Hacker pod2g is on iOS 5.0.1 untethered jailbreak. He has recently posted an interesting update:
The jailbreak is near ready for prime time (excluding 4S and iPad 2).
For now the jailbreak is tested on all devices, including , iPhone 3GS, iPad 1, iPod Touch 3G and iPod Touch 4G. iPad 2 and iPhone 4S status is “work in progress”.
pod2g has also published a new video demo of iOS 5.0.1 untethered jailbreak for iPhone 4:
http://www.youtube.com/watch?v=qdF58anFtiQ
Pod2g has recently announced that he has successfully performed an untethered jailbreak on an running iOS 5.0.1.
Got an untethered iPhone 4 running iOS 5.0.1. Feel free to update.
Of course, if you want to SIM unlock, don’t update using Apple’s original FW nor update OTA.
This means jailbreakers can update to iOS 5.0.1. Previously it was recommended to stay on iOS 5. Unlockers as usual should stay away from Apple’s firmwares and from iOS 5.0.1.
We strongly recommend that everyone use TinyUmbrella to save their iOS 5.0.1 SHSH Blobs.
Pod2g writes in his blog, that next devices he will try to untehter jailbreak are iPod 3G, iPod 4G and iPad 1.
Chronic Dev Team is almost done with a much anticipated untethered jailbreak for iOS 5 and iOS 5.0.1. Team member and French hacker pod2g just released a video showing off the jailbreak. It looks to be near-complete and functioning properly. Take a look:
pod2g even , where he plans to post the most recent news about his progress:
Today I succeed in jailbreaking my iPod 3G. The exploit is user-land, rely on a user ROP payload and a kernel write anywhere exploit.
I can’t give much details right now, but here are the next steps :
- upgrade the iPod 3G to iOS 5.0.1
- do the same on / iOS 5.0.1
- then iPad 1 & iPod 4GAt every step, the exploit code needs certainly to be reworked, but I really don’t know right now. Next, I’ll return to the research for iPad 2 and iPhone 4S. I don’t know if I gonna release first for other devices or not. I’ve to think about it. Feel free to give your opinion.
The Chronic Dev-Team has released , their new tool that lets you help find jailbreak vulnerabilities, for Windows.
You can download the Mac and Windows versions of CDevReporter here:
More information is available in our recent post ““.
Semi-tethered jailbreak is already available for some devices for both iOS 5 and iOS 5.0.1. But we all want untethered jailbreak and we want jailbreak for iPad 2 and iPhone 4S. So why not help hackers to find new exploits and vulnerabilities?
The Chronic Dev-Team has a released a tool to collect crash reports from iOS devices in order to find vulnerabilities that could lead to an untethered jailbreak.
The idea is very simple. When your iPhone, iPad or iPod Touch crashes it sends data to Apple (you can turn it this off though). Apple uses these reports to update iOS in the future. By the way, it also uses them to fix exploits found by jailbreakers. P0sixninja says that Apple closed several exploits they have found in IOS 5 beta before the final version of the software was released.
In order to find more vulnerabilities as fast as possible, the team has developed a tool which will copy the crash reports from your device and analyze them to locate potential exploits. The tool will also remove the crash reports from your device and modify your iTunes installation to prevent uploading of that diagnostic information to Apple.
Apple has . It is still tethered jailbreakable. However if you want untethered jailbreak or unlock – you should stay away from 5.0.1
Earlier this week found in iOS 5.0 will make it easier for hackers to develop a full jailbreak for iOS 5 firmware version. That bug might have been closed in iOS 5.0.1. UPDATE: According to pod2g the bug is still present, but harder to exploit because another exploit is fixed in iOS 5.0.1.
Also, MuscleNerd via twitter has warned iOS users that there is no downgrade from iOS 5.0.1 to iOS 5.0 yet and he recommends to wait until downgrade mechanism is available.
Jailbreakers and unlockers should avoid today’s 5.0.1 until a flow for downgrading to 5.0 is developed.
Downgrade flow needs to be modified for AP “nonce” http://is.gd/b3G0io … saved SHSH blobs are not enough to downgrade to 5.0
Famous hacker Pod2g has recently announced that he discovered a bug that can untether the iOS 5 jailbreak! He posted via twitter:
Hey jailbreaking friends, I’ve found a bug that can untether iOS 5. Don’t expect a release soon, but I’m gonna work hard in it.
Pod2g has found many vulnerabilities in the past including famous SHAtter.
Here are our step-by-step tutorials that will guide you through all the process of jailbreaking iOS 5 with redsn0w 0.9.9 and sn0wbreeze 2.8:
Semi-Tethered jailbreak iOS 5:
UPDATE: Apple latest firmware is iOS 5.1.1. Apple has stopped signing all other firmwares, including iOS 5.0.1, iOS 4.3.3 and iOS 4.3.5. This means you can NOT restore to 5.0.1/4.3.3/4.3.5 any more (both original and custom), unless you have saved your SHSH keys for it.
If you have decided to perform an untethered jailbreak and unlock, you need to get the following information:
For iPhone 3G the latest is iOS 4.2.1. You can perform jailbreak with any utility. For iOS 4.2.1 you can also use them or GreenPois0n (Windows, Mac OS).
iPad 2 jailbreak is available only for iOS 4.3.3 via JailbreakMe and and iOS 5.0.1 via Absenthe.
iPhone 4S jailbreak is available for iOS 5.0 / iOS 5.0.1 via Absenthe.
Apple stopped signing iOS 4.3.3, so you cannot update to iOS 4.3.3 without SHSH keys saved (in advance some time ago). If you have , iPhone 3GS, iPad 1, iPod Touch 3G or iPod Touch 4G that run iOS 4.3.3 – use JailbreakMe or RedSn0w to untether jailbreak your device.
If you have saved SHSH keys for iOS 4.3.3 you can use PwnageTool (Mac OS) or Sn0wBreeze (Windows).
For iOS 4.3.4/4.3.5 only tethered jailbreak is possible with redsn0w. Tethered means that each time you restart your device you will have to connect it to a computer and run redsn0w. The untethered iOS 4.3.5 jailbreak is possible only for iPhone 3GS with old bootrom. You can detect your bootrom version using .
To jailbreak and unlock iOS 5 use latest version of redsn0w 0.9.9 or sn0wbreeze 2.8. You can jailbreak tethered or .
The untethered iOS 5 jailbreak is possible only for iPhone 3GS with old bootrom. You can detect your bootrom version using .
For iPhone 4/3GS, iPad 1, iPod Touch 3G/4G an untethered jailbreak is available for iOS 5.0.1. For untethered jailbreak use the latest redsn0w 0.9.10 or Corona – package from Cydia to untether currently installed tethered jailbreak.
Tutorial how to untether installed tethered jailbreak is available .
For iPhone 4S and iPad 2 use Absenthe.
For tethered iOS 5.0.1 jailbreak you an use redsn0w 0.9.9 and sn0wbreeze 2.8.
For now only tethered jailbreak is available for iPhone 4/3GS, iPad 1 and iPod Touch 3G/4G for iOS 5.1 and iOS 5.1.1.
You can download all firmwares .
Here are our step-by-step tutorials that will guide you through the jailbreak process:
iPhone 4S
UnTethered jailbreak iOS 5.0 / iOS 5.0.1:
iPhone 4
Tethered jailbreak iOS 5.1.1:
Tethered jailbreak iOS 5.1:
UnTethered jailbreak iOS 5.0.1:
Semi-Tethered jailbreak iOS 5:
Tethered jailbreak iOS 4.3.5:
UnTethered jailbreak iOS 4.3.3:
MuscleNerd has announced via Twitter that jailbreak utility RedSn0w 0.9.9b1 is released with major update and numerous new features:
Major improvements and features added to redsn0w 0.9.9b1! See update #9 at http://is.gd/6eek4Y Feedback: @redsn0w_testers
Indeed the list of new features is quite high. There are two main ones:
However this new version does not bring features like untethered jailbreak for iOS 4.3.5 or iOS 5.
Due to some possible bugs we still recommend to use the old RedSn0w 0.9.8b7b, but the new 0.9.9b1 is worth seeing and playing with.
Here are links to our RedSn0w 0.9.8b7b iOS 4.3.5 jailbreak tutorials:
You can download RedSn0w 0.9.9b1 :
Here is the full list of features from DevTeam:
Update #9: A bunch of new features!
- uses DFU mode to try to automatically determine which device and FW you have
- fetches pieces of public IPSWs from Apple (once). Non-public IPSWs must be provided manually (once). It then caches those pieces for future use.
- “Just boot” is a tethered boot. Uses whatever “Preferences” you’ve set for boot logo and kernel boot-args
- “Pwned DFU” puts your device in a pwned DFU state for some of the iTunes stuff detailed below
- “Recovery fix” gets past 1015 types of errors (when baseband portion of restore fails). Should work on iOS5 beta too
- “Select IPSW” is for picking non-public IPSWs, or overriding auto-detection
- “SHSH blobs” has a bunch of options…
- “Fetch” – fetch current PARTIAL blobs on device. Should complete in under 10 or 15 seconds. Puts the set of PARTIAL of blobs on your computer as a plist. Checks if Cydia already has a full set for this device and build. If not, it submits this PARTIAL set and returns Cydia’s acknowledgement or rejection
- “Verify” – cryptographically verifies existing blob files from either redsn0w, TinyUmbrella, or Cydia server. You can select a whole bunch of blobs to verify at once if you want (like the TinyUmbrella directory)
- “Submit” – both verifies and submits one or more blob files to Cydia. This lets you copy your entire TinyUmbrella cache of blobs up to the Cydia server
- “Query” - queries the Cydia server for all available FULL or PARTIAL blobs for a given set of ECIDs
- “Stitch” – stitches either FULL or PARTIAL blobs to a STOCK or CUSTOM IPSW
- Stitching is NOT yet supported on iPhones! Need to work out the baseband part of the restore process.
- FULL blobs stitched to a STOCK IPSW gives you a completely self-contained signed IPSW that iTunes will accept without any tricks (no need to go into pwned DFU mode, no need to start TinyUmbrella TSS server, no need to redirect to Cydia server for blobs)
- PARTIAL blobs stitched to any IPSW requires you to go into pwned DFU mode before running iTunes. No need to start TU or use Cydia though.
- Stitching either FULL or PARTIAL blobs to a CUSTOM IPSW also requires a pwned DFU start before iTunes restores. No need to start TU or use Cydia though./li>
- Will eventually support fetching the blobs directly from Cydia instead of a file on your computer