Results

See more...

Jailbreak iOS 4.3 GM (Gold Master) on iPhone 4 with PwnageTool Bundle [Tethered]

An iPhone hacker named b1onic has created a PwnageTool bundle and Universal Ramdisk Fixer to jailbreak iOS 4.3 GM (Gold Master) on iPhone 4. You can use this bundle and Ramdisk Fixer to patch PwnageTool 4.2. Once patched, you can create custom IPSW of iOS 4.3, which on restore though iTunes will jailbreak your iPhone 4.

PwnageTool 4.2 iOS 4.3 Bundle
NOTE: Although this PwnageTool bundle will jailbreak iOS 4.3 GM on your iPhone 4 with fully working Cydia but still it will be a tethered jailbreak. You will be needing to boot into tethered jailbroken state using tetheredboot utility on every restart.

Steps to Patch PwnageTool 4.2 with PwnageTool Bundle for iPhone 4:

  1. Download iOS 4.3 GM for iPhone 4 from here
  2. Download PwnageTool 4.2 from here and place it in /Applications directory.
  3. PwnageTool in Applications

  4. Download iOS 4.3 PwnageTool bundle for iPhone 4 from here
  5. Right-click on PwnageTool 4.2 and choose Show Package Contents option as shown in the screenshot below:
  6. PwnageTool - Show Package Contents

  7. Now navigate to Contents/Resources/FirmwareBundles/ and copy the bundle file (iPhone3,1_4.3_8F190.bundle) to the FirmwareBundles directory.
  8. iOS 4.3 PwnageTool Bundle

  9. Thats it. You have successfully patched PwnageTool 4.2 with PwnageTool bundle. Now proceed to steps below to patch the broken Ramdisk of PwnageTool.

Steps to Fix Broken PwnageTool Ramdisk with Ramdisk Fixer:

  1. Download Universal Ramdisk Fixer for iOS 4.3 GM from here
  2. Make sure PwnageTool 4.2 is present in /Applications directory and iOS 4.3 GM file (iPhone3,1_4.3_8F190_Restore.ipsw) is present on your desktop.
  3. Run Ramdisk Fixer package and follow the on-screen instructions.
  4. Universal Ramdisk Fixer
    Universal Ramdisk Fixer
    Universal Ramdisk Fixer
    Universal Ramdisk Fixer

Steps to Create iOS 4.3 Custom IPSW for iPhone 4 with PwnageTool:

  1. Launch PwnageTool, click on the Expert mode, select iPhone 3GS, 3G, 4 from the displayed options and click Next button to continue.
  2. PwnageTool 4.2 - Main Window

  3. Click on the Browse button and select iOS 4.3 firmware file you downloaded in step 1.
  4. Browse iOS 4.3 Firmware File

  5. Click on the Build tab and hit the Next button.
  6. Build iOS 4.3 Custom IPSW

  7. Desktop as the save location and click on the Save button.
  8. Save iOS 4.3 Custom IPSW on Desktop

  9. Wait while PwnageTool cooks iOS 4.3 GM custom IPSW file for your iPhone. It may take a while, so be patient.
  10. PwnageTool Building Custom IPSW

  11. During the creation of custom IPSW of iOS 4.3, PwnageTool might prompt you to enter your Administrator password.
  12. Enter Administrator Password

  13. Once PwnageTool has successfully created the custom IPSW of iOS 4.3 for your iPhone, connect your iPhone to your Mac through USB cable. Hold down the Power and Home button simultaneously for 10 seconds, after 10 seconds release the Power button but continue holding the Home button until PwnageTool detects your iPhone in DFU mode.
  14. Successfully Entered DFU Mode

  15. Close the PwnageTool and follow the instructions below to restore iOS 4.3 custom IPSW on your iPhone. Make sure iOS 4.3 custom IPSW is present on your desktop.
  16. iPhone 4: iPhone3,1_4.3_8F190_Custom_Restore.ipsw

Steps to Restore iOS 4.3 Custom IPSW on iPhone 4:

Select Device from iTunesOnce you have successfully created the iOS 4.3 custom IPSW through patched version of PwnageTool 4.2 and your iPhone is in DFU mode, launch iTunes and click on the name of the device from the side panel to view the summary page.
Restore Through iTunes
Now you will see two buttons, Check for Updates and Restore. Hold down the ALT key (SHIFT for Windows) and click on the Restore button to browse for iOS 4.3 GM custom IPSW file you just created with the patched version of PwnageTool 4.2.

iTunes Restore FirmwareAbove image is for illustration purpose only

Now wait until iTunes restores the custom cooked iOS 4.3 IPSW on your iPhone. Once done, your iPhone should be jailbroken on iOS 4.3 GM with fully working Cydia. Now that you have preserved your baseband using PwnageTool, you can unlock your iPhone using the latest version of Ultrasn0w tool. Click here for step-by-step instructions to unlock your iPhone with Ultrasn0w 1.2.

How to Boot iPhone 4 into Tethered Jailbroken State:

As told earlier, once you will loose the power of your iPhone due to low battery or any other reason, you will be needing to boot into a tethered jailbroken state using Tetheredboot Utility. To do so, follow the steps below:

  1. Download tetheredboot.zip utility from here and extract the zip on your desktop.
  2. Create a copy of iOS 4.3 custom IPSW you just created with PwnageTool. Rename it from .IPSW to .ZIP and extract it on your desktop. Once done, open the extracted directory and copy two files namely kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu on your desktop.
  3. Create a new folder on your desktop and name it tetheredboot. Put kernelcache.release.n90, iBSS.n90ap.RELEASE.dfu, tetheredboot and itnl in this folder.
  4. TetheredBoot Utility

  5. Turn off your iPhone completely, open the Terminal app and use the command below:
  6. sudo -s

  7. After executing the above command, Terminal will prompt you for your Administrator password. Enter your Administrator password and use the commands below:
  8. /Users/Jaxov/Desktop/tetheredboot/tetheredboot /Users/Jaxov/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu /Users/Jaxov/Desktop/tetheredboot/kernelcache.release.n90

    TetheredBoot Utility Commands

  9. After executing the above commands, you will see some code running on your Terminal screen. After a while, you will be prompted to put your iPhone into DFU mode. Use the following steps to put your iPhone into DFU mode:
    • Hold down Home and Power button simultaneously for 10 seconds.
    • After 10 seconds, release the Power button but continue holding the Home button for another 10 seconds.
    • Now your iPhone should be in DFU mode.

    Now wait while your iPhone boots into a tethered jailbroken state. Once done, enjoy your iPhone 4 unlocked and jailbroken on iOS 4.3 GM with fully working Cydia on it.

Update#1: Download iOS 4.3 GM PwnageTool bundle for iPhone 3GS (Old Bootrom)
Update#2: Download iOS 4.3 GM PwnageTool bundle for iPhone 3GS (New Bootrom)
Update#3: Download iOS 4.3 GM PwnageTool bundle for iPad (Wifi+3G)
Update#4: iH8sn0w, the famous iPhone hacker behind Sn0wbreeze tool, has released his own PwnageTool bundle to jailbreak iOS 4.3 GM on iPhone 4 [Do not require you to patch PwnageTool with Universal Ramdisk Fixer]

Download Links:

Download iTunes 10.2 for Windows and Mac OS X
Download iOS 4.3 GM (Gold Master) for iPhone 4
Download PwnageTool 4.2
Download iOS 4.3 PwnageTool bundle for iPhone 4
Download iOS 4.3 GM PwnageTool bundle for iPhone 4 [Tethered] [Bundle by iH8sn0w] [Do not require Universal Ramdisk Fixer Patch] [Recommended] [Mirror]
Download Universal Ramdisk Fixer for iOS 4.3 GM
Download Tetheredboot Utility
[via iPhone-Privacy]

Contact Us for News Tips, Corrections and Feedback

Related posts

16 comments
Leave a message...

  •  
    Mark5 years, 8 months ago

    Hello,
    I tried everything what I can to follow the instruction, etc., but I got failed everything.
    I have managed with Pwnage Tool and iPhone got Cydia installed but I couldn’t manage to do wit tethering :(.

    Any idea how I can understand to make that working? Anyone able to explain and help me, please?

    Thanks much

    •  
      Wolverine5 years, 8 months ago

      Yes its because MobileSubstrate is broken. Fix it using this guide.

      •  
        Mark5 years, 8 months ago

        No, Cydia have installed into iPhone, but it won’t open and working because of failed tethering. That I couldn’t manage with booth tethering :S

        Thanks

        •  
          Wolverine5 years, 8 months ago

          You mean you cant boot into tethered mode? Right? If you have Windows, best way is to use iBooty and if you are on Mac, use TetheredBoot utility.

          •  
            Mark5 years, 8 months ago

            Looks likely I am f***ed, because I tried to follow all instruction, unable to make it, I used PC and Mac as got both, both not working, failed, error…
            I tried to downgrade to 4.2 (I did manage jailbreak myself with 4.2 before), still failed that TinyUmbrella can’t make it EXIT RECOVERY MODE.
            I am sticking with new 4.3 iOs without jailbreak :'(

          •  
            Wolverine5 years, 8 months ago

            If you have PC then why don’t you use Sn0wbreeze 2.3b4, its much more stable jailbreak than these bundles. No errors and easy to use iBooty!

          •  
            Mark5 years, 8 months ago

            Yes, I used Pwnage for Mac first, failed, then tried Sn0wbreeze for Windows, still failed. I really can’t understand what’s wrong and what I did not right…

  •  
    BenPJohn5 years, 8 months ago

    Download iOS 4.3 Final Custom IPSW for iPhone, iPod Touch & iPad:
    +New Bootrom, *Old Bootrom
    Except iPhone 3GS (Old Bootrom), all custom IPSWs are for tethered jailbreak.
    iPhone 4: iPhone3,1_4.3_8F190_Custom_Restore.ipsw [Activated | Unactivated]
    iPhone 3GS+: iPhone2,1_4.3_8F190_Custom_Restore.ipsw [Activated | Unactivated]
    iPhone 3GS*: iPhone2,1_4.3_8F190_Custom_Restore.ipsw [Activated | Unactivated]
    iPod Touch 4G: iPod4,1_4.3_8F190_Custom_Restore.ipsw [Download]
    iPod Touch 3G: iPod3,1_4.3_8F190_Custom_Restore.ipsw [Download]
    iPad: iPad2,1_4.3_8F191_Custom_Restore.ipsw [Download]

    •  
      marcus5 years, 8 months ago

      thank you so much, great answer, i have got it working now, i appreciate the reply

  •  
    Andres5 years, 8 months ago

    PLEASE HELP! I am having the exact same problem I am having with Marcus ^ I got everything done except to the tethering boot part, I do tetherboot in terminal and I get that libusb:error [darwin_close] USBDeviceClose: no connection to an IOService ERROR!! I am getting to think that tetherbooting is what makes Cydia work right?? Please I need to do this!

  •  
    James5 years, 8 months ago

    Use this command instead it work for me

    open terminal
    type sudo -s
    type in your password
    then type in cd /Users/YOUR USERNAME/Desktop/tetheredboot (if you put the folder on the desktop)
    then
    ./tetheredboot -i iBSS.k48ap.RELEASE.dfu -k kernelcache.release.k48

  •  
    marcus5 years, 8 months ago

    EDIT: This is what terminal is saying when it fails, I dont know what’s happening but I think that the tethering application is turning on the phone before it’s done because the iPhone starts turning on and then the terminal application says reconnecting and then fails before the iPhone turns on

    snew-host-2:~ Marcus$ sudo -s
    Password:
    bash-3.2# /Users/Marcus/Desktop/Jailbreak/tetheredboot/tetheredboot /Users/Marcus/Desktop/Jailbreak/tetheredboot/iBSS.n90ap.RELEASE.dfu /Users/Marcus/Desktop/Jailbreak/tetheredboot/kernelcache.release.n90
    Initializing libpois0n
    No matching processes were found
    Waiting for device to enter DFU mode
    opening device 05ac:1227…
    Found device in DFU mode
    Checking if device is compatible with this jailbreak
    Checking the device type
    Identified device as iPhone3,1
    Preparing to upload limera1n exploit
    Resetting device counters
    Sending chunk headers
    Sending exploit payload
    Sending fake data
    libusb:error [darwin_transfer_status] transfer error: timed out
    Exploit sent
    Reconnecting to device
    libusb:error [darwin_close] USBDeviceClose: no connection to an IOService
    Waiting 2 seconds for the device to pop up…
    opening device 05ac:1227…
    bash-3.2# /Users/Marcus/Desktop/Jailbreak/tetheredboot/tetheredboot /Users/Marcus/Desktop/Jailbreak/tetheredboot/iBSS.n90ap.RELEASE.dfu /Users/Marcus/Desktop/Jailbreak/tetheredboot/kernelcache.release.n90
    Initializing libpois0n
    No matching processes were found
    Waiting for device to enter DFU mode
    opening device 05ac:1227…
    Found device in DFU mode
    Checking if device is compatible with this jailbreak
    Checking the device type
    Identified device as iPhone3,1
    Preparing to upload limera1n exploit
    Resetting device counters
    Sending chunk headers
    Sending exploit payload
    Sending fake data
    libusb:error [darwin_transfer_status] transfer error: timed out
    libusb:error [darwin_reset_device] ResetDevice: device not responding
    Exploit sent
    Reconnecting to device
    libusb:error [darwin_close] USBDeviceClose: no connection to an IOService
    Waiting 2 seconds for the device to pop up…
    Connection failed. Waiting 1 sec before retry.
    Connection failed. Waiting 1 sec before retry.
    Connection failed. Waiting 1 sec before retry.
    Command completed successfully
    Unable to reconnect
    Unable to upload exploit data
    Exploit injection failed!

  •  
    marcus5 years, 8 months ago

    Hey I’m trying to get this to work, i got to the point where i restore it with custom ipsw and it seemed to work, but Cydia wouldn’t run after that, immediately crashes, so I tried the tetheredboot thing and it didn’t work, any help?

    •  
      Wolverine5 years, 8 months ago

      See the update under download links. Use iH8sn0w bundle (DjayB6 bundles have Cydia crash issue because people fail to patch Ramdisk correctly). If you have Windows, use this guide. Worked perfectly for me.

  •  
    Chris Bilcliff5 years, 9 months ago

    Everything went to plan other then my phone did not reboot, still cant use cydia. below is a screenshot of my terminal maybe you can help?

    ast login: Fri Mar 4 17:07:41 on ttys000
    chris-bilcliffs-macbook:~ chris$ sudo -s
    Password:
    bash-3.2# /Users/chris/Desktop/tetheredboot/tetheredboot ?/Users/chris/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu ?/Users/chris/Desktop/tetheredboot/kernelcache.release.n90
    Initializing libpois0n
    No matching processes were found
    Waiting for device to enter DFU mode
    Device must be in DFU mode to continue
    Device must be in DFU mode to continue
    opening device 05ac:1227…
    Found device in DFU mode
    Checking if device is compatible with this jailbreak
    Checking the device type
    Identified device as iPhone3,1
    Preparing to upload limera1n exploit
    Resetting device counters
    Sending chunk headers
    Sending exploit payload
    Sending fake data
    libusb:error [darwin_transfer_status] transfer error: timed out
    Exploit sent
    Reconnecting to device
    Waiting 2 seconds for the device to pop up…
    opening device 05ac:1227…
    bash-3.2#

    •  
      Ben Johnson5 years, 9 months ago

      Dude, try again to boot using Tetheredboot Utility. I got it for the 3rd time.