rss

How to Jailbreak iOS 4.3.3 Untethered on Windows Using Sn0wbreeze 2.7? [Tutorial]

Author: Ben Johnson on May 6, 2011

iH8sn0w has just released Sn0wbreeze 2.7 to jailbreak iOS 4.3.3 on all supported iDevices except iPad 2. You can use Sn0wbreeze tool to create iOS 4.3.3 custom IPSW for your iDevice on Windows. Restoring the custom IPSW on your iPhone will not only jailbreak it on iOS 4.3.3 untethered but will also help you to preserve the current baseband of your iPhone for unlocking purpose.

Sn0wbreeze 2.7 (Main)

Supported iDevices:

  • iPhone 4 (GSM) » iOS 4.3.3 » Untethered
  • iPhone 4 (Verizon) » iOS 4.2.8 » Untethered
  • iPhone 3GS (Old Bootrom) » iOS 4.3.3 » Untethered
  • iPhone 3GS (New Bootrom) » iOS 4.3.3 » Untethered
  • iPod Touch 4G » iOS 4.3.3 » Untethered
  • iPod Touch 3G » iOS 4.3.3 » Untethered
  • iPad (1st-Gen) » iOS 4.3.3 » Untethered
  • Apple TV 2G » iOS 4.3 (8F202) » Untethered

Prerequisites:

Download iTunes 10.2.2 for Windows
Download iOS 4.3.3 (iOS 4.2.8) for iPhone 4(GSM+Verizon)/3GS, iPod Touch 4G/3G & iPad

iPhone 4 (GSM) » iPhone3,1_4.3.3_8J2_Restore.ipsw
iPhone 4 (Verizon) » iPhone3,3_4.2.8_8E401_Restore.ipsw
iPhone 3GS » iPhone2,1_4.3.3_8J2_Restore.ipsw
iPod Touch 4G » iPod4,1_4.3.3_8J2_Restore.ipsw
iPod Touch 3G » iPod3,1_4.3.3_8J2_Restore.ipsw
iPad (1st-Gen) » iPad1,1_4.3.3_8J3_Restore.ipsw

Download iOS 4.3 (8F202) for Apple TV 2G

Apple TV 2G » AppleTV2,1_4.3_8F202_Restore.ipsw

Download Sn0wbreeze 2.7 for Windows
UPDATE#1: Download Sn0wbreeze 2.3.2 to Jailbreak iOS 4.2.2 (Build 8F305) on Apple TV 2G
UPDATE#2: Download Sn0wbreeze 2.7.3 [Fixes PacMan Issues - File Size Decreased]

Steps to Create iOS 4.3.3 Custom IPSW Using Sn0wbreeze 2.7:

  1. Launch Sn0wbreeze-2.7.exe. Either click on Browse button to choose stock iOS 4.3.3 IPSW for your iDevice or simply drag it in Drag an IPSW into me! section. In this case, i will be choosing iPhone3,1_4.3.3_8J2_Restore.ipsw as i want to jailbreak my iPhone 4 on iOS 4.3.3.

    2. Sn0wbreeze 2.7 (Select iOS 4.3.3 IPSW)
    Open Stock iOS 4.3.3 IPSW

  2. Now wait while Sn0wbreeze verifies the provided IPSW and identify your iDevice from it.

    3. Sn0wbreeze 2.7 (Identifying IPSW)

  3. Once Sn0wbreeze has successfully identified your iDevice from the provided IPSW, click on the Next button to continue.

    4. Sn0wbreeze 2.7 (Confirm iDevice)

  4. Now you will see the following three jailbreak modes. Choose Expert Mode and click on Next button to continue.

    5. Sn0wbreeze 2.7 (Choose Jailbreak Mode)

    BASEBAND PRESERVATION MODE: This mode only preserves the iPhone's baseband. It does not jailbreak or unlock the actual device. All other modes still do preserve the baseband.
    SIMPLE MODE: Recommended for people that don't know what to add. This mode will add Cydia, afc2, SSH for Apple TV and other recommended stuff automatically.
    EXPERT MODE: Expert mode let you have all customizing options at your disposal. Such as custom boot logos, root partition size, installer options and unlocks.

  5. Click on General tab followed by a click on Next button.

    6. Sn0wbreeze 2.7 (General)

    For iPhone 4 Users:

    • Choose Activate the iPhone [Hacktivate] option if you rely on unlock or do not have official carrier SIM to activate your iPhone manually through iTunes.
    • Choose Enable Animated Boot Logo Capability option (Optional)
    • Choose Install SSH option (Optional)
    • Choose Enable Gestures Menu option (Optional)
    • Click on the Next button to continue.

    Sn0wbreeze 2.7 (iPhone 4)

    For iPhone 3GS Users:

    • Choose Activate the iPhone [Hacktivate] option if you rely on unlock or do not have official carrier SIM to activate your iPhone manually through iTunes.
    • Choose Enable Animated Boot Logo Capability option (Optional)
    • Choose Install SSH option (Optional)
    • Choose Enable Gestures Menu option (Optional)
    • Click on the Next button to continue.

    Sn0wbreeze 2.7 (iPhone 3GS)

    • If your iPhone 3GS has baseband (05.14.02, 05.15.04, 05.16.01 or 05.16.02) which Ultrasn0w 1.2.3 can not unlock directly then you should choose Install 06.15.00 iPad baseband option to unlock your iPhone after the jailbreak. Note that upgrading to iPad baseband MAY loose you GPS functionality. iPhone Dev-Team has already promised to devise a downgrade method for iPad baseband in near future.

    iPad (Baseband Warning)
    Sn0wbreeze 2.7 (iPhone 3GS iPad Baseband)

    • Make sure you have active internet connection if you want to update your baseband to iPad baseband. Click on the Next button to continue.

    For iPod Touch 4G/3G & iPad Users:

    • Choose Enable Animated Boot Logo Capability option (Optional)
    • Choose Enable Battery-Percentage option (Optional)
    • Choose Install SSH option (Optional)
    • Choose Enable Gestures Menu option (Optional)

    Sn0wbreeze 2.7 (iPod Touch & iPad)

    • Click on the Next button to continue.
  6. Click on the Build tab followed by a click on Next button.

    7. Sn0wbreeze 2.7 (Build IPSW)

  7. Now wait while Sn0wbreeze cooks iOS 4.3.3 custom IPSW for your iDevice. Mean while you can play PacMan game by clicking on the PacMan button. You will be needing Adobe Flash Player installed in your Internet Explorer to play this game.

    8. Sn0wbreeze 2.7 (Creating IPSW)

  8. Once Sn0wbreeze has created iOS 4.3.3 custom IPSW for your iDevice, you can find it on your desktop. Click on the OK button to put your iDevice into Pwned DFU Mode.

    9. Sn0wbreeze 2.7 (Done)

    iPhone 4 (GSM) » sn0wbreeze_iPhone 4-4.3.3.ipsw
    iPhone 4 (Verizon) » sn0wbreeze_iPhone 4-4.2.8.ipsw
    iPhone 3GS » sn0wbreeze_iPhone 3GS-4.3.3.ipsw
    iPod Touch 4G » sn0wbreeze_iPod Touch 4-4.3.3.ipsw
    iPod Touch 3G » sn0wbreeze_iPod Touch 3G-4.3.3.ipsw
    iPad (1st-Gen) » sn0wbreeze_iPad-4.3.3.ipsw

  9. Now use the following instructions to put your iDevice into DFU mode:
    • Connect your iDevice to your PC via USB cable.
    • Turn OFF your iDevice completely by pressing the Power button.
    • Hold down the Home+Power button for exactly 10 seconds. After 10 seconds, release the Power button but keep holding the Home button until Sn0wbreeze detects your iDevice in DFU mode.
  10. As soon as Sn0wbreeze will detect your iDevice in DFU mode, it will put it in Pwned DFU Mode by patching the iBoot of your iDevice with Limera1n exploit. This will bypass all 16xx errors (1600, 1601, 1602, 1603 & 1604) during the restore of custom IPSW through iTunes.

    11. Sn0wbreeze 2.7 (Running iREB)
    Sn0wbreeze 2.7 (Pwned DFU Mode)

  11. Close all opened windows of Sn0wbreeze and launch iTunes. Click on the name of your iDevice from the side-panel to view the summary-page.

    12. iPhone Name in iTunes

  12. Now you will see two buttons i-e Check for Update and Restore. Hold down the SHIFT key on keyboard and click on Restore button. Choose iOS 4.3.3 custom IPSW from your desktop and leave the rest on iTunes.

    13. iTunes RestoreRestore iOS 4.3.3 Custom IPSW

  13. Once restore process is complete, your iDevice should reboot automatically. If you rely on an unlocked iPhone, you can use Ultrasn0w 1.2.3 to unlock your iPhone on iOS 4.3.3. Just follow step-by-step guide here to unlock your iPhone 4/3GS on iOS 4.3.3 using Ultrasn0w 1.2.3. Once unlocked, you can follow this guide to activate your iPhone on iOS 4.3.3 officially using SAM.


Older Comments
Newer Comments
  • Nawazish

    m8 thanks for the replay but i dont have Device Instance Path on my pc !!! windows xp sp2

    • http://jaxov.com/ Patrick

      Hey,

      Unfortunately XP doesn't have the "Device Instance Path". You can try this instead:

      Download USBView: http://bit.ly/6pD4G5
      Launch USBView
      Locate “Apple recovery (DFU) USB driver”
      Click Options
      Select “Config Descriptors”
      Click File > Refresh
      Your Bootrom version is under the “SerialNumber” field.

      Hope that helps.

  • Nawazish

    ty i am already on 4.3.3 !! now i have a new question !! does my iphone 3gs has old boot rom or new ??? my serial number is **937****** is it old bootrom i guess it is !! ???

    • http://jaxov.com/ Patrick

      Hi,

      To accurately check for your bootroom:

      Put your iPhone in DFU Mode
      iTunes will detect your device to be in recovery mode
      Go to: Start->Control Panel->Device Manager
      In Universal Serial BUS Controller, you will find Apple Mobile Device USB Driver
      Right Click and go to Properties > Details tab and select "Device Instance Path" from the drop down list box.
      You should be able to find your bootroom under Value
      If it’s 359.3, iPhone 3GS has old bootrom. If it’s 359.3.2 or above, then it is a new bootrom.

      Hope that helps!

  • Patrick

    Hi,

    Did you try to properly put your device into DFU Mode? Try using iReb to put your iPhone in Pwned DFU mode. Then restore to iOS 4.3.3 and redo the whole process using latest version of iTunes. For more information about iREB: http://bit.ly/k1x9zb

  • Nawazish

    it is stuck in recovery mode !!!

  • Nawazish

    GOT THE ERROR 10 WHILE RESTROING HELP !! IT WAS INSTALLING AND THEN IT CAME UP ITUNES CANNOT RESTORE UNKNOWN ERROR(10)

    • http://twitter.com/pram0dm Pramod

      Update iTunes to the latest version & then retry.

  • Nawazish

    thank you right now sn0wbreeze is making the custom ipsw!! =D

  • Nawazish

    i dont have the shsh blobs for 5.0 !! is 5.0 better or 5.0.1 ??

    • http://twitter.com/pram0dm Pramod

      You need not have one. Point your device to a Sn0wbreeze'd iOS 5.0 IPSW via iTunes in a DFU mode. That should help. You don't need an SHSH if you have the old-bootrom iP3GS. Currently, Ultrasn0w is compatible only with iOS 5.0.

  • Nawazish

    Hey Pramod I have 3gs old bootrom alright can i have untethered jailbreak for ios 5.0.1 ??? i have seen written below Sn0wbreeze 2.8b11 (This is a tethered jailbreak via iBooty except the old bootrom 3gs users !) does this mean i can jailbreak untethered ios 5.0.1 ???

    • http://twitter.com/pram0dm Pramod

      Yes, that's correct. You can even stay untethered on iOS 5.0 as well if you want to even if Apple isn't signing it anymore.

  • Nawazish

    THANKS ALOT PRAMOD !! IT WAS NOT THE HARDWARE FAILURE THERE WAS SOMETHING WRONG WITH MY ITUNES !!I UPDATED IT AND IT IS WORKING GR8 !!! ON IOS 4.3.3!! =D =D THANKS ALOT PRAMOD REALLY APPRECIATE IT!!

    • http://twitter.com/pram0dm Pramod

      Your welcome. :)

  • Nawazish

    Yo Pramod I Got error 2005 while restoring !! i was using iTunes 10.5.1 and then i came down to 10.2.2 but i still got the same error !!!! need help !! i opened TU and started the TSS server(i had shsh blobs for 4.3.3) but i had that error 2005!!

    • http://twitter.com/pram0dm Pramod

      Its probably a hardware failure. You might want to get your device checked at the nearest Apple Store.

  • Nawazish

    dude i get the error cannot save shshblobs until and account has been set !! how do i make a account ??

    • http://twitter.com/pram0dm Pramod

      Drop the idea of iSHSHit & instead use TU / iFaith / redsn0w to save them from your device. They are much more reliable.

  • derpderplol

    i followed the right steps to jailbreak my ipod touch 4g at the end when i got to shift restore and put in snowbreeze_ipod touch 4-4.3.3.ispw it gives me error 3194 help

    • http://twitter.com/pram0dm Pramod

      You need to have its SHSH saved already for your device on Cydia / TU prior to performing the restore. Read this http://bit.ly/oKCpYX.

  • Nawazish Ali

    hey pramod does the saved shsh blobs go away i mean get removed when we update our phone to the next ios ??? how do you make shsh blobs ?? i have shshit on my iphone but it gives me the error that cannot send shsh until an account has been send and there is no place where i can set up the account help me please!!

    • http://twitter.com/pram0dm Pramod

      Never. Cydia caches your saved SHSH (if any) forever. It always saves it for the latest iOS version that's currently available for your device via iTunes. I believe iSHSHit should be able to save them onto Cydia's space as well if you had ticked the Via Cydia option. If not, then it was probably only saved onto your device's memory which obviously will get erased after a fresh restore. Essentially, you should be able to view your saved SHSH like this http://bit.ly/qS5bjW on Cydia unless you have saved them physically via TU onto your PC. You can send the saved SHSH to your email ID by tapping the Save option.

  • Jason

    @Pramod, you are exactly correct. After my phone locks the screen (automatically after 2 min), then it is black again. But this time, nothing else works, redsnow, snowbreeze and itune can't detect it. What can I do at this point? Is it totally gone now?

    Thanks
    Jason

    • http://twitter.com/pram0dm Pramod

      There's nothing that can be done about it as long as you restore your device to an iOS for which you have a valid SHSH. Read this http://bit.ly/oKCpYX to understand the situation much better.

  • Jason

    Thanks. I used redsnow to boot my device tethered and unlocked using ultrasnow. So it looks like my phone can only be jb tethered with ios 4.3.3 because the shsh blob is no longer available in cydia or neither did I have a save (my previous ios was 3.1.4). Is my assuming correct? or there is a way to make my phone untethered. Thanks in advance for your help.

    • http://twitter.com/pram0dm Pramod

      Nope, w/o an SHSH it isn't possible to keep your device untethered. Also, this kind of JB will only exist until your device powers OFF / locks out. After that, you will find yourselves in a DFU loop mode again w/o having the ability to boot back up.

  • Jason

    Thanks, do you have a link to it? Thanks

    • http://twitter.com/pram0dm Pramod

      Use this same guide as far as procedure & restoration is concerned. Download Sn0wbreeze for iOS 5.0.1 from http://www.ih8sn0w.com & the corresponding iOS 5.0.1 IPSW from here .

  • Jason

    @Pramod, thanks for your quick reply. I went thru your link, and it really did not have my SHSH saved anywhere. Since my phone is in black screen now (DFU mode), I tired the 3rd option with the etc/hosts file, still no luck when I launch itune to restore the custom 4.3.3 again (rebooted my pc already).

    What are my options now? It is only I can upgrade my phone to 4.3.5 via itune (no shift + restore), will that also upgrade my baseband which means I can only use AT&T now?

    Thanks
    Jason

    • http://twitter.com/pram0dm Pramod

      Your only available option is to update to iOS 5.0.1. Create a custom iOS 5.0.1 IPSW & then restore to it which will also preserve your BB. Use Sn0wbreeze v2.8b11.

  • Jason

    Help please!!

    I followed this guide to use Snowbreeze 2.7.3 to jb my iphone 3gs with bb 5.11.07 and ios 3.1.2. The iphone 3gs was already jb and unlock but it is tethered.

    During the build custom ipsw step, I selected the following options - old bootrom, unchecked hacktivate and uncheck the 6.15.00 bb.

    Everything went well and it said it was restored successfully in ituen, BUT the device never came back on again. I pressed the power button, nothing happen. I unplug and plug it back to usb, and open up itune, then it said the iphone software update server could not be contacted. And no iphone icon show up on the left panel. If I tried to run snowbreeze again, tried to put it in DFU mode, it said unknown device.

    Did i just brick my 3gs? I hope not, any help would be appreciated.

    Thanks
    Jason

    Update: I also tried using tinyunbrella to kick my iphone out of the recovery mode. Again, everything went well, no error, after everything is done. My phone is still in black screen, nothing happen when i press the power button.

    • http://twitter.com/pram0dm Pramod

      This issue is merely because you did not have / use a valid SHSH to restore your device with. A valid SHSH is necessary if you need to restore your device to a much earlier build than the current iOS that is being pushed out by Apple. Read this http://bit.ly/oKCpYX to understand the situation in a much better manner.

  • Nawazish Ali

    @paramod thanks alot for the help man!! really appreciate it ! it will be clean right no errors at all ??

    • http://twitter.com/pram0dm Pramod

      Yes, i.e if you do it the right way with proper instructions.

  • Nawazish Ali

    right now i can use my phone it has full signals !!!
    sn0wbreeze has an option Activate iPhone(Hacktivate) is that what you are saying ?

    • http://twitter.com/pram0dm Pramod

      Yes i.e in case you do not have the legit carrier SIM & you still want to get across the Emergency Call screen.

  • Nawazish Ali

    paramod will i need at&t sim to get it across the emergency screen?? coz i live in Pakistan not america!

    • http://twitter.com/pram0dm Pramod

      Yes, you do need the legit carrier SIM for official activation. If not, you need to then JB / hacktivate your device.

  • Nawazish Ali

    yes i have shsh blobs for 4.3.3 !

    • http://twitter.com/pram0dm Pramod

      You can then go ahead & restore to 4.3.3 & Yes, it will update your iOS to the same.

  • jock007

    I did it all with a 3GS new bootrom, installed custom firmware, updated baseband, but i still get "no service" message after unlocking with ultrasn0w. I don´t know what to do, if someone solved this problem, please contact!

    • http://twitter.com/pram0dm Pramod

      Are you able to grab the nearby GSM signals from under the Carrier option?

  • Nawazish Ali

    Hey paramod will it update my 3gs BB 06.15.00 which is running on 4.1 to 4.3.3 too ?? or will it just jailbreak it ??

    • http://twitter.com/pram0dm Pramod

      First off, do you have the necessary SHSH for iOS 4.3.3 saved for your device on Cydia / TU ? Like this http://bit.ly/qS5bjW perhaps?

  • http://- Prian

    Thanks, Pramod

    Got it to 4.3.5. Will try getting an AT&T sim to activate and use this until some software unlock is released for iOS5

    • http://twitter.com/pram0dm Pramod

      You can use a Gevey SIM currently to unlock your device if you wish to. You would need to jailbreak iOS 4.3.5 to get it across the Emergency Call Screen.

Older Comments
Newer Comments