Jailbreak iPhone 4 Running iOS 4.3 Beta Using the Just-released PwnageTool Bundle

Written By Sam on 18 January 2011

Just released is an unofficial PwnageTool that will let you jailbreak iOS 4.3 beta firmware on iPhone 4. It is based on Geohot’s Limera1n bootrom exploit that takes credit for pwning all iOS devices permanently. It is important to know that this unofficial version of PwnageTool will not preserve the old baseband so all iPhone 4 users relying on an unlock are advised not to use this tool.

Instructions are given which will permit you to jailbreak the iPhone. Only advanced users are advised to follow this since it involves creation of a ramdisk as per steps given below. This is an intricate and involved process that is best undertaken by advanced users. One will have to make a ramdisk because the official version of PwnageTool makes a broken one for iOS 4.3.

Download the tools needed like OSX, xpwntool.

  1. Unpack original ramdisk : xpwntool orig_restore_rd.dmg restore_rd.dec.dmg-iv..-k (use the keys from wiki
  2. Mount the ramdisk: hdiutil attach restore_rd.dec.dmg
  3. Make some space free using the command : rm /Volumes/ramdisk/(some unneeded large files)
  4. Patch asr using this command : mv /Volumes/ramdisk/usr/sbin/asr /tmp/; bspatch /tmp/asr /Volumes/ramdisk/usr/sbin/asr (bundle_path)/asr.patch
  5. The restore options should be changed by this command : edit /Volumes/ramdisk/usr/local/share/restore/options.plist with Property List Editor, add ‘UpdateBaseband’ = false
  6. To unmount the ramdisk type : hdiutil detach /Volumes/ramdisk
  7. To re-encrypt the ramdisk type : xpwntool restore_rd.dec.dmg pwned_restore_rd.dmg -t orig_restore_rd.dmg -iv .. -k ..
  8. Replace the ramdisk inside the CFW produced by Pwnage Tool using pwned_restore_rd.dmg. The CFW can be unzipped or rezipped or it can be replaced inside /tmp/ipsw dir with the Pwnage Tool running.

For the jailbreak please note :

  • Cydia needs to be working on iOS 4.3 beta.
  • This is a semi tethered jailbreak.
  • Baseband will not be upgraded during the restore process.
  • First use a utility like tethered boot to boot into the tethered mode

Proceed to jailbreak the iPhone by downloading the PwnageTool (iPhone-Privacy). It can be modified to accept iOS 4.3 beta firmware and then you can follow instructions to create custom firmware for iPhone 4 for the iOS 4.3.

Via: Redmondpie.com

Leave your response!