Finally, the iPhone Dev Team has released the much awaited Pwnage 3.1.2 for Mac. At this point, if you are wondering why to use PwnageTool instead of Blackra1n then I would like to remind you that with Blackra1n you move to 05.11.07 baseband firmware (which in layman’s language means you will end up losing your iPhone carrier unlock).
On the other hand if you use this tutorial to unlock your iPhone 3.1.2, you will be able to retain your iPhone’s unlock ability and use any carrier on the face of earth (Yes T-Mobile, Orange, Vodafone, BSNL etc).
Note: This tutorial is for iPhone 3GS and MAC users only. Windows users subscribe to my blog or follow me on Twitter, so that I can give you a heads up when the windows jailbreak tool(Redsn0w) for 3.1.2 is out!
(If you are an iPhone 3G (not 3GS) user then follow this tutorial)
Let’s find out under what conditions this tutorial will work:
- If you have an iPhone 3GS 3.0/3.0.1 which is already jailbroken with either Redsn0w or Pwnage then you can use this tutorial.
- If you have an iPhone 3GS 3.1/3.2 which is already jailbroken with blackra1n then you can use this tutorial. However, since you have already used blackra1n your iPhone won’t have the unlock ability)
Tutorial:
1. Create a folder named Pwnage on your desktop. In that folder download the following files
i) Pwnage 3.1.4: Download it from here – Link 1 or Link 2.
ii)iPhone 3GS 3.1.2 firmware (IPSW): Download it from here – Link.
(Please use firefox instead of safari if not it will be downloaded as a zip file)
2) Mount PwnageTool 3.1.4 by double clicking PwnageTool_3.1.4.dmg and drag the PwnageTool icon that opens up, into the Pwnage folder.Then from the Pwnage folder double-click PwnageTool application.
3) Select “Expert Mode” from the top menu bar.
4) Select your iPhone (In this case iPhone 3GS) and click the blue button to continue.
5) Now browse for the IPSW file. Remember you downloaded it in Pwnage folder. (In some cases it may automatically be found).
Click on the IPSW file, if you do it right, a green check mark will appear next to it. Now click the blue button to continue.
6) On the following screen you will see 7 different options.
Inside General settings DO NOT CHECK ‘Activate the phone’ option. Repeat: If you are using an iPhone 3GS, irrespective of whether you are on official carrier or not, you always need to make sure that the option is UNCHECKED.
Increase the size of the root partition slightly. To about 695 MB. Then click blue button.
Skip the Bootneuter settings by just clicking the blue button.
You will then be taken to Cydia settings where you can create custom packages so you don’t have to manually install them later.
Select the Download packages tab. Then click the Refresh button to display all the available packages. Double click the package that you want to download in order to make it available in the Select Packages list.
In the Select Packages tab, check the packages you want and click the blue arrow button.
On the following Custom Packages Settings screen. Leave all the settings as it is and click the blue arrow button.
You will then reach the boot logo settings. Just skip this step and click the blue button.
7) On the following screen click the “build” button to start the pwnage process (i.e build your own IPSW file).
8 ) Save the custom firmware(IPSW file) in Pwnage folder on the desktop (which you created in step 1) and wait for about 15 mins for it to be built.
9) Enter your administrator password.
10) Whether or not your iPhone has been pwned before just select NO on the next screen.
11) Keep your iPhone connected to your mac and switch it off, when indicated.
12) Now the part where you have to pay rapt attention and follow directions to enter DFU mode.
i) Hold the home and power buttons for 10 seconds.
ii)Release the power button and hold the home button for 10 seconds.
On doing this you will get a notification that reads successfully entered DFU (recovery) mode.
13) In iTunes, hold the Alt/Option key and click restore simultaneously. A new window will open where you can select the CUSTOM firmware that you built in step 7.
14) Browse to the Pwnage folder on your desktop.Select iPhone2,1_3.1.2_7D11_Custom_Restore.ipsw file and click the choose button. (REMEMBER: you have to choose CUSTOM IPSW in this step)
15) iTunes will then restore your iPhone 3G using the custom firmware in about 15 minutes.
16) You will then get the option of setting up your iPhone either as a new phone or restoring from backup.
17) Now just restart your iPhone 3GS and you will find cydia on your springboard. Hurray you are done :)
NOTE: Once you are done jailbreaking, you can unlock your iPhone 3.1.2 using ultrasn0w to use any carrier! Here is the tutorial – Link
{ 6 comments… read them below or add one }
Will this method work on a 3GS (32 GB) fresh out of the box?
We have a brand new 3gs 32gb with 3.0.1 installed. We are wondering if we should first upgrade the ipsw to 3.1.2 before we use the Dev Team pwnage tool (ver 3.1.4) OR first use the older pwnage tool to unlock our current 3.0.1 software.
It seems from reading your blog that it may be better to start out with 3.1.2 and pwnage that as then we are left with a more permanent solution.
Further, we do not understand why your blog states that we must have an unlocked phone to start with. Surely the above procedure use pwnage 3.1.4 to unlock and jailbreak the phone??
Thanks for your help.
i followed all of the directions for jailbreaking as well as unlocking the phone. it seemed to work correctly, but now it just keeps searching for the phone network. any help would be extremely appreciated. thanks, mychal
Hi, I have a new ( 3 weeks) Iphone 3GS 16 GB and blackra1N and pwnage tool didn’t work ( i don’t know if it’s this one or the one before) Can you tell me if this one will work?
Thanks for your help !
I have already tried to jailbreak my iphone with blackra1n it was a failure. So I tried with pwnage tool but when I arrived step 11, my iphone was lock on a picture with itunes and a cable. Anybody can help me?
Hi ROHIT, is this way of jailbreaking (opposed to blackra1n) tethered or untethered? Or does it depend, just as with blackra1n, on the production week of the iPhone? Thanks in advance.