How to Jailbreak iPhone 3GS with iOS 4.1 using PwnageTool (old bootrom)

The first unofficial jailbreak for iPhone 3GS (old bootrom) with iOS 4.1 is now available. It requires a custom ROM to be created using a modified version of PwnageTool and iOS 4.1 Jailbreak for Mac. This will only work if your iPhone 3GS has iOS 3.1.2/3.1.3 with a redsn0w/PwnageTool or sn0wbreeze jailbreak. Those who used Spirit, Blackra1n or JailbreakMe – this won’t work for you. Also, hacktivation doesn’t work so you’ll need your iPhone carrier SIM or use the phonebook SIM activation method before you can use ultrasn0w to unlock it.

Make sure you follow the instructions carefully to get the jailbreak working.

Remember to backup your data using iTunes first!

  1. Download iOS 4.1 for iPhone 3GS
  2. Download iTunes 10
  3. Download PwnageTool  and iOS JailbreakScreenshot20100623at12.22.28AM1
  4. Select Expert Mode and click on iPhone 3GS as shown in the picture above and click next.
  5. Browse to the iPhone 3GS iOS 4.1 firmware. iOS 4.1
  6. In the next window, click on generalgeneral
  7. Uncheck activate if you have a factory unlocked phone or use it with an official carrier. Click next,
  8. You’ll be asked about bootneuter, Cydia settings, custom packages, and custom logos over the next screens. Just select Cydia Installer in custom packages and click next.
  9. Click Build and save the file to your desktop.
  10. When PwnageTool asked for your password during custom firmware creation, don’t type it in. Just install the Jailbreak iOS 4.1 app you downloaded with PwnageTool.app-cri1
  11. Now type in the password in the PwnageTool pop up.
  12. There will be a file called iPhone2,1_4.1_8B117__Custom_Restore.ipsw on your desktop. This has to be restored to your iPhone 3GS using iTunes by putting it in recovery mode.
  13. Open up iTunes and connect your iPhone 3GS. Select your iPhone in the iTunes sidebar. While holding the Option button, click Restore. It’ll ask you to locate the firmware. Point it to the iPhone2,1_4.1_8B117__Custom_Restore.ipsw on your desktop.image
  14. The restore will take some time, but after it’s done you’ll have a jailbroken iPhone 3GS!
  15. If you want to unlock your iPhone 3GS to use it with other carriers, go to Cydia and add the following repo http://repo666.ultrasn0w.com. Check here for how to do this. Search for ultrasn0w and install it and reboot again. Your iPhone 3GS is now carrier unlocked.
  16. Remember to add this repo to Cydia: http://apt.saurik.com/cydia-3.7
  17. If Safari crashes, install Safari Fix from this repo in Cydia: http://repo.woowiz.net
  18. To fix and enable Push Notifications, check out our guide here.

Enjoy!

If you have any questions, leave them in the comments below. I’ll be glad to help you out!

About the Author

Technology enthusiast, Internet addict, photography fan, movie buff, music aficionado.

18 comments

  1. Hey, i just tried this on my iphone 16gb old bootrom and after the whole restore process my phone got hooked at the boot process where it shows the apple logo.

    1. guys after the step 10 do this!

      – launch Jailbreaker .app, click twice the “continua” button and then type your password. wait for the end of process, and now you can follow the step 11!

  2. Hello…I’ve got iphone 3gs 16GB old bootrom and it is showing error 1604 after jailbreak it. and I tried to restore. it said “the iphone cannot be restored at this time because the iphone software update server could not be contacted or is temporarily unavailable. Is there anyway i can make it work? really need to use the phone :'(

  3. Hello…I’ve got iphone 3gs 16GB old bootrom and it is showing error 1604 after jailbreak it. and I tried to restore. it said “the iphone cannot be restored at this time because the iphone software update server could not be contacted or is temporarily unavailable. Is there anyway i can make it work? really need to use the phone :'(

  4. I’m on Mac 10.6 and iTunes 10. When I attempt to restore I get a message “Verifying restore with apple…” or so. I disconnected AirPort immediately so it returned an error.

    Is it ok to do the restore while online?

  5. I’m on Mac 10.6 and iTunes 10. When I attempt to restore I get a message “Verifying restore with apple…” or so. I disconnected AirPort immediately so it returned an error.

    Is it ok to do the restore while online?

  6. Hey, i just tried this on my iphone 16gb old bootrom and after the whole restore process my phone got hooked at the boot process where it shows the apple logo.

    1. guys after the step 10 do this!

      – launch Jailbreaker .app, click twice the “continua” button and then type your password. wait for the end of process, and now you can follow the step 11!

Leave a comment