A new iPhone hacker named Johnny Franks (@0xjohnny) just released PwnageTool bundle to jailbreak iOS 4.2.1 GM on iPad (Wifi+3G) model. For those who don't know, Apple released iOS 4.2.1 GM to fix issues related to Exchange and the audio devices. You can use this bundle to patch PwnageTool 4.1.2 which then can be used to jailbreak iOS 4.2.1 on iPad using the procedure below.
Steps to Patch PwnageTool 4.2.1 with PwnageTool Bundle:
*Find download links at the end of post
- *Download PwnageTool 4.2.1 for Mac OS X
- *Download iPad iOS 4.2.1 GM PwnageTool bundle
- *Download iOS 4.2.1 GM IPSW for iPad
- Place PwnageTool 4.2.1 (PwnageTool), PwnageTool bundle file (iPad1,1_4.2.1_8C148.bundle) and iOS 4.2.1 GM IPSW for iPad (iPad1,1_4.2.1_8C148_Restore.ipsw) on your desktop or in one directory.
- Right-click on PwnageTool and select Show Package Contents
- Now navigate to Contents/Resources/ and drag or copy PwnageTool bundle file (iPad1,1_4.2.1_8C148.bundle) in FirmwareBundles directory as shown in the screenshot below:
- Once done, launch the PwnageTool and select iPad, Apple TV 2G option as shown in the screenshot below:
- Now PwnageTool will detect iPad iOS 4.2.1 GM IPSW automatically. If it fails to detect, go to Expert mode and browse to the IPSW you downloaded in step 3 manually.
- Now wait while PwnageTool cooks iOS 4.2.1 GM custom IPSW which will jailbreak your iPad on iOS 4.2.1 GM when restored through iTunes.
- Once done, connect your iPad to your Mac through USB cable and hold down the Power and Home button simultaneously for 10 seconds, after 10 seconds release the Power button but continue holding the Home button until PwnageTool detects your iPad in DFU mode.
- Thats it! Now you can iOS 4.2.1 custom IPSW (iPad1,1_4.2.1_8C148_Custom_Restore.ipsw) on your desktop as shown in the screenshot below:
Steps to Restore iOS 4.2.1 GM Custom IPSW Through iTunes:
Once you have successfully created the iOS 4.2.1 GM custom IPSW through PwnageTool and your iPad is in DFU mode, launch iTunes and click on the name of the device from the side panel to view the summary page.
Now you will see two buttons, Check for Updates and Restore. Hold down the ALT key (SHIFT for Windows) and click on the Restore button to browse for iOS 4.2.1 GM custom IPSW file you just created with the patched version of PwnageTool 4.1.2
Now wait until iTunes restores the custom cooked iOS 4.2.1 GM IPSW on your iPad. If you see iTunes error 1004 or 1015 during the restore, don't panic because the firmware restore on your device is now complete. All you need is to kick your device out of recovery mode by using RecBoot or TinyUmbrella software.
Steps to Boot into Jailbroken State After iOS 4.2.1 Custom IPSW Restore:
- Download tetheredboot file by msft_guy from here.
- Create a new folder on desktop and rename it to tetheredboot.
- Place the tetheredboot file you downloaded in step 1 in the directory you created in step 2.
- Download and install LibUSB for Mac OS X (Tiger (10.4.x) | Leopard (10.5.x) | Snow Leopard (10.6.x))
- Put your device into Recovery mode by using Recboot. Download Recboot from here.
- Rename iOS 4.2.1 custom IPSW from iPad1,1_4.2.1_8C148_Custom_Restore.ipsw to iPad1,1_4.2.1_8C148_Custom_Restore.zip and extract the contents on the desktop.
- Open iPad1,1_4.2.1_8C148_Custom_Restore directory and copy kernelcache.release.k48 to tetheredboot directory.
- Similarly navigate to /Firmware/dfu/ and copy iBSS.k48ap.RELEASE.dfu to tetheredboot directory.
- Now you should have 3 files in tetheredboot directory as shown in the screenshot below:
- Rename kernelcache.release.k48 to "kernel" and iBSS.k48ap.RELEASE.dfu to "iBSS"
- Now open Terminal app on Mac OS X and type the following set of commands:
./tetheredboot iBSS kernel
You will see some code running in the window, and then it will say that the device needs to be in DFU mode to continue. So, while the process is still running in Terminal, put the device into DFU mode.
Once it’s correctly put into DFU mode, the tetheredboot program will do the rest for you. It will upload the kernel and iBSS, and then boot of the patched kernel. Click here for full terminal log.
Steps to Patch Cydia on iOS 4.2.1 GM for iPad:
Note that Cydia for iOS 4.2.1 GM is still broken. However you can patch the existing version of Cydia by using bspatch utility to make it work with iOS 4.2.1 GM by using the steps below:
- Download cy-3.zip from here and unzip it to find Cydia.patch file for iOS 4.2.1.
- SSH into your iPad (WinSCP | CyberDuck), navigate to /Applications/Cydia.app/ and place Cydia.patch file in Cydia_ directory.
- Open Terminal app on Mac OS X and use the following commands as shown in the screenshot below:
apt-get install bsdiff
cp Cydia_ Cydia.bak
bspatch Cydia.bak Cydia_ Cydia.patch
chmod +x+s /Applications/Cydia.app/Cydia_
Download iTunes 10.1 for Windows & Mac OS X
Download PwnageTool 4.2.1 for Mac OS X
Download iPad iOS 4.2.1 GM PwnageTool bundle
Download iOS 4.2.1 GM IPSW for iPad (Developers Only)
[Update via @0xjohnny, Image via @0xjohnny, Cydia fix via 0xjohnnyiphone]
Update#1: Download Redsn0w 0.9.6b3 to Jailbreak iOS 4.2.1 GM on Windows & Mac OS X
Update#2: Download official PwnageTool 4.2 for untethered iOS 4.2.1 jailbreak on Mac
Update#3: Download Sn0wbreeze 2.2 for untethered iOS 4.2.1 jailbreak on Windows