Tag Archives: iphone dev team

Apple TV Jailbreak Released

Uncategorized, , , , , , , , , , , , , ,

Quote (via iPhone Dev-Team):

We’re pleased to release PwnageTool 4.1 for Mac OS X (free of charge, blog ads, and donation requests — as always!).  Today’s big new addition to the jailbreak family is AppleTV 2G, which was first shown jailbroken in its release week!

Through a combination of the recently released geohot limera1n exploit , @comex’s recently released pf kernel exploit, and our original pwnage2 exploit, PwnageTool 4.1 works untethered on these devices at firmware 4.1:

  • AppleTV 2G
  • iPad (firmware 3.2.2)
  • iPod touch 4G
  • iPod touch 3G
  • iPhone4
  • iPhone 3GS
  • iPhone 3G

PwnageTool allows you to restore to a custom IPSW file.  For instance, you can restore to a pre-jailbroken firmware while simultaneously maintaining your current baseband (and thus your ultrasn0w carrier unlock).  You can also add whatever packages you want in the “Expert” mode of PwnageTool, if you wish to pre-install Cydia packages.   iPhone 3G users get the additional benefit of selecting their own boot and recovery logos, and features like multitasking and battery charge percentage.

PwnageTool’s main advantage to ramdisk-based methods (limera1n, greenpois0n, redsn0w) is for unlockers — those that need to keep their current baseband and preserve their ultrasn0w unlock.  But in this new age of both bootrom- and userland-based exploits, it’s an excellent platform for continuing the jailbreak through all future firmwares.  More on this later!  In the meantime, please enjoy this free software and please provide any usage feedback in our comment section below.

AppleTV 2G users:  Welcome to the JB family!  Right now, about all you can do is command-line stuff via ssh.  You also have afc2 available, so you can use tools like ifunbox to move files around.  These are the *very* early days of AppleTV 2G jailbreaking, so it’ll take some time for JB app developers to come up with methods to use your AppleTV 2G from the remote, versus the command line.  PS: Your ssh password is “alpine”…please change it when you can :)

Expert mode: By popular demand, the IPSW file selection in Expert mode is now completely manual (doesn’t use Spotlight).  Just pick your IPSW file directly instead of waiting for the Spotlight search to complete.  In Expert mode, the default is to hacktivate (“Activate the iPhone”), so if you have a legit SIM card be sure to deselect that option in Expert mode.

DFU button:  That “DFU” button in PwnageTool is more than it looks like.  It guides you through the DFU process, but then also runs the appropriate exploit to convince your device and iTunes that all is legit.   The DFU button in PwnageTool is not just your average DFU.

Official Bittorrent Releases

PwnageTool 4.1 Torrent  - PwnageTool_4.1.dmg.5898597.TPB.torrent

SHA1 Sum = 4f216e5863d191f30f84b6201e8c2bbea031e691

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash.

We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must.

Mirror owners should email direct dmg download links only (no rapidshare type sites please) to blog@iphone-dev.org — please don’t place mirrors in the comments as they will be deleted.

  • http://zaone.ro/PwnageTool_4.1.dmg

    • Redsn0w 0.9 Released for Mac and Windows

    Uncategorized, , , , , , , , , ,

    Well the iPhone Dev-Team has unofically released redsn0w 0.9 beta3. The reason why they haven’t offically announced it on their blog, is because it is still currently in the beta stages.

    Quote (via redsn0w 0.9beta3):

    What is it?

    A cross-platform jailbreaking, unlocking, and customizing tool for iPhones and iPod touches. Customizations include boot logos, recovery logos, and “verbose” boot. It’s a standalone program that doesn’t use iTunes (no custom IPSWs are involved).

    The download links are at the bottom of this page (but please read the whole page anyway!).

    We’ve been offering redsn0w in various incarnations over the years (including poorlad’s Windows version of QuickPwn). The most recent release before this one was redsn0w 0.8, which targeted Apple firmware 3.0/3.0.1.

    What devices, platforms, and FW versions are supported?

    The beta supports:

    • All iPhones and iPod touches except the iPod touch 3G
    • Windows and Mac OSX (x86)
    • Apple firmware 3.0 and 3.1.2

    When it’s out of beta, it will support the iPod touch 3G, PPC OSX, and Linux.

    If you need a carrier unlock, redsn0w will handle iPhone 2G by itself (by installing our BootNeuter utility). For the 3G and 3GS, use Cydia after you’re jailbroken to install ultrasn0w (baseband 04.26, preferred) or blacksn0w (baseband 05.11).

    How is it different from PwnageTool?

    redsn0w doesn’t require a system restore like PwnageTool does (it doesn’t even use iTunes at all). On the other hand, PwnageTool can prevent your baseband from being upgraded when you upgrade your firmware, preserving your unlock. (redsn0w doesn’t touch your baseband but it doesn’t help preserve it during an upgrade either).

    redsn0w works by modifying your current filesystem, so your existing baseband, data and applications should remain intact.

    How is it different from blackra1n?

    It differs from blackra1n because:

    • It uses our original Pwnage bootrom exploit for iPhone 2G, iPhone 3G, and iPod 1G. (Because it’s a bootrom exploit, it can’t be fixed by Apple without a new hardware release.) Note that redsn0w 0.9 does use the USB exploit for iPhone 3GS and iPod 2G running 3.1.2, but that exploit will be fixed in Apple’s next FW release.
    • It offers custom logos and verbose boot
    • It installs Cydia without needing a separate download
    • It’s not as fast :) (but redsn0w handles more variations :))

    What if I have a late-model device?

    If you have a late-model iPhone 3GS, or if you have an iPod touch 2G whose serial number begins with “MC”, you can use redsn0w to jailbreak but you are currently restricted to “tethered” rebooting. That means you need to connect your device to a computer to complete the boot after a reset. Also, these devices cannot have custom logos.

    redsn0w will ask you whether or not you fit in this category when used with the iPhone 3GS or iPod touch 2G. If you have a late-model device and don’t give redsn0w the correct answer, you will likely need to do a system restore to recover from the mistake.

    To do a tethered boot after your late-model device resets for some reason, either run redsn0w again and select “Just boot tethered right now”, or run blackra1n.

    What if I’m already jailbroken?

    If you’re already jailbroken (by whatever means), redsn0w can still be used to change your boot logos, revert back to the stock logos, or switch verbose booting on and off. By selecting “Already Pwned” you can bypass the steps normally needed to enter the jailbroken state.

    How long should it take

    You should see a picture of a drive (“Downloading Jailbreak Data”) within 30 seconds of launching the jailbreak (after you’ve made your custom selections). It should then reboot and you should see a running pwnapple while the process is underway. It should finish within a minute or two after that, and will reboot on its own.

    Is it safe?

    The Windows version has been tested by small groups of volunteers on IRC and our blog since mid-January. That being said, this is still a beta and if things go wrong you may have to do a system restore…so make sure your data and pictures are synced before trying the beta.

    Beta feedback

    redsn0w is in beta until we get iPod Touch 3G, PPC OSX, and Linux support added. In the meantime, please send any feedback to MuscleNerd (either gmail or iphone-dev.org), or tweet with a #redsn0w tag. Please detail your device, OS, and any problem you find.

    Download links

    I was able to succesfully jailbreak my second generation iPod Touch using Redsn0w 0.9 beta3 and I highly reccommend it over Sn0wbreeze as Sn0wbreeze didn’t work for me whatsoever. And my feature included in 0.9 beta3, is that it offers verbose boot. Verbose boot is a boot function that shows the processes the iDevice must go through in order to boot. So instead of displaying the regular Apple logo, it displays the current processes. Here’s what it looks like:

    Have fun jailbreaking your iDevice running 3.1.2! To visit the download page, click HERE.