Category Archives: Jailbreak and Unlock Tutorials

Untethered Jailbreak for Verizon 4.2.7 NOW Available

As of last night, @iH8snow along with @pushfix released an untethered solution for Verizon iPhone users on 4.2.7. Sn0wbreeze v2.6.1 is now available on the iH8sn0w website at the following address:

Sn0wbreeze 2.6.1

It is currently only available for Windows users and hopefully will be transferred to a Mac client soon.

For those who are currently jailbroken on a tethered 4.2.7 can use a package by @pushfix to make it untethered. Follow the steps below to do this:

• Add this repo: http://cydia.pushfix.info
• Install the package “Verizon Untether for 4.2.7”
• Reboot
• And now you’re untethered

UltraSn0w Update is Almost Ready for iOS 4.3.1, Fixes Bug Issues and Older Baseband Compatibility

20110406-024128.jpg

MuscleNerd has confirmed that UltraSn0w update is coming for iOS 4.3.1 in a few days. The unlock tool has had several bugs and is currently incompatible with several older basebands.

To clarify: the upcoming UltraSn0w update will not unlock any new basebands. The update is meant for current unlockers that wish to update to the latest 4.3.1 jailbreak and keep their unlock.

As we previously mentioned, the new version of UltraSn0w will fix all compatibility issues with the latest version of iOS.

20110406-024223.jpg

As MuscleNerd mentions, the signal bar bugs, etc. have been fixed and are currently being tested to ensure stability. The UltraSn0w update will soon be available in Cydia for current unlockers.

If you rely on an unlock for your iPhone, hold off on updating your jailbreak to 4.3.1 until UltraSn0w is made compatible with your baseband. If you have a new iPhone 4 (Verizon iPhone included) and have never unlocked your device, you still won’t be able to do so with this UltraSn0w update.

JailbreakMovies explains how the update will work,

“Just a note that for those of you experiencing the issue even with a baseband version that doesn’t qualify for an unlock, you can still use this version of UltraSnow, as it will skip the unlock, and just fix the signal bar issue.”

Unlockers must use PwnageTool to jailbreak iOS 4.3.1 and preserve their baseband for the updated unlock. Check out our tutorial on jailbreaking with PwnageTool. You can also use Sn0wBreeze on Windows to preserve your baseband.

We’ll keep you posted on when UltraSn0w’s update goes live in Cydia. Let us know if you have any issues with your unlock below!

Unlock iPhone 3GS on iOS 4.3 with Ultrasn0w Fixer [Video]

iH8sn0w, the well-know iPhone hacker has managed to port new tool called ultrasn0w fixer on iPhone 3GS running iOS 4.3, the new tool has been developed by msft_guy (TinyUmbrella developer), he successfully developed ultrasn0w fixer in beta stages of iOS 4.3.

What will ultrasn0w fixer do?

In the meantime, ultrasn0w fixer will unlock iPhone 3GS running iOS 4.3 which has previously unlock via iPad baseband 6.15.00, also iH8sn0w will release a new version of his sn0wbreeze jailbreak to include this ultasn0w fixer on it.

Will ultrasn0w fixer work on iPhone 4 ?

According to iH8sn0w you will be able to unlock iPhone 4 on iOS 4.3 by preserving the unlockable baseband 1.59.00 with the ultrasn0w fixer soon.

Note: iH8sn0w is not working on 2.10.04 / 3.10.01 / 4.10.01 basebands on iPhone 4.

ETA for the new Ultrasn0w ?

iH8sn0w has just confirmed via his twitter that he will release it for iPhone 3GS tomorrow, but he didn’t give an exact date for iPhoe 4

Sn0wbreeze 2.3b2 to Jailbreak iOS 4.3 on iPhone, iPod Touch, iPad with Multitouch Gestures, Security Hole Patching and More

The well-known iPhone hacker iH8sn0w, has just released Sn0wbreeze 2.3 which jailbreak iOS 4.3 on iPhone, iPod touch and iPad. The new version allows you to enable Multitouch Gestures, patch the security hole (Mobile Substrate) and more.

What’s new on Sn0wbreeze 2.3b2:

  • Adds Multitasking Gestures option in Settings App.
  • iBooty bug fixes (Includes iBSS issues).
  • iBooty is EVEN faster.
  • MobileSubstrate is now working.
  • Sleep bug in iPod Touches is fixed.
  • Rare iPad 1G issues resolved.
  • Added iREB to top bar for future re-runs within sn0wbreeze.
  • ultrasn0w is STILL broken! Unlockers STAY AWAY!

How to jailbreak iOS 4.3 on iPhone 4, 3GS, iPod touch 4G, 3G and iPad with Sn0wbreeze 2.3b2 thanks Dino:


Important note: Sn0wbreeze 2.3 is a tethered jailbreak on iOS 4.3. If you rely on ultrasn0w unlock, you should stay away from it as iOS 4.3 still can’t be unlock even with Gevey SIM.

Download Sn0wbreeze 2.3b2 for Windows.

 

Unlock iPhone 4 Basebands 2.10.04 / 3.10.01 with Gevey SIM [Video]

Yes you read it right, here’s a new team called Gevey team has announced a new unlock hardware tool which able to unlock iPHone 4 running iOS 4.1 and 4.2.1 basebands 2.10.04 and 3.10.01.

You will need to use the SIM tray supplied and file your MicroSIM slightly to accommodate the EEPROM chip.

Installing the SIM, only with something in between.

The phone will search for signal, comes up with no service and finally settling on this “one bar” icon. Earlier hacks required the fake IMSI to be programmed manually however this device is obviously capable of rapidly cycling a list of IMSI until an accepted MCC/MNC combination is found.It may also spoof ICCID since the iOS is known to cross-reference

Dial 112 and hang up after the call is connected. The network issues a TMSI for your connection.


Toggle flight mode On/Off. What exactly happens is not too clear but apparently the interposer ROM block electrical connection to prevent the BB from detecting the fake IMSI

The signal bars appear, we are safe:-) That is after the network ignored the fake IMSI (which the phone has no knowledge of) but allowed the SIM onboard because it is able to validate that.

How does Gevey SIM Work?

SIM card holds many different types of information, but the part most involved with carrier lock is the IMSI number, which is a unique code that corresponds to your account in the mobile carrier’s database.

A sample IMSI might look like this

310 150 987654321

The first two segments are known as Mobile Country Code (MCC) and Mobile Network Code (MNC) respectively, and in the example above the IMSI indicate the SIM is from USA (310) AT&T (150).

When the iPhone baseband is loaded into memory, it checks the MCC and MNC against its own network lock state stored in the seczone. If the combination is allowed, the cell radio is activated and vice versa.

The earliest iPhone baseband revisions only check IMSI twice following a restart, therefore it is very easy to send spoof information in order to bypass the check. Nevertheless, the baseband was soon updated to validate SIM more aggressively and the method soon became obsolete.

What does this mean to Unlockers?

It works if A.your network handles 112 calls properly according to the GSM standard; B.they are tolerant to TSMI spoofing and does not actively validate your SIM again for incoming calls.

Unlike its ancestors, the i4 SIM interposer is not a drop-in-and-forget device. The exact precedure must be performed should the device restart, lose reception for an extended period of time or move to another PLMN. In all these situations the TMSI expires and has to be obtained again. Theoretically it is possible for a daemon to automate the process similar to ZeroG, but that only makes thing more convoluted.

It is, without question, unethical or downright illegal to use the technique anywhere 112 is a legitmate emergency number. Not a huge issue in China where the number is only used for informative purposes and the networks cannot be bothered to fix the issue.

All firmware/baseband combinations for the i4 up to iOS4.3 are vulnerable, however the exploit may be patched in any future software updates or via the carrier. If apple can influence providers to block Cydia it is not impossible for them to press them to fix the exploit. The only way to permanently unlock your baseband is NCK.

SIM interposer should not harm your phone hardware, however your network could request IMEI and identify your device during the emergency call. Your identity cannot be faked and it is possible that they will ban your account. There is a reason why SIM cards remain legally the property of the service provider: you are not supposed to tamper with them without breaching contract.

Notwithstanding all the problems, SIM interposer does not cause any battery drain since it is only active transiently, nor would it cause signal loss because it does not change cellular transmission other than the initial validation step.

Buy it or not? Till now, no one of the iPhone dev-team confirm its legitimacy, but we’ll know this very soon, then you’ll be able to buy it.

Sn0wbreeze 2.2.1 to Jailbreak iOS 4.2.1 / 4.2.6, Brings iBooks Fix, Adds Drag and Drop IPSW Files Support

iH8sn0w has just updated a new version of Sn0wbreeze jailbreak tool, Sn0wbreeze 2.2.1 fixes issues after jailbreaking Verizon iPhone 4 running iOS 4.2.6, fixes iBooks issue and he successfully added drag and drop IPSW files support.

Supported devices:

  • iPhone 4, 3GS, 3G
  • iPod touch 4G, 3G, 2G
  • iPad

You can follow our previous guide posted here, to jailbreak your iOS device running iOS 4.2.1 and preserve your unlockable baseband, then unlock using ultrasn0w 1.2.

Download Sn0wbreeeze 2.2.1 Windows

Jailbreak for Verizon iPhone 4 iOS 4.2.6 using Greenpois0n RC6 [Confirmed]

Verizon iPhone 4 has just got its own taste of freedom using Greenpois0n! iPhone hacker pod2g has confirmed that Greenpois0n RC5.4 worked well on Verizon iPhone 4 running iOS 4.2.6. Even some of the reports emanated yesterday confirmed that VZW iPhone 4 has been pwned for life by GP. An image of jailbroken CDMA iPhone on Verizon network has been posted which clearly shows Cydia running on it.

Click the Image for Full Resolution

Hey, @Lunch8ox tested RC5.4. Works well on Verizon. :-) Thanks for the testing mate.

How to jailbreak Verizon iPhone 4 iOS 4.2.5 using Greenpois0n

Chronic Dev Team has to release RC6 version of greenpois0n jailbreak which will add support to Verizon iPhone 4 in addition to Apple TV 2G. However, the guide should be the same as used for AT&T GSM iPhone 4. We haven’t tried it so far, but you can try and share your results with us.

How to Jailbreak iPhone 4, 3GS on 4.2.1 with PwnageTool & Unlock with Ultrasn0w

iOS hacker Nadeem Ateyeh has released PwnageTool Bundles for iPhone 4 and iPhone 3GS to jailbreak the device on iOS 4.2.1 without upgrading its baseband. This is an untethered bundle for use with PwnageTool to create custom iPSW preserving the Baseband and also booting untethered and Jailbroken. Ultrasn0w unlockers can use these bundles for later unlocking it using iPhone Dev Teams ultrasn0w tool.

 

How to Jailbreak iOS 4.2.1 iPhone 4, 3GS using PwnageTool

Requirements:

  • Download PwnageTool 4.1.3 for Mac
  • iOS 4.2.1 original firmware of your device saved on your computer
  • iTunes 10.1.2 installed on your Mac

Modifying PwnageTool

Step 1: Download PwnageTool bundle (via) for your iPhone 4 device. Extract the .zip folder, and copy iPhone3,1_4.2.1_8C148.bundle (for iPhone 4) oriPhone2,1_4.2.1_8C148a.bundle (for iPhone 3GS) to your desktop.
Step 2: Download PwnageTool 4.1.2 and copy it to your desktop. Right click, and then click on “Show Package Contents”
Step 3: Copy the .bundle files to PwnageTool.app/Content/Resources/FirmwareBundles/

Step 4: Copy info.plist goes inside PwnageTool.app/Content/Resources/CustomPackages/CydiaInstaller.bundle/   (IMPORTANT IF YOU WANT CYDIA IN YOUR IPSW)

Building a Custom Firmware

Step 1: Launch latest version of iTunes 10.1.2 and sync your iPhone 4 with your Mac for backup.
Step 2: Double click to start PwnageTool. Click Ok, if prompted with a warning. Click to select Expert Mode from the top menu bar and then select your iPhone 4 or 3GS. Click Blue arrow button at the bottom right to continue.

Step 3: Click the Browse for IPSW… button and then select your firmware from the Pwnage folder (refer Step 2).

Step 4: You will be prompted to select one of the option from following window. Select General then click the blue arrow button to continue.

Step 5: Under General settings “DO NOT” check Activate the phone. This bundle supports legit activation only

Step 6: Now the Cydia settings window will allows you to create custom packages. Double click any of the packages to select. For example, double click on OpenSSH, it will then appear under Select Packages tab.

Step 7: Click Select Packages Tab and then select OpenSSH as shown in the screen below.

Step 8: You are now ready to begin the pwnage process! Click the Build button to select it then click the Blue arrow button to begin.

Step 9: PwnageTool will now create the custom .ipsw file for your iPhone. You will be prompted to save custom .ipsw firmware file. Save it to the desktop. It might take 10-15 minutes for building custom firmware.

Step 10: Now its time to restore your iPhone 4 or iPhone 3GS to this custom firmware iOS 4.2.1.

  • Click on your phone icon from the sidebar in iTunes.
  • Press and hold left “alt” button (“Shift” button on Windows) on the keyboard and then click on “Restore” (Not “Update” or “Check for Update”) button in the iTunes
  • Now, release the “Shift” button.

Step 11: iTunes will now prompt you to select the location for your custom firmware 4.2.1 Once your iPhone 4 / 3GS is successfully in DFU mode.

Step 12: Once In iTunes, hold the Alt/Option key and click Restore.

Step 13: Now select the custom IPSW that was created and click the Choose button. Wait for a while till iTunes installs the new firmware 4.2.1 on your iPhone. After the installation is done, iPhone 4 or iPhone 3GS will restart automatically. You have now successfully jailbroken iPhone running iOS 4.2.1.

Step 14: After jailbreaking iPhone 4 / 3GS on iOS 4.2.1, you can now restore all your settings, apps, contacts and photos to the newly installed firmware version iOS 4.2.1 by restoring the backup that you made in Step 1 from iTunes.

How to Jailbreak iPhone 4 (1.59.00 Baseband) on 4.2.1 with PwnageTool & Unlock with Ultrasn0w

Untethered iPhone 4 PwnageTool Bundle (unofficial) has been released that will jailbreak your iPhone 4 on iOS 4.2.1 without upgrading its baseband. This is an untethered bundle for use with PwnageTool to create custom iPSW preserving the Baseband and also booting untethered and Jailbroken. Ultrasn0w unlockers can use these bundles for later unlocking it with ultrasn0w tool.

 

How to Jailbreak iOS 4.2.1 iPhone 4 using PwnageTool

Requirements:

  • Download PwnageTool 4.1.3 for Mac
  • iOS 4.2.1 original firmware of your device saved on your computer
  • iTunes 10.1.2 installed on your Mac

Modifying PwnageTool

Step 1: Download PwnageTool bundle (via) for your iPhone 4 device. Extract the .zip folder, and copyiPhone3,1_4.2.1_8C148.bundle to your desktop.
Step 2: Download PwnageTool 4.1.2 and copy it to your desktop. Right click, and then click on “Show Package Contents”
Step 3: Copy the .bundle files to PwnageTool.app/Content/Resources/FirmwareBundles/

Step 4: Copy info.plist goes inside PwnageTool.app/Content/Resources/CustomPackages/CydiaInstaller.bundle/   (IMPORTANT IF YOU WANT CYDIA IN YOUR IPSW)

Building a Custom Firmware

Step 1: Launch latest version of iTunes 10.1.2 and sync your iPhone 4 with your Mac for backup.
Step 2: Double click to start PwnageTool. Click Ok, if prompted with a warning. Click to select Expert Mode from the top menu bar and then select your iPhone 4. Click Blue arrow button at the bottom right to continue.

Step 3: Click the Browse for IPSW… button and then select your firmware from the Pwnage folder (refer Step 2).

Step 4: You will be prompted to select one of the option from following window. Select General then click the blue arrow button to continue.

Step 5: Under General settings “DO NOT” check Activate the phone. This bundle supports legit activation only

Step 6: Now the Cydia settings window will allows you to create custom packages. Double click any of the packages to select. For example, double click on OpenSSH, it will then appear under Select Packages tab.

Step 7: Click Select Packages Tab and then select OpenSSH as shown in the screen below.

Step 8: You are now ready to begin the pwnage process! Click the Build button to select it then click the Blue arrow button to begin.

Step 9: PwnageTool will now create the custom .ipsw file for your iPhone. You will be prompted to save custom .ipsw firmware file. Save it to the desktop. It might take 10-15 minutes for building custom firmware.

Step 10: Now its time to restore your iPhone 4 to this custom firmware iOS 4.2.1.

  • Click on your phone icon from the sidebar in iTunes.
  • Press and hold left “alt” button (“Shift” button on Windows) on the keyboard and then click on “Restore” (Not “Update” or “Check for Update”) button in the iTunes
  • Now, release the “Shift” button.

Step 11: iTunes will now prompt you to select the location for your custom firmware 4.2.1 Once your iPhone 4 is successfully in DFU mode.

Step 12: Once In iTunes, hold the Alt/Option key and click Restore.

Step 13: Now select the custom IPSW that was created and click the Choose button. Wait for a while till iTunes installs the new firmware 4.2.1 on your iPhone. After the installation is done, iPhone 4 will restart automatically. You have now successfully jailbroken iPhone running iOS 4.2.1.

Step 14: After jailbreaking iPhone 4 on iOS 4.2.1, you can now restore all your settings, apps, contacts and photos to the newly installed firmware version iOS 4.2.1 by restoring the backup that you made in Step 1 from iTunes.

HOW TO: Jailbreak 4.2.1 iOS on iPhone 4, 3GS and iPod touch 4G, 3G, 2G with Greenpois0n RC5 on Windows

Windows version of Greenpois0n RC5 jailbreak tool (untethered) was released few minutes back that lets you jailbreak iOS 4.2.1 firmware on your iPhone 4, iPhone 3Gs (all bootroms), iPod Touch 4G, iPod Touch 3G, 2G (all bootroms) and iPad. Follow the simple steps listed below on how to jailbreak iPhone 4, iPhone 3GS, 3G on iOS 4.2.1 using Greenpois0n RC5.

 

How to Jailbreak iOS 4.2.1 iPhone 4, 3GS with Greenpois0n RC5

Step 1: Download Greenpois0n RC5 for Windows

Step 2: Once the download is complete, move the gp_win_rc5_b2.zip on your desktop and unzip it.

Step 3: Open folder and double click Greenpois0n.exe to launch it.

Step 4: Click on the button ‘Prepare to Jailbreak (DFU)’.

Greenpois0n iPad WiFi Jailbreak

Step 5: Greenpois0n will display the instructions to put the device in DFU Mode

You will be asked to press and hold the sleep button for 2 seconds.

Continue holding sleep; press and hold home for 10 seconds.

Release sleep button; continue holding home for 15 seconds.

Step 6: Once your iPhone 4, iPhone 3GS is in DFU mode, click the Jailbreak button.

Step 7: Greenpois0n will now jailbreak your iPhone 4, iPhone 3GS, 3G on iOS 4.2.1.

Greenpois0n-iPad-Jailbreak-06

Step 8: Click the Quit button once the software application has completed.

Greenpois0n iPad iOS 3.2.2 Jailbreak

Step 9: After the iPhone 4 restarts you’ll notice a new Loader app on your Springboard, entitled “Greenpois0n”. Press to launch it.

Step 10: Press to select Cydia then press the large Install Cydia button that appears.

Step 11: Once Cydia has installed successfully on your iPhone 4, you can install jailbreak tweaks of your choice.

 

%d bloggers like this: