Jailbreak iPhone, iPod Touch, iPad

Now we have some estimations regarding the release of the iOS 5.1 untethered jailbreak. Pod2g noted that it is at least a month away.

ETA for 5.1 JB: no clue! We’re going to set pieces of the puzzle together this week. We could have issues… Could be 1 month maybe 2…

I know 1 month seems long, but it’s short to work on a project like this when it’s a hobby and you’ve other things to do as well.

Last week, pod2g reported that the Chronic Dev-Team has all the exploits required to release an untethered jailbreak of iOS 5.1 for all devices, including iPad 3, iPad 2 and iPhone 4S. However it would take some time to put it together into a useable release.

The iPhone Dev-Team has updated RedSn0w with the ability to save iPhone unlock tickets (SAM unlock).

redsn0w 0.9.10b8 adds the ability to backup arbitrary directories or files from your device into a zip file on your Mac or PC. The new button is Extras->Even More->Backup and it requires your device to be jailbroken with the afc2 service enabled (most jailbreaks include that). By default it will backup your activation records from /var/root/Library/Lockdown, which is useful for everyone taking advantage of today’s SAM unlock using Loktar_Sun’s trick

You can download the new version of RedSn0w 0.9.10b8 here.

You can save unlock tickets through Extras -> Even More -> Backup.

A new unlock has been discovered that works for all iPhones and all 5.x firmware versions, all basebands are supported.

The method discovered by Loktar_Sun appears to exploit a logical bug in Apple’s server and can be performed on any jailbroken iOS device. His procedure involves using Sam Bingner’s SAM (Subscriber Artificial Module) package to perform a series of steps that unlocks your phone to use a specific SIM.

It has been confirmed working by iPhone Dev-Team member MuscleNerd who notes an update may be coming to SAM from @sbingner to make the procedure simpler.

We will post detailed step by step unlock instructions soon.

UPDATE: Tutorial is ready! You can find it here.

Pod2g has bypassed ASLR at bootup, making progress towards the public release of an iOS 5.1 jailbreak. ASLR is a security method that randomly arranges important data areas. This is one more step toward untethered iOS 5.1 jailbreak for all devices including iPhone 4S, iPad 2 and new iPad 3.

ASLR seems bypassed! Weird machines FTW. Time to ROP the payload.

Earlier this week pod2g revealed that the Chronic Dev-Team now has all the exploits required to release a userland jailbreak of iOS 5.1. It takes time to put them together in a public ready tool.

The iPhone Dev-Team has updated RedSn0w to jailbreak the iPhone 4S and iPad 2 on iOS 5.0.1.

Version 0.9.10b7 of redsn0w adds a collection of useful features: It finally implements the corona-A5 jailbreak for iPhone4S and iPad2 devices still at 5.0.1. It can also re-install that jailbreak for those who accidentally uninstalled the untether. When stitching an IPSW, it can now grab your blobs directly from Cydia. It now shows a lot more info about your device (for instance, whether your iPhone3G has the vulnerable baseband boot loader, or whether your iPhone3GS has the old exploitable bootrom. (And the next new feature to be added will be built-in restore support, to provide an alternative to iTunes restores.)

Previously you needed to use Absinthe to jailbreak the iPhone 4S and iPad 2.

You can download the new version of RedSn0w from here.

We will update our tutorials soon.

Famous hacker pod2g has announced that the Chronic Dev-Team now has all the exploits required to release a userland jailbreak for iOS 5.1.

News: we have all exploits required to do a new jailbreak. I’m working on bypassing ASLR at bootup.

Last month Pod2g said that the team only had a few pieces of a userland jailbreak. Now that the team has them all, it will still take some time to put them together in a public ready tool.

Since this is a userland jailbreak, it will be the first publicly available jailbreak of the iPad 3. I0n1c has demonstrated a jailbreak of the new device, however, he’s said he will not release his jailbreak to the public.

The iPhone Dev-Team has released updated RedSn0w 0.9.10b6b for Mac OS that fixes an issue for those on Mac OS X 10.5.x or earlier.

Update #1b: The OS X version of redsn0w has been updated to fix an issue for those running OS X 10.5.x or earlier.

You can download the latest version of RedSn0w from here.

Our step-by-step tutorials for jailbreak iOS 5.1 using redsn0w 0.9.10b6 are here.

UPDATE: Tutorials for iOS 5.1.1 can be found here.

Here are our step-by-step tutorials that will guide you through all the process of jailbreaking iOS 5.1 with redsn0w and sn0wbreeze:

iPhone 4

Tethered jailbreak iOS 5.1:

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

iPhone 3GS

(Un)Tethered jailbreak iOS 5.1

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

Read the rest of this entry »

Chpwn (Grant Paul) and Phoenixdev (Paul Griffin) have posted photos of an iPad 3 that was jailbroken using a third method!

Jailbroken iPad (3), using a different method by myself and @phoenixdev: http://db.tt/mqIZmw96 http://db.tt/g2UlawxV http://db.tt/V9a3YZRJ

This has truly been an amazing day for jailbreaks. First iPhone Dev-Team posted photos of jailbroken iPad 3, later i0n1c posted a video using unique method. Now it seems that there is a third methid. Wow!!

Most recently I0n1c posted a video to YouTube demonstrating that his jailbreak was untethered.

Stefan Esser, better known as i0n1c, just announced that he has successfully performed an untethered jailbreak of the iPad 3.

Okay my iPad3,3 is now untethered jailbroken…

Although the iPhone Dev-Team already announced their own jailbreak of the device earlier today, they did not specify whether their jailbreak was tethered or untethered.

I0n1c’s jailbreak will likely work on all iOS 5.1 devices including the iPhone 4S if its released. Earlier this week he posted images of a jailbroken iPad 2 on iOS 5.1.

UPDATE: I0n1c posted a YouTube video to show the jailbreak: