Jailbreak iPhone 4 with PwnageTool bundle

Jailbreak iPhone on iOS 4.31 with PwnageTool

It is great to hear that the brand new iOS upgrade 4.3.1 is already jailbroken. Apple has provided this upgrade for iPhone, iPod and iPad and DjayB6 has provided the necessary jailbreak bundle and Universal RamdiskFixer. Unfortunately the jailbreak is a tethered one. To remind you tethered jailbreaks means that you will have to boot up your iPhone with the jailbreak tool to successfully use your iPhone again. Also this will at this moment work only for iPhone 4 but the jailbreak for iPhone 3GS and iPod Touch should also be available soon.

Here are the instructions you will need to follow to jailbreak the new iOS 4.3.1 upgrade on your iPpone 4. For this you will ned to use following tools: Pwnage Tools 4.2 Universal RamdiskFixer and tethered boot tool. As you probably know Pwnage Tools is a Mac only software.

To do this you will need to have following:

- Latest Pwnage Tools version 4.2
- iOS 4.3.1
- latest iTunes version (10.2.1)
- Mac OS X
- Pwnage Tools Bundle for 4.3.1 firmware
- Tethered boot tool
- Universal RamdiskFixer

Please note at this moment there is no unlock available for 4.3.1 firmware. If the carrier unlock is important to you don’t upgrade to 4.3.1 firmware. Your Iphones baseband wont be upgraded which is very important for most people and hacktivation is also supported. Cydia works on 4.3.1 firmware

How to modify Pwnage tool:

First you will have to download necessary files of the Pwnage Tool bundle together with Universal RamdiskFixer. The file will be zipped so you will need to unzip it and inside the file is an .bundle file named: iPhone3,1_4.3.1_8G4.bundle (which is the file needed for your iPhone 4). Copy the file to a folder on your desktop. You can download the bundle here

Now you’ll need to get Pwnage Tools version 4.2 which you can download here and copy the file to
/Applications. Now just right click on the file and select Show Package Contents.
Go to the Contents /Resources/ FirmwareBundlesand paste the previously downloaded file iPhone3,1_4.3.1_8G4.bundle into this folder.

Next step is to create custom prepared Ramdisk for your new 4.3.1 firmware version

Download Universal RamdiskFixer here and install it. This tool is crucial as the Pwnage tools 4.2 with its current Ramdisk wont work for iOS 4.3.1.

Build custom firmware 4.3.1

Download the official Apple iOS 4.3.1 firmware here and copy it to your desktop.

Fire up Pwnage Tools and choose the Expert Mode. Choose your device from the list.
Now it will ask you for the proper firmware. Browse to your desktop where the firmware is located.
Next step is to choose Build and then the software will start building the custom firmware for your iPhone.
Put your iPhone into DFU mode by following instructions on the screen.

As ussually to enter DFU mode follow this:

Press Power and Home for about 10 seconds.

Release the Power button and continue holding the Home again for about 10 seconds.

Your iPhone will enter DFU mode and you will see only a black screen on the display.

How to restore to your custom firmware 4.3.1 with iTunes

Fire up your iTunes (do not forget to update itunes to latest version). Select your iPhone 4 on the left hand side. On your Mac keyboard press option key (left alt) and in iTunes click on Restore option.

iTunes will ask for the location of your firmware and you will just have to point it to your previously made custom iOS firmware 4.3.1 and choose “Open”.

iTunes will now restore your iPhone with the custom firmware. Be patient and wait until your iPhone is restored. When its finished your iPhone will be jailbroken with iOS 4.3.1.

How to boot your iPhone:

Since this is a tethered jailbreak currently you will need to boot into the jailbroken state. In order to do this you will need to use another tool called tethered boot. Again you can download this file here.

After you have downloaded it just extract it to your desktop. Now you get to little bit more complicated details. You will need to fetch two files from the custom firmware 4.3.1 you just made with Pwnage Tools. To do this just make a copy of the custom firmware file. Copy it to a folder on your desktop and rename the file from .IPSW to .ZIP and now simply extract the zip file.

Go to the folder Firmware/dfu/ and inside it you will need these two files:

kernelcache.release.n90

iBSS.n90ap.RELEASE.dfu

Select this two files and move them to a new folder on you desktop which you will name tetheredboot. Also move the tethered boot tool previously downloaded to the same folder.

Please turn off your iPhone at this point and fire up the Terminal on your Mac computer.

Type following commands in Terminal:
sudo -s

Now type your administrator password on the computer.

Next type this:

/Users/UserName/Desktop/tetheredboot/tetheredboot
/Users/UserName/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu
/Users/UserName/Desktop/tetheredboot/kernelcache.release.n90

Of course, instead of UserName insert your own user name.

You will now see code executing on the screen. After a short time it will ask you to put your iPhone into DFU mode (follow the instructions again for DFU).

Please wait until your iPhone boots up. Terminal on your Mac computer should display “Exiting libpois0n” notification.

Your iPhone will boot up and it will be jailbroken and ready to use.