Note: This tutorial is for iPhone 3G and MAC users only. Windows users subscribe to my blog or follow me on Twitter, so that I can give you a heads up when the windows jailbreak tool(Redsn0w) for 3.1 is out!
1. Create a folder named Pwnage on your desktop. In that folder download the following files
i) Pwnage 3.1: Download it from here - Link 1 or Link 2.
ii)iPhone 3G 3.1 firmware: Download it from here – Link.
(Please use firefox instead of safari if not it will be downloaded as a zip file)
2) Mount PwnageTool 3.1 by double clicking PwnageTool_3.1.dmg and drag the PwnageTool icon that opens up, into the Pwnage folder.Then from the Pwnage folder double-click PwnageTool application.
3) Select “Expert Mode” from the top menu bar.
4) Select your iPhone (In this case iPhone 3G) and click the blue button to continue.
5) Now browse for the IPSW file. Remember you downloaded it in Pwnage folder. (In some cases it may automatically be found).
Click on the IPSW file, if you do it right, a green check mark will appear next to it. Now click the blue button to continue.
6) On the following screen you will see 7 different options.
Inside General settings DO NOT CHECK ‘Activate the phone’ option. Repeat: If you are using an iPhone 3G, irrespective of whether you are on official carrier or not, you always need to make sure that the option is UNCHECKED.
Increase the size of the root partition slightly. To about 695 MB. Then click blue button.
Skip the Bootneuter settings by just clicking the blue button.
You will then be taken to Cydia settings where you can create custom packages so you don’t have to manually install them later.
Select the Download packages tab. Then click the Refresh button to display all the available packages. Double click the package that you want to download in order to make it available in the Select Packages list.
In the Select Packages tab, check the packages you want and click the blue arrow button.
On the following Custom Packages Settings screen. Leave all the settings as it is and click the blue arrow button.
You will then reach the boot logo settings. Just skip this step and click the blue button.
7) On the following screen click the “build” button to start the pwnage process (i.e build your own IPSW file).
8 ) Save the custom firmware(IPSW file) in Pwnage folder on the desktop (which you created in step 1) and wait for about 15 mins for it to be built.
9) Enter your administrator password.
10) Whether or not your iPhone has been pwned before just select NO on the next screen.
11) Keep your iPhone connected to your mac and switch it off, when indicated.
12) Now the part where you have to pay rapt attention and follow directions to enter DFU mode.
i) Hold the home and power buttons for 10 seconds.
ii)Release the power button and hold the home button for 10 seconds.
On doing this you will get a notification that reads successfully entered DFU (recovery) mode.
13) In iTunes, hold the Alt/Option key and click restore simultaneously. A new window will open where you can select the CUSTOM firmware that you built in step 7.
14) Browse to the Pwnage folder on your desktop.Select iPhone1,2_3.1_7C144_Custom_Restore.ipsw file and click the choose button. (REMEMBER: you have to choose CUSTOM IPSW in this step)
15) iTunes will then restore your iPhone 3G using the custom firmware in about 15 minutes.
16) You will then get the option of setting up your iPhone either as a new phone or restoring from backup.
17) Now just restart your iPhone and you will find cydia on your springboard. Hurray you are done :)
NOTE: Once you are done jailbreaking, you can unlock your iPhone 3.1 using ultrasn0w to use any carrier! Here is the tutorial – Link
{ 158 comments… read them below or add one }
← Previous Comments
@Albert Yea baseband 05.11.07 is the problem. However, like you said AT&T sim should work. Did you by any chance in step 6, check ACTIVATE THE PHONE option. Many user’s made the same mistake and were not able to use their legit AT&T sim. I suggest you re-jailbreak and UNCHECK the ACTIVATE THE PHONE option and you should be good to go.
Here’s what CAROJON(a user of this blog) had to say about his experience(It’s the 41st comment)
“All my issues have been solved… I have finally jailbroken on 3.1 with my 05.11.07 baseband!!!! I simply just checked not to activate the phone in Pwn 3.1 tool for mac.”
hi guys i’ve got some questions. im using 3.0.1 3GS and i would like to restore and re-jailbreak it. how do i go about doing it without updating to 3.1? my itunes hasn’t downloaded the update for 3.1 which im guessing is something im doing correctly? thanks in advance!
sorry i forgot to add that i already have ecid shsh 3.1 on file with cydia and i also added the 74.xxx for the HOSTS file(im on windows vista btw). so the question is, is it possible to restore back to 3.0.1 (3GS) and re-jailbreak now since i already did wat saurik suggested? and if so, how exactly can i go about doing it?
@kiks Since you are an iPhone 3GS user and want to jailbreak your iPhone to 3.0.1 firmware, you need to follow these instructions carefully. (Rest of the users do not get confused. This is ONLY for KIKS)
1) Download 3.0.1 3GS firmware ipsw file. Here’s the link
http://appldnld.apple.com.edgesuite.net/content.info.apple.com/iPhone/061-6976.20090731.Vgbt5/iPhone2,1_3.0.1_7A400_Restore.ipsw
Once you are done downloading it, hold shift and click on restore from your iTunes and navigate to the ipsw file you just downloaded in order to restore your iPhone to 3.0.1 firmware. (Note: Use firefox and not safari)
2)Download Redsn0w 0.8
If you are a Windows user: http://torrents.thepiratebay.org/4989699/redsn0w-win_0.8.zip.4989699.TPB.torrent
Mac User:
http://torrents.thepiratebay.org/4989696/redsn0w-mac_0.8.zip.4989696.TPB.torrent
3)Once you launch redsn0w, select/browse the IPSW file that you downloaded in step 1
Now follow the rest of the steps (4-11)using this tutorial.
http://www.digitalmarketingtalk.com/iphone/how-to-jailbreak-30-using-redsnow-for-windows/
Please note: The steps 4-11 in your case are same as that of an iPhone 3G user.
hmm that simple? if thats the case then i didnt have to get my ecid shsh on file with cydia and adding that 74 address thingy in my hosts file?(which i did for both)
um pardon me but u said to right click on restore from itunes?? how do i do that? nothing happens when i try to do that. oh and btw i tried the shift + left click on restore and used the 3.0.1 IPSW file and when itunes tries to verify it comes up with some error 3002 thingy.
@kiks Oops. You need to hold shift and click restore if you are a windows user (alt/option key + click on restore if you are mac user).
And when exactly did you get ur ecid shsh on file with cydia? Am asking you this cause you have got the 3002 error
“If you encouter “unknown error (3002)”, you probably do not have your ECID SHSH’s for 3.0 “on file” with Cydia. Unfortunately, as Apple is no longer allowing users to sign the 3.0 firmware, it is no longer possible to register your device with Cydia”. (Via Saurik)
I suggest you read through this entire article patiently to solve your problem. Here’s the link
http://www.saurik.com/id/12
i think like 2-3 days ago. it says “This device has a 3.1 ECID SHSH on file.”
@kiks I hope Saurik’s page helped you figure out the problem.
hmm it didnt, i didnt understand enough to fix the prob. its ok i guess i’ll just wait for a JB for 3.1 and then i’ll update to 3.1 and restore and jb. thanks for trying tho. big up yourself =D
PODSKAGITE POGALUISTA KAK MHE BIT’ J OBNOVIL iPhon3G DO VERSII 3.1(7C144) i TEPER’ NE MOGU NI chego SKINUT’ NA NEGO NE IgRI Ni PROgRAMI.ChTO DELAT’ I KAK BYT’//PODSKAGITE POGALUICTA…
am in a tight spot and i need an ans. i jailbreak and unlock my iphone 3g by downgrading it from 3.1 to 3.0 after doing this i still did not receive any signal from my t-mobile carrier.i read that if you have bootloader 5.9 or higher you wont receive any signal on your iphone. here are my question
1. would this method of jail breaking make my iphone receive signal on my t-mobile carrier
2. do you have any idea when a new bootloader would be available for 5.9 or higher
@kiks Yeah I reckon 3.1 jailbreak solution will fix your problem. cheers!
HMMM did Rohit stop replying to messages!!??
@jay pascal Since you have bootloader 5.9, your iPhone firmware has downgraded from 3.1 to 3.0; however, your baseband firmware is still 05.11.07. (If you had bootloader 5.8, your baseband firmware would also have downgraded from 05.11.07 to 04.26.08)
Only those iPhones which are on modem(baseband) firmware 04.26.08 can be unlocked. So I am afraid in your case the unlock isn’t possible, and you will have to wait for a new solution to downgrade to 04.26.08 from you current 05.11.07 firmware.(Only then you will be able to use t-mobile).
We are all waiting for a solution. No idea when it’s going to be out. Will give you a heads up once it’s released.
@MrFabulous Hehe.. I haven’t!
@vitalik I am really sorry I dont understand that language. I guess it’s croatian; tried really hard to figure out what your question was. Can you please translate it into English.
i have already jailbroke my iPhone 3G (baseband 05.11.07). it is only working with the carrier simcard (TELSTRA simcard in australia) though. I have already followed all the steps.never miss something. please let me know what should i do then ???…
Rohit,
I really wish I had seen your tutorial first. I too, upgraded to 3.1 through itunes and now have a useless iPhone 3g. Any time estimate on when people smarter than me will figure out a way around this?
@ivan The problem in your case is that you have unknowingly updated even your modem(baseband) firmware from 04.26.08 to 05.11.07. I guess you must have directly updated to 3.1 firmware via iTunes. Now since you are on 05.11.07, you will have a jailbroken iPhone but won’t be able to unlock it. So am afraid for the time being you will have to use only your official carrier (Telstra). Will let you know if there is a solution available to help you solve the problem.
@danielle Sorry to hear that mate. I know it sucks to lose the unlock. Am sure the iPhone dev team are working on a solution as there are many people out there who are facing the same problem. Nobody except the dev team has an idea of when a fix will be out, but I will definitely keep you updated.
@danielle @ivan By the way I hope you guys have gone through this solution. IT WORKS ONLY FOR CERTAIN 3G iPHONES. But worth a try
http://www.digitalmarketingtalk.com/iphone/how-to-downgrade-your-iphone-3g-firmware-3-1-baseband/
i unfortunately have 5.09. of course i couldn’t be that lucky to have the 5.08 version…hopefully the dev team can find a way around the 5.11.07 baseband.
thanks so much for your help. i really appreciate it and look forward to being able to use my iphone again!
I’m new to the iphone world. I bought a refurbed iphone 3g 8gb a few months back. I recently upgraded from 3.0 to 3.1 version and now have firmware 05.11.07. Again I am not all that technical and didn’t know about all these posted not to upgrade before I did. Reason I am emailing is all I did know is I had tethering and now I don’t. I have slingbox on a netbook and can only watch it on my phone with a wifi connection and was looking for alternatives and read all about this stuff. I have never jailbreaked my phone or unlocked it. But I am thinking I want to so I can trick my iphone so I can watch my slingbox with a wifi connection. Will I have to wait until the dev-team has a new release or am I still in the dark on all this?
@TheGloveMan Yea you can run slingbox on 3G using voipover3g or Tricker ThreeG application from cydia
In order to use Slingbox over 3G, you just need to JAILBREAK your iPhone. UNLOCKING is required only if you are not on an official carrier. So what I am trying to say here is if you are on AT&T, you can just follow the above tutorial and jailbreak.
Once you are done jailbreaking your iPhone, you will find cydia on the home screen. Now follow these steps to enable slingplayer app to run on 3G.
1) Launch Cydia.
2) At the bottom of the screen you will find a SEARCH button. Tap on that.
3) In the search box type the word: Tricker ThreeG.
4) Install the application.
5) Once you are done installing. Slingplayer will work on 3G. (Tricker ThreeG tricks Fring, Skype and SlingPlayer to think they are on wifi)
On the other hand if you want to be on a different carrier. For eg: T-mobile, then you will need to unlock your iPhone.
Unfortunately,you will have to wait for a new solution to be out. The reason being you are on 05.11.07 baseband firmware which removes unlock ability on the iPhone. (DONT WORRY ABOUT THIS IF YOU WANT TO STICK TO AT&T for the time being)
@danielle cheers!
The above tutorial is jailbreaking for mac users. I have a netbook running windows xp. Is there a jalibreak for using a netbook with windows xp and an iphone 3g 8gb 3.1 version with firmware 05.11.07 and I’m an AT&T customer.
@TheGloveMan The Windows jailbreak tool(redsn0w) for iPhone OS 3.1 isn’t yet out mate. Once redsn0w is out, you will be able to jailbreak your iPhone 3g 8gb on Windows XP.
haha, no i didn’t have 5.08, so the downgrade didn’t work….still not able to make a call on my iphone.
i constantly keep checking your site during class hoping to see a solution.
How do I install Cydia? I have never jailbreaked my iphone yet and now I have to wait til the Dev-Team comes out with redsn0w for windows users. Do I hve to wait til I install the jailbreak before I install Cydia? If not where do I go to get it?
@TheGloveMan Let me put it this way
You need Cydia to trick Slingplayer to work over 3G. To install cydia you need to jailbreak your iPhone (The whole point of jailbreaking is to install cydia). In order to jailbreak on windows you need redsn0w. Like I said redsn0w isn’t out yet. So at this point you can’t do anything.
i’m trying this on an iphone 2G. i got to the browse IPSW step and it’s stuck. i see the spinning wheel on the lower right hand corner, but it’s not finding the IPSW file. i have the file in the folder.
how long am i suppose to wait?
@gdestiny. The above tutorial is for iPhone 3G users only. However,
Since you are a 2G user. These are the changes you need to make
——————————————————–
THIS IS ONLY FOR iPHONE 2G users
——————————————————–
In step 1:
Download
i)IPSW for 2G iPhone: Here’s the link
http://appldnld.apple.com.edgesuite.net/content.info.apple.com/iPhone/061-6605.20090909.PQ3ws/iPhone1,1_3.1_7C144_Restore.ipsw
ii) Bootloaders
BL 3.9: http://iphonefreakz.com/firmware/BL-39.bin
BL 4.6: http://iphonefreakz.com/firmware/BL-46.bin
In step 5: Browse to the IPSW(2G) file which you just downloaded in step 1
In step 6: Please make sure that you CHECK(TICK) both “activate the phone” and “enable baseband update” options.
In the following screen, unlike 3G users, you should NOT skip bootneuter settings:
In the “Bootneuter settings“, check “Neuter bootloader“, “Unlock baseband“, and “Auto-delete bootneuter.app“, then click continue.
After you click on BUILD in step 7, If you haven’t pwned your iPhone before, you will have to upload the bootlader files you downloaded in step 1. Follow the instructions on the screen to upload BL 3.9 and BL 4.6.
The rest of the steps are the same as in the above tutorial.
I have iPhone 3G, 3.0.1, ATT and is jailbroken. I’ve seen you’ve been very helpful so I thought I would ask for your advice.
I want to keep my ATT service and update to 3.1 and still have my iPhone be jailbroken. What should I do?
Also I’m using windows right now.
i think everybody needs to say thank you to Rohit for his big help :)
Rohit, I have tried to downgrade the iphone, but it does not work. mine is not working with fuzzyband. What should I do then ?
@sal Your best bet is to wait for windows jailbreak tool(redsn0w). I would have asked you to follow the above tutorial if you had a mac.
Irrespective of whether you want to unlock your iPhone or not (i.e stay on AT&T or not), I request you not to directly upgrade to 3.1 firmware from iTunes. Doing so will update even your baseband firmware to 05.11.07, which will cause your iPhone to lose it’s unlock ability forever.
Right now you may not feel the need of using a different carrier. But who knows if for work you have to travel abroad or if you want to sell your iPhone (resale price is always high if the iPhone is unlockable).
And don’t worry will inform you know when redsn0w is out.
@Tik Thanks a ton mate :)
@ivan I am afraid you are at the mercy of the Dev Team. Hopefully they come up with a solution to either downgrade baseband firmware from 05.11.07 to 04.26.08 or to somehow enable unlock on 05.11.07. Will give you a shout when such a fix is out.
Rohit, please let me know if you find a way to fix this problem. I do really appreciate tat.
Thank you very much. regards, Ivan.
@Ivan sure :)
Rohit thanks for the advice. You’ve been helpful. I think I may want to sell my iPhone in the future. I’ll continue to hold off on the update. Thanks again.
Hello,
I need your help. For over year my unlocked 3G 16GB iphone version 2.0.1 is unlocked to all carriers and I use T-mobile prepaid sim card in the US. But 3 days ago I upgraded my phone from Itune to version 3.1(7C144) and since then I think my phone is locked and I’m now not able to have any service. Specifically, the phone says, “NO Service” with my T-Mobile sim card and a gold micro chip that was used to unlock my phone. Men, what can I do I need some help.
@stugok am sorry mate there is nothing much you can do. The Dev team had warned users repeatedly not to upgrade to 3.1 directly via itunes as it updates even your baseband firmware to 05.11.07. This results in your iPhone losing it’s unlock ability. There are many folks like you having the same problem and are hoping that the dev team will release some kind of solution in order to enable the unlock again. I will giv u a heads up once such solution is out.
@Sal cheers mate!
Rohit!!!!!!
Can you please help me, i updated my iphone to 3.1 and i updated itunes to 9.0…..as those were the instructions that quickpwn said to do.
After i followed the instructions exactly, when my phone is finally done restoring…….there is NO SERVICE or NO NETWORK or NO CARRIER and i am so annoyed because i have spent 8 hours trying to figure it out..
I would greatly greatly greatly appreciate your help please….all i want is a jailbroken iphone so i can change the theme and then use it as a phone as well…..
THANKS FOR READING THIS Rohit
@ZIC
Quick questions:
1) Did you directly update to 3.1 firmware via iTunes?
If you have updated to 3.1 firmware directly via iTunes, you have unknowingly updated your modem(baseband) firmware from 04.26.08 to 05.11.07. Updating baseband causes the iPhone to lose it’s unlock ability. To find your baseband(modem) firmware version go to
SETTINGS > GENERAL > ABOUT > MODEM FIRMWARE on your iPhone.
2) Are you on an official carrier-like AT&T(US), O2(UK)?
If yes, then you can still jailbreak your iPhone. Usually you get the NO SERVICE/NETWORK/CARRIER error if you are NOT on an official carrier. So say you were on T-mobile you would get that error coz your iPhone is not unlockable any more.
However, if you are on AT&T, then follow the above tutorial on your MAC and re-jailbreak. Once you are done with that, download Winterboard app from cydia and you can change the theme on your iPhone.
Hey Rohit thanks so much for these instructions; they are by far the easiest to follow and very helpful!
I am in Australia, I have an iphone 3g and am on Mac OSX Snow Leopard, using iTunes 9.
I followed your instructions to the letter earlier today, and although the jb worked, I had no service/network on my phone and found that all my apps (some bought, some downloaded via Appulo.us & Cydia) were unable to reinstall… it seemed that my backup didn’t work for some reason.
After panicking, because there was nothing online about this ANYWHERE, I restored and pwned to 3.0… My phone now has network coverage, but I still can’t seem to get my apps (backup) back on there.
A side note – here in Au, my provider, Optus, provides unlocking (with certain plans) and I had gone through with it without any problem, and was running the 3.0 jailbreak just fine.
Another side note – I tried downloading an older version of iTunes to my main Mac, but it wouldn’t let me.
I have added all my apps to another Mac that runs Leopard and iTunes 8. I’m currently attempting to re-add my apps from there, which will hopefully work, but obviously the rest of my phone’s content won’t be restored, and I’ll be bound to syncing my phone to my secondary machine, which is not optimal…
Do you have any advice?
Thanks in advance!!
Cheers.
Hey again Rohit,
quick update – re-installing the apps from iTunes 8 worked for SOME apps (both bought and erm, acquired..) but not all.
Tried the 3.1 jb again, in case I made some stupid little mistake and after restoring backup I still get the same error. Some apps just won’t reinstall.
Thanks again,
Penny
@Penny I am kind of a neat freak so every time after jailbreaking I start afresh instead of restoring from backup. Many users have faced the same problem and have complained that certain apps dont work. My inbox was flooded with such queries so I decided to write a post about it a a few days back. This gives the cydia application compatibility list with iPhone firmware 3.1.
http://www.digitalmarketingtalk.com/iphone/cydia-application-compatibility-list-for-iphone-3-1/
Also for apps downloaded from appulous to work, you will need to patch the mobileinstallation file. This is how you do it on 3.1 firmware
http://www.digitalmarketingtalk.com/iphone/how-to-add-mobileinstallation-patch-iphone-3-1/
Once you are done with installating the patch, reinstall the .ipa files and it should all work.
I hope that solves your cydia and appulous apps problem. Coming to the paid apps, I dont think there should be any issues.
← Previous Comments