Renowned PwnageTool bundle creator Msftguy is back with his latest release i.e a PwnageTool bundle for jailbreaking iOS 4.3 Beta 1 on iPhone 4. However, the process is quite complex and is aimed for advanced users only as it requires you to create a ramdisk in order to achieve the jailbreak. In addition, you must also be enrolled in either iPhone Developer Standard or Enterprise Program and most importantly, own a computer running Mac OS.
WARNING : This jailbreak is intended for advanced users only. If you do proceed and unfortunately end up bricking your iPhone, iTD is not to be held responsible!
Step 1:
Download custom PwnageTool bundle from here.
Step 2:
Download iOS 4.3 beta 1 for iPhone 4.
Step 3:
Download PwnageTool v4.2.1 from here.
Step 4:
Modify PwnageTool with the above custom bundle to accept iOS 4.3 beta firmware
Right click PwnageTool and then click on “Show Package Contents”.
Navigate to Contents/Resources/FirmwareBundles/ and paste custom “.bundle” file in this location, then close the folder.
Step 5:
Create an iOS 4.3 custom firmware for iPhone 4 using the PwnageTool.
Step 6:
Create your own ramdisk using the following steps: (source)
Tools needed: OS X, xpwntool
Unpack the original ramdisk: xpwntool orig_restore_rd.dmg restore_rd.dec.dmg -iv .. -k .. (use the keys from wiki)
Mount the ramdisk: hdiutil attach restore_rd.dec.dmg
Free up some space: rm /Volumes/ramdisk/(some unneeded large-ish file)
Patch asr: mv /Volumes/ramdisk/usr/sbin/asr /tmp/; bspatch /tmp/asr /Volumes/ramdisk/usr/sbin/asr (bundle_path)/asr.patch
Change the restore options: edit /Volumes/ramdisk/usr/local/share/restore/options.plist with Property List Editor, add ‘UpdateBaseband’ = false – see http://theiphonewiki.com/wiki/index.php?title=Preventing_Baseband_Update for details
Unmount the ramdisk: hdiutil detach /Volumes/ramdisk
Re-encrypt the ramdisk: xpwntool restore_rd.dec.dmg pwned_restore_rd.dmg -t orig_restore_rd.dmg -iv .. -k ..
Replace the ramdisk inside of CFW produced by the Pwnage Tool with pwned_restore_rd.dmg You can either unzip and re-zip the CFW or replace it inside of /tmp/ipsw dir when PwnageTool is running.
Step 7:
Use tetheredboot to boot into tethered mode.
Thats it!
Subscribe to our RSS Feed and keep following us on Twitter and Facebook for all the jailbreaking / unlocking updates and more.
is it tethered or untethered jailbreak ?
is it tethered or untethered jailbreak ?