Jailbreaking/unlocking the iPhone 3G S on 4.2.1 firmware using PwnageTool, redsn0w & ultrasn0w

Page 1 of 2

Who is this guide for?
  • 3G S iPhones with the old bootrom.
  • I had 4.1 firmware with 5.13.04 modem firmware.
  • I used iTunes 10.1
  • I used OS X 10.6.5.





Thanks again go out to the iPhone Dev Team for providing this amazing, and FREE program for customizing the iPhone. You can visit their website here, and their blog here. You can read their notes regarding 4.2.1 firmware here.



Step 1.

First determine which bootrom is on your iPhone. This tutorial is only for those with an old bootrom.

If you have a new iPhone 3G S (purchased after October 13, 2009) it may have a newer version of iBoot. This updated iBoot (359.3.2) was created specifically to hamper the jailbreaking process. You may be able to check prior to purchase by looking at the serial number of the phone. This may not be a definitive check. Look at the fourth and fifth digits. This is the week the phone was manufactured. If that number is 40 or higher than you just might have this new iBoot.

Here is how you definitively check your iBoot version. Place the iPhone into DFU mode: have the phone connected via USB, turn it off. Press and hold the Home and the Sleep/Wake buttons for ten seconds. Then let go of the Sleep/Wake button and continue holding the Home button for 10 seconds. The screen will appear black but it will be on.

Click on the Apple in the top left corner of your screen. Select About This Mac. Click the More Info... button on the pop up that appears. Under the Hardware menu select USB. Now go to the USB High-Speed Bus menu and look for the Apple Mobile Device (DFU Mode). In the Serial Number field look for SRT:[iBoot-XXX.X]. Your version number is here. My version, pictured below, allows the jailbreak to function. To leave DFU mode, simply continue holding the Home and Sleep/Wake buttons until the iPhone reboots.

iPhone



If you have a new bootrom you'll have to first restore your iPhone to 4.2.1 firmware and then use redsn0w for a tethered jailbreak. Of course you just blew your chance at unlocking since you've updated your modem firmware by restoring to new firmware. I will not make a tutorial for this as I don't own a new bootrom iPhone 3G S. You could look at my simulated tutorial for the iPhone 4 which also uses redsn0w for a tethered jailbreak here.

Old bootrom users continue reading.....



Step 2.

Download PwnageTool 4.1.3 Unlock Edition here. Download the bundle file from Update 3 of the previous link. You should now have these two icons on your desktop.

iPhone



Double click the PwnageTool file to decompress it and then drag the PwnageTool.app icon to your desktop.

iPhone



Double click the bundle zip file. This file will appear.

iPhone



Right click the PwnageTool.app icon, then select Show Package Contents

iPhone



Click the Contents folder, then click the Resources folder, then click the FirmwareBundles folder. Place the bundle on your desktop into this folder. You should have two iPhone 2,1 files in this folder now. You can either run the PwnageTool application from your desktop or place it into your Applications folder.

iPhone




Step 3.

Download 4.2.1 firmware for the iPhone 3G S from Apple here:
http://appldnld.apple.com/iPhone4/061-9895.20101122.Cdew2/iPhone2,1_4.2.1_8C148a_Restore.ipsw



Step 4.

Launch PwnageTool. Click Expert mode and click the iPhone on the left. It will have a green check mark on it. Click the blue arrow.

iPhone



Double click Browse for IPSW...

iPhone



A file browser window will appear. Navigate to your 4.2.1 firmware file, select it and click Open.

iPhone



Click General and a check mark should appear. Click the blue arrow.

iPhone



At the General settings screen make sure that you do NOT check the Activate the phone box. Redsn0w will take care of hacktivation (and dehacktivation later) so that this is handled properly. Click the blue arrow.

iPhone



At the Cydia settings screen you can choose to include Cydia programs in your custom firmware. Click the blue arrow.

iPhone



The Custom packages settings screen will display any programs you've chosen from the previous screen to include in your custom firmware. Click the blue arrow.

iPhone



Click Build. It should have a check mark. Click the blue arrow.

iPhone



Name your custom firmware file.

iPhone



You will now see this screen while your custom .ipsw is assembled. This stage is five to ten minutes long depending on your computer's speed.

iPhone



You will be prompted to enter your system password. There is nothing nefarious in this request, the reason it is asking is because it is creating your firmware and running commands as the root account (or superuser) on your computer. There are various processes where unmounting and mounting of a file systems is necessary. This is performed while using a system UID of 0 which causes the prompt for a system password. The root access is only for the creation of the ipsw file. So it's completely harmless.

iPhone



As soon as it finished building the firmware, the instructions for entering DFU mode began. If you miss this process you'll wind up seeing this screen next.

iPhone



If this happend to you just click Yes. The instructions will then repeat. You will be prompted to press and hold the home and power buttons.

iPhone



You will be prompted to release the power button.

iPhone



You will be instructed to continue holding the home button. The countdown may freeze at 6 seconds, this is okay.

iPhone



You should now be in DFU mode. Click OK, close PwnageTool.

iPhone







Click here to go to page 2




Return to top of page