the firmware. The General option will take you through all the secondary options of PwnageTool, so choose General and press the blue button to continue.
Now you will have the menu in front of you that allows you to select between activating the phone automatically through this custom ipsw or to allow the phone to update the baseband. If you do NOT have the telephone operator's card to do the activation, then leave the "Activate the phone" option checked. Besides that, there are a number of options for iPhone 3G users such as: activating multitasking; activating the wallpaper from the homescreen and the percentage to indicate the battery level.
The packages settings option will give you the possibility to select .deb files to be installed automatically in the restore process. Click on the Download packages tab, double-click on the desired applications to download them, then select what you downloaded and press the blue button to continue.
You will be brought to a window where only the selected applications will appear, press the blue button to continue.
You will now reach the menu for installing packages, leave Cydia checked and press the blue button to continue.
The Custom Logos Settings option will give you the opportunity to change the boot logos. Press browse to choose the images from your computer, but they must not be larger than 320×480 and must be .png files.
Press the blue button to continue.
Step 7
You will reach the initial page of optuni. To start the process press the build button then the blue button to continue.
Step 8
You will be asked to choose the location where the custom ipsw will be saved, choose it, click and click save to start the process. The process can take up to 10 minutes or more, depending on your computer.
You will be asked to enter your username and system password, which you must specify to continue the process.
You will receive a warning message in which you will be asked if the iPhone has ever been jailbroken. It is best to press No if you do not know or are not sure of the answer.
Step 9
After PwnageTool finishes creating the custom ipsw, it will ask you to turn off the phone. ATTENTION this step is necessary! You must have your phone connected to your computer to continue the process. Do not try to enter the terminal in DFU Mode on VMWare because it will not work.
Step 10
If you put the phone in DFU Mode, do it ONLY by following the instructions in PwnageTool, otherwise use Recovery Mode to restore.
If the process fails, you will be greeted with a message similar to the one below, what you need to do now is to press Yes, remove the USB cable from the phone, close it, open it again, connect it again to USB and get ready to redo the process.
If you manage to enter the phone in DFU Mode, a message like this will appear:
If you have iTunes open, the following message will appear. If you haven't opened iTunes yet, you can do so.
Step 11
Simultaneously press Alt/Option to select the created custom ipsw and to start the restore process.
If you followed the steps carefully then you should now have a jailbroken and decoded iOS 4.3.1 phone.
