Jailbreaking the iPhone 3G S / 4 on 4.3.2 firmware using redsn0w
Posted: May 2, 2011
Who is this guide for?
- iPhone 3G S / iPhone 4 (AT&T only) owners.
- Those who do NOT need an unlocked iPhone!
- I used iTunes 10.2.2.
- I used OS X 10.6.7.
Thanks again go out to the iPhone Dev Team for providing this amazing, and FREE program for
customizing the iPhone. You can visit their website here,
and their blog here.
You can read their
notes regarding this jailbreak
Download iOS 4.3.2 firmware for the iPhone 3G S from Apple here:
Download iOS 4.3.2 firmware for the iPhone 4 (AT&T only) from Apple here:
If your downloaded firmware file ends in .zip, rename it to end in .ipsw. Note: Safari likes to open
"safe" files by default. You must turn this feature off for this download to work correctly. Click
"Safari", select "Preferences", from the "Geneal" tab uncheck the box that says "Open "safe" files
after downloading". Otherwise just use Firefox to download this firmware file.
Download redsn0w 0.9.6rc14 (or later) from the
iPhone Dev Team
You should now have two of these three icons on your desktop.
Double click the redsn0w file and it will place a folder on your desktop. Go into this folder and
place the redsn0w.app file into your Applications folder on your computer. Overwrite any previous
Launch iTunes and restore to 4.3.2 firmware. When you've restored to 4.3.2 iTunes will confirm
this firmware is on the iPhone.
If you do not have access to a valid SIM card like AT&T, Cingular, H2O, or Net10 (which are
available in the U.S.A., then redsn0w will activate (hacktivate) for you. This will cause issues
with battery drain because the iPhone is constantly trying to obtain valid push certificates through
both Wi-Fi and 3G connections.
If you can't obtain a valid SIM card to activate with, I will cover how to solve this issue through
the use of a jailbreak application called SAM in Step 4.
Launch redsn0w. Click the Browse button.
A file browser will open. Navigate to your 4.3.2 firmware file, select it and click Open.
The ipsw should be identified. Click Next.
A pop up window will appear.
Redsn0w will present a few options. Install Cydia is already checked.
- Install Cydia is for adding the Cydia program to gain access to the jailbreak community of
- Install custom bundle is for adding your own .tgz or .tar.gz files to the jailbreak. When
you select this a file browser window will open.
- Allow boot animation allows you to replace the Apple boot logo with a custom one.
- Just boot tethered right now - is for those that are already jailbroken via a tethered method
and need only reboot, not jailbreak all over again.
- Just enter pwned DFU mode right now - walks you through DFU mode used for restoring purposes.
Turn off the iPhone, ensure it is connected via USB and click Next.
Instructions for entering DFU mode will appear. They start right away and go very quickly so try to
keep up! Press and hold the on/off (sleep/wake) button for three seconds
While holding the on/off button, press and hold the home button.
Release the on/off button, but keep holding the home button.
Redsn0w will display various messages: Jailbreaking, Extracting kernel, Decrypting main filesystem,
Extracting system files, Exploiting with limera1n, Uploading first stage, Waiting for reboot.
You'll see a graphic that says jailbreak data is being downloaded on the iPhone. Redsn0w will
display more messages: Uploading logo, Uploading ramdisk, Uploading kernel, Rebooting. Text will
scroll on the iPhone's screen.
You will see a few different messages (Installing base utilities, Replacing kernel, Flashing NOR,
Installing bundles, Activating, Syncing file systems, Moving Applications, Rebooting) on your iPhone
during the next couple minutes. The iPhone will reboot once this has finished.
Done will appear in the program.
You will now have Cydia on your SpringBoard. Here I am on 4.3.2 firmware. You are now jailbroken.
If you did not have a valid SIM card to activate with (AT&T, etc.) and used your T-Mobile SIM
instead that means redsn0w activated (or hacktivated) for you. This will cause
problems with battery drain as the iPhone will constantly attempt to retrieve valid push
certificates. To solve this problem we will be installing a program called SAM (Subscriber
Artificial Module). You can learn more about SAM
Launch Cydia. Press the Manage button then select Sources.
Press Edit, press Add. Enter repo.bingner.com, then press Add Source. Press Return to Cydia when
it has finished installing the new source.
Press Bingner and you'll be brought into the repository. Press SAM.
Press Install, then press Confirm. Press Restart SpringBoard when prompted. You will now see the
SAMPrefs icon on your springboard. Launch it.
Press More Information. Here you'll see your activation state. If you see FactoryActivated it means
you used a program to hacktivate with. If you did this, you'll have to remove the activation. Note:
I have blurred out the values in my screenshot. You will have numbers here. Go to Utilities.
Press Revert Lockdownd to Stock.
You should see this pop up mesage next. If you check More Information you'll see you are now
If your iPhone is plugged into iTunes, then disconnect the USB cable and reconnect it. After a
couple seconds iTunes will reactivate your iPhone. Launch SAMPrefs and go back to the More
Information screen and you'll see your ActivationState is WildcardActivated. You now have legitimate
activation on your iPhone.