Tag Archives: comex

Apple TV Jailbreak Released

Quote (via iPhone Dev-Team):

We’re pleased to release PwnageTool 4.1 for Mac OS X (free of charge, blog ads, and donation requests — as always!).  Today’s big new addition to the jailbreak family is AppleTV 2G, which was first shown jailbroken in its release week!

Through a combination of the recently released geohot limera1n exploit , @comex’s recently released pf kernel exploit, and our original pwnage2 exploit, PwnageTool 4.1 works untethered on these devices at firmware 4.1:

  • AppleTV 2G
  • iPad (firmware 3.2.2)
  • iPod touch 4G
  • iPod touch 3G
  • iPhone4
  • iPhone 3GS
  • iPhone 3G

PwnageTool allows you to restore to a custom IPSW file.  For instance, you can restore to a pre-jailbroken firmware while simultaneously maintaining your current baseband (and thus your ultrasn0w carrier unlock).  You can also add whatever packages you want in the “Expert” mode of PwnageTool, if you wish to pre-install Cydia packages.   iPhone 3G users get the additional benefit of selecting their own boot and recovery logos, and features like multitasking and battery charge percentage.

PwnageTool’s main advantage to ramdisk-based methods (limera1n, greenpois0n, redsn0w) is for unlockers — those that need to keep their current baseband and preserve their ultrasn0w unlock.  But in this new age of both bootrom- and userland-based exploits, it’s an excellent platform for continuing the jailbreak through all future firmwares.  More on this later!  In the meantime, please enjoy this free software and please provide any usage feedback in our comment section below.

AppleTV 2G users:  Welcome to the JB family!  Right now, about all you can do is command-line stuff via ssh.  You also have afc2 available, so you can use tools like ifunbox to move files around.  These are the *very* early days of AppleTV 2G jailbreaking, so it’ll take some time for JB app developers to come up with methods to use your AppleTV 2G from the remote, versus the command line.  PS: Your ssh password is “alpine”…please change it when you can :)

Expert mode: By popular demand, the IPSW file selection in Expert mode is now completely manual (doesn’t use Spotlight).  Just pick your IPSW file directly instead of waiting for the Spotlight search to complete.  In Expert mode, the default is to hacktivate (“Activate the iPhone”), so if you have a legit SIM card be sure to deselect that option in Expert mode.

DFU button:  That “DFU” button in PwnageTool is more than it looks like.  It guides you through the DFU process, but then also runs the appropriate exploit to convince your device and iTunes that all is legit.   The DFU button in PwnageTool is not just your average DFU.

Official Bittorrent Releases

PwnageTool 4.1 Torrent  - PwnageTool_4.1.dmg.5898597.TPB.torrent

SHA1 Sum = 4f216e5863d191f30f84b6201e8c2bbea031e691

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash.

We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must.

Mirror owners should email direct dmg download links only (no rapidshare type sites please) to blog@iphone-dev.org — please don’t place mirrors in the comments as they will be deleted.

  • http://zaone.ro/PwnageTool_4.1.dmg
  • Jailbreakers – Stay Away from iOS 4.1

    As many of you probably know, today Apple released a new firmware for the iPhone and iPod touch, iOS 4.1. If you are currently jailbroken and would like to keep your jailbreak, do not update! There is currently two known ways to jailbreak this firmware, one way would be through redsn0w, another and much more simplistic way, is through an updated version of jailbreakme.com. Right now we’re just waiting on Comex, creator of jailbreakme, to release the jailbreak(s). Here’s the newest post from the iPhone Dev-Team regarding iOS 4.1:

    Quote (via iPhone Dev-Team):

    This time of year there are lots of new iPhone owners, and not everybody knows that accepting new iOS updates is the surest way to lose your jailbreak and/or unlock.  While those of you who have Cydia or TinyUmbrella backups of your FW hashes will always be able to get back to 4.0.1 if you make this mistake, this doesn’t hold for unlockers. There’s currently no known way to revert your baseband — if you update your baseband you’ll lose the ultrasn0w unlock, possible forever.

    Please stay away from this 4.1 release until a safe jailbreak procedure (which also preserves ultrasn0w) is developed and released.

    P.S.  There are a tiny number of iPhone3G owners who can revert their basebands due to a flaw in very early bootloaders…you will already know if you fit in this category!

    Fix PDF Security Holes Without Updating to iOS 4.0.2/3.2.2

    iOS 4.0.2 for iPhone/iPod touch and iOS 3.2.2 for iPad was released yesterday, fixing the security hole that @comex exploited in order to revive JailbreakMe.com. However, for whatever the reason may be, iPhone neglected to release the new firmware for the iPhone 2G and iPod touch 1G. If you’re an owner of either of those two devices, you can easily patch the security hole with Saurik‘s (creator of Cydia) new patch via Cydia (you must be jailbroken). You can also install this patch on all other iDevices (and on all other firmwares from 2.x on up) if you choose not to update to the new firmware and lose your jailbreak.

    To install Saurik’s patch, open Cydia and search for the package named ‘PDF Patch’.

    Jailbreak iPhone 4, iPhone 3GS, iPhone 3G, iPod touch 1G, iPod touch 2G, iPod touch 3G, and iPad on iOS 4, iOS 4.0.1, and iPad iOS 3.21

    JailbreakMe 2.0 has now officially been released. This the new jailbreak for iPhone 4, iPhone 3GS, iPhone 3G, iPod touch 1G, iPod touch 2G, iPod touch 3G, and iPad on iOS 4, iOS 4.0.1, and iPad iOS 3.21 released by trusted member of the iPhone dev-team, Comex.

    If you are planning to jailbreak, make sure you sync with iTunes first and create a backup just in case something happens to go wrong. Turn on your iPhone 4, iPhone 3GS, iPhone 3G, or iPad and open Safari. Then go to JailbreakMe.com. Slide “Slide to Jailbreak” bar to start the jailbreak process, and you will be given further instructions depending on what firmware your device is on.

    This is currently the newest and easiest jailbreak for the iPhone and iPad. Also, many of you will be happy to know that jailbreaking is now 100% legal, but don’t forget that you will lose your warranty. Follow @TechGeec on Twitter for future updates.

    How to Jailbreak the iPad (WiFi + WiFi/3G)

    You can now jailbreak your iPad using comex’s Spirit tool. This guide will show you how. This is for OS X but the Windows version works exactly the same. It is a universal release, so both PPC and Intel folks (using Macs) are supported.

    Jailbreak the iPad

    First off, download Spirit. OS X users can download it from SpiritJB.com, ModMyi.com, or the MediaFire.com miror.
    Windows users can get it here, from SpritJB.com, as well.

    You’ll see the Spirit icon on your desktop.

    Make sure your iPad is on, in normal mode, and connected to the computer via your USB cable. Open Spirit – it will see your device and show it’s ready (Spirit works on any iPad, iPhone, or iPod touch on firmware 3.1.2, 3.1.3, or 3.2).

    Jailbreak iPad

    Press Jailbreak. For about 30 seconds you’ll see Spirit tell you it’s jailbreaking.

    Your iPad (or other device) will show a “Restore Complete” screen (don’t worry, it’s not deleting any of your info/content), and Spirit will show Jailbreak Complete!

    Jailbreak iPad

    The iPad will restart, and for a minute or two you will see a very nice piece of artwork while Spirit is extracting the bootstrap package and finishing its work.

    Boom – that’s it. Your iPad will then start back up, and you’ll see Cydia installed.

    I strongly suggest if you have not already backed up your SHSH blobs, you open Cydia and press the Make my life easier, thanks! button to have saurik’s server back them up for you. This ensures you can always restore to the 3.2 firmware, regardless of whether Apple attempts to restrict that later.

    Congratulations! You’re now the proud owner of a jailbroken iPad.