DjayB6 (@DjayB6), the PwnageTool bundles creator who previously released PwnageTool bundles for iOS 4.3 has just released the bundles for iOS 4.3.1. By using these PwnageTool bundles, you can jailbreak iPhone 4 on iOS 4.3.1 while preserving your current baseband. Although the guide below is for jailbreaking iOS 4.3.1 on iPhone 4 but same guide can be used to jailbreak iOS 4.3.1 on iPhone 3GS, iPod Touch 4G and iPad with PwnageTool bundles.
- It is a tethered jailbreak which means you have to use TetheredBoot Utility to boot your iPhone into tethered jailbroken state on every restart.
- Ultrasn0w is broken on iOS 4.3.1 due to ASLR security feature by Apple. If you rely on unlock, do not use these bundles until Ultrasn0w Fixer for iOS 4.3.1 is released.
- Hacktivation is supported and Cydia is fully working on iOS 4.3.1.
- iTunes 10.2.1 [Download]
- Stock iOS 4.3.1 IPSW for iPhone 4/3GS, iPod Touch 4G/3G, iPad 2/1st-Gen [Download]
- PwnageTool 4.2 [Download | Direct Link]
- PwnageTool Bundles for iOS 4.3.1:
- Ramdisk Fixer 1.7.1 for all iDevices [Download]
- TethetedBoot Utility for Mac OS X [Download]
Download iOS 4.3.1 PwnageTool bundle for iPhone 4 | Direct Mirror
Download iOS 4.3.1 PwnageTool bundle for iPhone 3GS (Old Bootrom) | Direct Mirror
Download iOS 4.3.1 PwnageTool bundle for iPhone 3GS (New Bootrom) | Direct Mirror
Download iOS 4.3.1 PwnageTool bundle for iPod Touch 4G | Direct Mirror
Download iOS 4.3.1 PwnageTool bundle for iPad | Direct Mirror
Steps to Add PwnageTool Bundle to PwnageTool 4.2:
- Create a new folder on your desktop and name it iOS 4.3.1 Jailbreak with PwnageTool. Put PwnageTool, Ramdisk Fixer, PwnageTool Bundle file and stock iOS 4.3.1 ISPW for your iDevice in this folder.
- Right-click on PwnageTool and choose Show Package Contents from the context-menu.
- Now navigate to Contents/Resources/FirmwareBundles/ and copy the bundle file (iPhone3,1_4.3.1_8G4.bundle) to FirmwareBundles directory. Once done, close all opened windows of PwnageTool.
- After adding bundle, you need to move PwnageTool to /Applications directory.
- Once done, you are ready to patch PwnageTool with Ramdisk Fixer.
Steps to Patch PwnageTool Ramdisk with Universal Ramdisk Fixer:
- Before using Ramdisk Fixer, make sure PwnageTool is present in your /Applications directory and firmware file (.IPSW) is present on your desktop.
- Run Ramdisk Fixer package and follow the on-screen instructions.
- Thats it! When Ramdisk Fixer finishes the installation, click on Close button to exit Ramdisk Fixer app.
During installation, Ramdisk Fixer will prompt you to enter your Administrator password. Just enter your Admin password and click OK button.
Steps to create iOS 4.3.1 Custom IPSW with PwnageTool 4.2:
- Launch PwnageTool, click on the Expert mode, select iPhone 3GS, 3G, 4 from the displayed options and click Next button to continue.
- Click on the Browse button and select stock iOS 4.3.1 firmware file present on your desktop.
- Click on the Build tab and hit the Next button.
- Choose Desktop as the save location and click on the Save button.
- Wait while PwnageTool cooks iOS 4.3.1 custom IPSW file for your iPhone. It may take a while, so be patient.
- During the creation of custom IPSW of iOS 4.3.1, PwnageTool might prompt you to enter your Administrator password.
- Once PwnageTool has successfully created the custom IPSW of iOS 4.3.1 for your iPhone, connect your iPhone to your Mac through USB cable. Hold down the Power and Home button simultaneously for 10 seconds, after 10 seconds release the Power button but continue holding the Home button until PwnageTool detects your iPhone in DFU mode.
- Close the PwnageTool and follow the instructions below to restore iOS 4.3.1 custom IPSW on your iPhone. At this moment, you can find iOS 4.3.1 custom IPSW on your desktop.
iPhone 4 » iPhone3,1_4.3.1_8G4_Custom_Restore.ipsw
iPod Touch 4G » iPod4,1_4.3.1_8G4_Custom_Restore.ipsw
iPod Touch 3G » iPod3,1_4.3.1_8G4_Custom_Restore.ipsw
iPhone 3GS » iPhone2,1_4.3.1_8G4_Custom_Restore.ipsw
iPad » iPad1,1_4.3.1_8G4_Custom_Restore.ipsw
Steps to Restore iOS 4.3.1 Custom IPSW on iPhone 4:
- Launch iTunes 10.2.1 and wait while it detects your iPhone in recovery mode.
- Click on your iPhone name from the side-panel to view the summary page.
- You will see two buttons on the summary-panel i-e Check for Update and Restore. Hold down the ALT (Option) key (SHIFT key for Windows) and click on the Restore button.
- Select iOS 4.3.1 custom IPSW from your desktop and click Open to start the restore process.
- Now wait until iTunes restores the custom cooked iOS 4.3.1 IPSW on your iPhone. Once done, your iPhone will restart automatically and it should be jailbroken on iOS 4.3.1 with fully working Cydia.
Steps to Boot iPhone 4 into Tethered Jailbroken State:
As told earlier, if you will lose the power of your iPhone due to low battery or any other reason, you will be needing to boot into a tethered jailbroken state using TetheredBoot Utility. To do so, follow the steps below:
- Download TetheredBoot.zip utility from here and extract the zip on your desktop.
- Create a copy of iOS 4.3.1 custom IPSW you just created with PwnageTool. Rename it from .IPSW to .ZIP and extract it on your desktop. Once done, open the extracted directory and copy two files namely kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu on your desktop.
- Create a new folder on your desktop and name it tetheredboot. Put kernelcache.release.n90, iBSS.n90ap.RELEASE.dfu, tetheredboot and itnl in this folder.
- Turn off your iPhone completely, open the Terminal app and use the command below:
- After executing the above command, Terminal will prompt you for your Administrator password. Enter your Administrator password and use the command below:
- After executing the above commands, you will see some code running on your Terminal screen. After a while, you will be prompted to put your iPhone into DFU mode. Use the following steps to put your iPhone into DFU mode:
/Users/Jaxov/Desktop/tetheredboot/tetheredboot /Users/Jaxov/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu /Users/Jaxov/Desktop/tetheredboot/kernelcache.release.n90
- Hold down Home and Power button simultaneously for 10 seconds.
- After 10 seconds, release the Power button but continue holding the Home button for another 10 seconds.
- Now your iPhone should be in DFU mode.
Now wait while your iPhone boots into a tethered jailbroken state. Once done, enjoy your iPhone 4 jailbroken on iOS 4.3.1 with fully working Cydia on it.
Update#1: DjayB6 has updated Ramdisk Fixer to v1.7.2 for all iDevices [Get it here]
Update#2: Download PwnageTool Bundle to Jailbreak iOS 4.3.1 on iPhone 3GS
Update#3: Download PwnageTool Bundle to Jailbreak iPad on iOS 4.3.1
Update#4: Download PwnageTool Bundle to Jailbreak iOS 4.3.1 on iPod Touch 4G
Update#5: Jailbreak iOS 4.3.1 on Mac OS X Using Official PwnageTool 4.3 [Untethered]
[Source(s): Link1; Link3]