Jailbreak iPhone, iPod Touch, iPad

Pod2g has announced the discovery of 2 new vulnerabilities in his quest to jailbreak the iPhone.

News: a productive week-end. Found 2 big vulnerabilities. 1 kernel land and 1 root land.

Too bad I have to be secret again…

Last week pod2g noted that a jailbreak of iOS 5.1 would take at least a month to complete. We’ll post more information about how these new vulnerabilities will affect that schedule as soon as we hear more.

If the kernel land vulnerability is exploitable this could provide a jailbreak for the device no matter the firmware.

UPDATE: Gevey Ultra 5.1 does not work any more.

Gevey has released the Ultra 5.1 to unlock the GSM iPhone 4 on iOS 5.1. The new version supports the following modem versions: 01.59, 2.10, 3.10.1, 4.10.1, 4.11.08, and 4.12.01.

The new GEVEY Ultra unlocks your GSM iPhone 4 running iOS 5.1 and earlier and now supports modem firmware versions 1.59, 2.10, 3.10.1, 4.10.1, 4.11.08, and 4.12.01. Currently, a tethered Jailbreak is available for iOS 5.1 for iPhone 4, and you will also need to install the latest Furious Mod file for proper operation.

You can purchase the GEVEY Ultra 5.1 for $49.99 here.

A new unlock has been discovered that works for all iPhones and all 5.x firmware versions, all basebands are supported.

The method discovered by Loktar_Sun appears to exploit a logical bug in Apple’s server and can be performed on any jailbroken iOS device. His procedure involves using Sam Bingner’s SAM (Subscriber Artificial Module) package to perform a series of steps that unlocks your phone to use a specific SIM.

It has been confirmed working by iPhone Dev-Team member MuscleNerd who notes an update may be coming to SAM from @sbingner to make the procedure simpler.

We will post detailed step by step unlock instructions soon.

UPDATE: Tutorial is ready! You can find it here.

UPDATE: Tutorials for iOS 5.1.1 can be found here.

Here are our step-by-step tutorials that will guide you through all the process of jailbreaking iOS 5.1 with redsn0w and sn0wbreeze:

iPhone 4

Tethered jailbreak iOS 5.1:

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

iPhone 3GS

(Un)Tethered jailbreak iOS 5.1

• RedSn0w (Windows)
• Custom firmware and jailbreak using Sn0wBreeze (Windows)

Read the rest of this entry »

iH8sn0w, developer of sn0wbreeze and iFaith, has found a way to downgrade the firmware on A5 devices – iPhone 4S, iPad 2.

Using saved SHSH blobs, iH8sn0w was able to downgrade his A5 iPad 2 from iOS 5.1 to iOS 5.0.1. He says his method will also work with the A5X processor once firmware updates are released for the new iPad. That means that it’s possible to restore to any firmware you want on A5 devices, as long as you have the SHSH blobs saved.

This is great news for those with the iPhone 4S and newer iPads. As it stands now, if you have to restore for any reason, you will be forced to upgrade to the latest firmware. This could leave you without the ability to jailbreak for some time.

Found a loophole in Apple’s apticket system. Restored my iPad 2 to 5.0.1 from 5.1. Works on all A5 devices.

A5X devices will work too once Apple pushes a new firmware for it.

Hope we will see update to current utilities soon.

iH8sn0w has released new version of popular jailbreak utility Sn0wBreeze 2.9.3.

What is New?

• Added Apple TV 2 support for iOS 4.4.3/4.4.4.
• Fixed rare issues with iOS 5.0.1 where it would halt on the Apple upon boot.

Just adding this in mainly for users who dumped their SHSH blobs. On the initial boot, the Apple TV may have a black screen for 60 seconds after setting up the Apple TV. This is normal.

You can download Sn0wBreeze 2.9.3 here.

iH8sn0w has released new version of popular jailbreak utility Sn0wBreeze 2.9.2. Sn0wbreeze is used to create a custom firmware with jailbreak and preserve iPhone modem (baseband) version for unlock. New version 2.9 adds support for untethered iOS 5.0.1 jailbreak as well as support for all firmwares supported by previous versions of sn0wbreeze.

Version 2.9.2 features tethered iOS 5.1 jailbreak for iPhone 3GS, iPhone 4, iPad 1, iPod Touch 2G, iPod Touch 3G and iPod Touch 4G.

You can download Sn0wBreeze 2.9.2 here.

Unlockers should update only via custom firmware. Ultrasn0w for iOS 5.1 with old basebands will be released soon.

UPDATE: Tutorials for iOS 5.1 are availbale here.

Here are our step-by-step tutorials that will guide you through all the process of jailbreaking iOS 5.0.1 with sn0wbreeze, redsn0w, pwnagetool and absenthe:

iPhone 4S

UnTethered jailbreak iOS 5.0 / iOS 5.0.1:

• Absinthe (Windows)
• Absinthe (Mac)

iPhone 4

UnTethered jailbreak iOS 5.0.1:

• RedSn0w (Windows)
• Custom firmware using RedSn0w
• Custom firmware using Sn0wBreeze (Windows)
• Custom firmware using PwnageTool (Mac)

iPhone 3GS

UnTethered jailbreak iOS 5.0.1

• RedSn0w (Windows)
• Custom firmware using Redsn0w
• Custom firmware using Sn0wBreeze (Windows)
• Custom firmware using PwnageTool (Mac)

iPad 2

UnTethered jailbreak iOS 5.0.1

• Absinthe (Windows)
• Absinthe (Mac)

iPad 1

UnTethered jailbreak iOS 5.0.1

• RedSn0w (Windows)
• Sn0wBreeze (Windows)

iPod Touch 3G

UnTethered jailbreak iOS 5.0.1

• RedSn0w (Windows)
• Sn0wBreeze (Windows)

iPod Touch 4G

UnTethered jailbreak iOS 5.0.1:

• RedSn0w (Windows)
• Sn0wBreeze (Windows)

Other tutorials are available here.

You can convert tethered jailbreak to a semi-tethered jailbreak using our tutorial from here.

The iPhone 4S and iPad 2 jailbreak utilities are undergoing testing and polishing before the public release. According to ‘Dream Team’ member planetbeing:

We’re testing & fixing problems with the jb app (that @pimskeks finished the majority of at incredible speed). Still needs to be polished.

P0sixninja also tweeted it should not be much longer before the jailbreak gets released.

not much longer now

We hope to see the utilities soon, because more than a week ago there were tweetes that jailbreak should have been ready in few days.

iPhone Dev Team has posted a blog entry about upcoming public release. If you have iPad 2 or iPhone 4S go ahead and read it:

But we’re now near the final stages of testing the public version of the jailbreak.  Please allow time to clean up any remaining bugs in the jailbreak clients.Jailbreak programs:

To be as flexible as possible, the A5 version of the corona jailbreak will take multiple forms:

• Chronic Dev have incorporated the overall flow into a GUI that runs on your Mac or PC.  The goal is for the GUI to be enough for most cases.
• iPhone Dev have also incorporated the exact same flow into an alternative command-line interface (CLI). This will allow us to help users through individual steps of the jailbreak manually, to both help the user and help improve the overall flow.  Although the CLI will also allow the user to perform the entire jailbreak from beginning to end, we anticipate it will be more useful in debugging the occasional errors.  The CLI currently has over 20 individual options (in addition to the single “jailbreak” option) that should be useful during debug after the GUI release.
• Once all the bugs in the flow are worked out, we’ll also incorporate it into the redsn0w GUI (but still leave the CLI freely available too).  In order to maximize the chances of the jailbreak working for everyone, the redsn0w GUI will use native Apple iTunes libraries — this technique is slightly different than how the Chronic Dev GUI handles communications, and should provide nice combined coverage for all the odd computer configurations out there.

Firmware:

The supported firmware versions will be:

• iPhone4S: 5.0 (9A334), 5.0.1 (9A405) and the “other” 5.0.1 (9A406)
• iPad2: 5.0.1 (9A405)

iPhone4S owners looking to maximize their chances of achieving an eventual software-based carrier unlock should be staying at 5.0. Everyone else should be at 5.0.1.  If you’re an iPhone4S owner who already updated to 5.0.1, it’s too late to go back down to 5.0, but if you’re on 9A406 it is possible to downgrade the BB by going to the 9A405 version of 5.0.1 while the window is still open.

Support:

The overall flow used by the GUI and CLI to inject the A5 corona jailbreak has never been done before, and there may be unforeseen problems once it’s released to the public.  It’s very important for you to sync your data, photos, and music before attempting any version of this jailbreak.  We’ll be watching the comments section below for signs of any widespread problems, but please be aware that you jailbreak at your own risk!

When:

As mentioned at the start of this post: when testing has shown most of the bugs have been fixed!

Popular jailbreak utility Sn0wbreeze was updated to version 2.9.1. Several issues were fixed, including iPad Baseband for iPhone 3G and several PAM issues.

You can download Sn0wBreeze 2.9.1 here.

New version 2.9 adds support for untethered iOS 5.0.1 jailbreak as well as support for all firmwares supported by previous versions of sn0wbreeze. You can read more about version 2.9 here.

Step-by-step tutorials for Sn0wBreeze 2.9.1:

• iPhone 4
• iPhone 3GS
• iPad 1
• iPod Touch 3G
• iPod Touch 4G

Read the rest of this entry »