Jailbreaking / unlocking the 3G / 3G S iPhone on 4.0 firmware using PwnageTool in Expert mode
Page 2 of 2Step 4.
Launch iTunes. A pop up from iTunes will appear. Click OK.
You should see this in iTunes.
Press the Option key on your keyboard, and click the Restore button in iTunes. In the pop up window that opens, navigate to the custom .ipsw file that was saved to your desktop by PwnageTool during Step 3.
You will see various status bars, while the restoring process proceeds. The iPhone's screen will turn white, and if you chose a custom boot logo, you will see it display on the iPhone at this point. Otherwise you will see the Apple logo.
You will also see this status bar graphic on the iPhone as the installation process continues.
Once the restore process has finished you will receive this message.
Step 5.
If you are using an AT&T SIM just to get your push notifications working, then the iPhone may display the connect to iTunes graphic for up to a minute. iTunes may not see the iPhone, but give it a chance to activate on its own. If it does not, then you can try disconnecting and reconnecting the USB cable. iTunes should now see the iPhone and display the waiting for activation message. Slide to unlock to dismiss this message.An alternate method to fixing push notifications can be found in this tutorial.
Note: You may not even see this message, it may just activate right away. I used an active AT&T GoPhone SIM, that's why I have full bars and 3G displaying.
Step 6.
iTunes should prompt you to set up the iPhone. You should NOT restore from a backup as it has been well documented that this causes issues with the battery draining at an accelerated rate for whatever reason. Make your selection and click Continue.
Continue setting up your iPhone. Click Done.
Then this screen will appear, confirming you are on 4.0 firmware. Note: I erased by my serial number for privacy reasons.
Cydia (if you selected it) has been placed on the SpringBoard.
If you launch Settings, and press, General, About, you can confirm your firmware versions here. I am on 4.0 firmware, and my modem (baseband) is 5.13.04. Note: I always erase my Serial Number, Wi-Fi Address, Bluetooth, IMEI and ICCID from my screen shots for privacy reasons. Remember, don't update to newer firmware than 4.0 until it can be unlocked or used with PwnageTool as you could render your iPhone useless as a phone.
Launch Settings, press General, press Network, and turn off 3G.
Step 7.
Switch out your SIM card (unless you already did).
Let's unlock the iPhone now. Launch Cydia (you'll be prompted to enter your Wi-Fi password if you haven't done so already). Make your selection at this screen. Then perform any updates needed to Cydia (press the Changes button). Once that has finished restart Cydia if needed.
If this is the first time your iPhone has been jailbroken and Cydia launched, you will instead be
greeted with this message. You want to press the button that says Make my life easier, thanks! This
will enable Cydia to store your SHSH for your iPhone so that you can continue to restore to this
firmware even when Apple won't sign the firmware any more.
|
|
|
The next time you launch Cydia you'll see the message: This device has a pending TSS request. Cydia will eventually send your ECID to Apple and then capture the signature file that Apple sends to approve the restore. When it has this file captured it will state that you have an SHSHon file for that particular firmware. Because it could take Cydia some time (I've seen it take weeks) to capture this file and report it as captured, you need to read and follow my TinyUmbrella tutorial here, to get this file directly from Apple immediately. |
|
Press the Search button. Enter ultrasn0w and press the program name to select the program for installation. Note: If you can not find ultrasn0w (most likely because the source repository was not cached due to some Cydia error), then read Step 7a below.
Press the Install button. When it is finished, press the Reboot Device button.
When the iPhone reboots you should now see your carrier name displayed. If you don't already have carrier bars, double check that your 3G slider is still off. I've had to shut this switch off more than once before. You may want to check your Carrier menu.
I hear it is better to select the carrier name you want to use versus leaving it in Automatic.
iTunes should now display the phone number field.
Step 7a.
You are at this step because the ultrasn0w repository is not being loaded by Cydia for some reason. This is usually temporary. If you absolutely can not wait, then perform this step to get ultrasn0w installed.If you don't already know how to use SSH, then you must read this tutorial first.
Download ultrasn0w 1.1-1 from me here. You should now have this file on your desktop.
Launch YummyFTP and navigate to your iPhone's /tmp folder. Place the ultrasn0w file you downloaded into this folder.
On your Mac, go to your Applications folder, then go to your Utilities folder and launch the Terminal.app. Enter the following command after you have logged into the iPhone.
dpkg -i /tmp/ultrasn0w_1.1-1_iphoneos-arm.deb
After about a minute your carrier name should appear and you should have a signal. If not, then reboot the iPhone.
If you launch Cydia and press Manage, then Packages you will see the ultrasn0w program in the list. You can of course remove the application through Cydia, and if there are any updates Cydia will alert you to this.
Restoring the iPhone back to stock configuration
If you want to remove all evidence of the jailbreak and the unlock, then simply restore your iPhone using iTunes. Keep in mind clicking update or restore may put you on newer firmware that can not be jailbroken or unlocked. You will also need an official SIM to activate the iPhone again. In my example below clicking either button will put 4.0.2 firmware onto my 4.0.1 iPhone. Think about what you are doing before you do it.
Updating your iPhone to newer firmware
Once a new firmware has been released it takes time to craft a new jailbreak and a new unlock, or a work around for the unlock. Do not update your jailbroken/unlocked iPhone if you value its current state of operation. I will post a tutorial on how to get newer firmware installed when it is possible.You updated your iPhone anyway and want to go back
If you updated your iPhone and now realize your mistake and want to go back, you will be able to jailbreak provided your saved your SHSH. Read this tutorial to learn more. If you do have the SHSH for the firmware you want to go back to then read this page to see how I downgraded my iPhone 3G and 3G S.Keep in mind, if the new firmware you installed on your iPhone also came with new modem firmware, then you have lost your ability to unlock, possibly forever.
