A few days ago iH8sn0w found a method to Jailbreak iOS 4.0 on iPhone 3G, iPod Touch 2G and iPod Touch MC. with new iBoot using Sn0wbreeze V1.7. Sn0wbreeze v1.7 is a jailbreaking tool like PwnageTool for iPhone and iPod touch which can be used to create custom .ipsw files. But unlike the PwnageTool, Sn0wbreeze is fully compatible to work with Windows machines. If you have iPhone 3G, 3GS or iPhone touch 2G, 3G, MC Model running iOS 4 firmware, you can use sn0wbreeze 1.7 to jailbreak your iDevice. Follow simple instructions listed below in order to jailbreak the iPhone or iPod Touch using Sn0wbreeze V1.7.
It is important to note that this method is Tethered jailbreak which means that each time your iPhone or iPod is shutdown down, you need to connect your computer to be able to turn it on. iPhone 3G users on iOS 4 can jailbreak their device only when they have the new iBoot. You can check your version of bootrom with iDetector.
Requirements:
- A iPhone 3G with new iBoot, iPod Touch 2G MC or an iPod Touch 3G
- Make sure that your iDevice mounts on firmware 3.1.2 or or 3.1.2 installed via SHSH blobs.
- Paylod Pwner-r6
- Sn0wbreeze 1.7
- iBooty 1.4
- iOS 4.0 firmware on your iPhone / iPod Touch (which can be downloaded from here);
- The latest version of iTunes 9.2 ( Download from here)
STEP 1 : Pwning iBoot
Download iBooty and extract the archive. Then, Download Payload Pwner Tool, Extract it to a directory and run Pwner.exe and follow the wizard to help you create the payloads. Save these payloads in the same location where you saved iBooty.
STEP 2 : Making a Custom IPSW
Download sn0wbreeze V1.7 and create custom IPSW using Expert mode. Make sure, In General, Checkmark “Disable NOR Flash”. Build firmware and you will see it on the desktop.
STEP 3: iBooty Preparation.
- Download iBooty GUI and Extract it.
- Extract your Custom IPSW created by sn0wbreeze.
- Grab the kernelcache and bring it into the same folder as ibooty. Also grab iBEC from the folder “Firmware\dfu”. As well as DeviceTree from the folder “Firmware\all_flash\all_flash.n88ap.production\DeviceTree.n88ap”.
- Rename your Kernel 4.0-Custom to “kernel.40″
- Rename your iBEC 4.0-Custom to “ibec.40″
- Rename your DeviceTree 4.0-Custom to “devtree.40″
- Remove the .img3/.dfu/etc extensions!
Your folder should look like this :- iboot.payload <– Created with Payload Pwner.
- devtree.40 <– Grabbed from Custom IPSW made by sn0wbreeze.
- ibec.40 <– Created with Payload Pwner.
- bspatch.exe <– Comes with iBooty.
- iBooty.exe <– Comes with iBooty.
- kernel.40 <– Grab from Custom IPSW made by sn0wbreeze.
- sn0w.img3 <– Comes with iBooty.
- wait.img3 <– Comes with iBooty.
STEP 3: Restore the iPhone to iOS 4.0 and execute the Boot
Make sure you are still with firmware 3.1.2 on your iPhone when you run this step.
- Run iBooty and Select “Prepare Device for Custom Firmware”. Make sure that your device is in Recovery Mode (The one with the iTunes Connect Logo). Run the Process and if you see the image, you can proceed!
- Now open iTunes and restore to the custom ipsw.
- When done, your iDevice will go into Recovery Mode and it won’t boot.
STEP E : Booting
- Just Re-Run iBooty and select “Boot It”. If all goes well it will boot!
Voila! You have successfully Jailbroken iPhone 3GS, 3G, iPod Touch 3G, 2G MC Model using new iBoot!
You might also like to learn more about iOS 4.0 Jailbreak
- Jailbreak iOS 4.0 iPhone 3G/3GS on Windows with Sn0wbreeze
- Jailbreak iOS 4 iPhone 3G/3GS and iPod Touch 2G with PwnageTool 4.0
- Jailbreak iOS 4 [Final] iPhone 3G/iPod Touch 2G with Redsn0w 0.9.5b5-3
- Downgrade iOS 4.0 to iOS 3.1.3 iPhone Firmware
Via – iH8sn0w
