Jailbreak iPhone, iPod Touch, iPad

Good news from DevTeam. They just announced via twitter that unlock for firmwares 3.1.3 and 4.0 is ready:

RT @MuscleNerd: ultrasn0w tips: 1) Works for all basebands since 3.0 FW 2) Remember to disable 3G on T-Mobile USA

ultrasn0w 0.93 released! Cydia repo is repo666.ultrasn0w.com. Works with basebands 04.26.08 thru 05.13.04

This means, that all users with basebands 04.26.08, 05.11.07, 05.12.01 and 05.13.04 can use ultrasn0w 0.93.

There is no jailbreak for just released iOS4, so you need to wait a bit. Firmware 3.1.3 who need unlock can update ultrasn0w and use their iPhones with any carrier.

Last week Apple has released its iPhone Os 4.0 beta 4 and redsn0w is finally updated to support this as well as beta 1. New version of jailbreak is 0.9.5.b4 and it can be applied on iPhone 3G only(!).

Redsn0w 0.9.5.b4 is targeted at developers who make jailbroken apps, and will not work if you are already using blacksn0w, ultrasn0w or yellowsn0w.

iPhone Dev-Team warns:

“You should stay clear of this beta software if you rely on a carrier unlock.”

To use the jailbreak, follow the guide below:

1. Download redsn0w 0.9.5.b4 here. (Only Mac OS X version since app are developed on this OS).
2. Make sure you have already activated your iPhone 3G with iTunes and your own developer ID.
3. Launch the jailbreak.
4. Select your stock iPhone1,2_4.0_8A274b_Restore.ipsw (beta4) or iPhone1,2_4.0_8A230m_Restore.ipsw (beta1) file that you used to update your firmware.
5. Choose “Install Cydia” and then click “Next”. Use DFU mode to install the redsn0w.
6. When your iPhone 3G comes back up, you will notice Cydia has a blank white icon. It also has no sources so you should go to the Sources panel and add this repo: http://apt.saurik.com/cydia-3.7 (make sure you are connected to the Internet before). When Cydia restarts, you should see its real logo now, and the standard sources should be ready to use.

Finally the jailbreak for iPad, iPhone and iPod Touch from the Dev Team is available for download. It’s free and untethered and it’s called “Spirit”. The jailbreak supports every iDevice with firmware version 3.1.2, 3.1.3 or 3.2.

If you have iPhone 3GS or an iPad you should backup your SHSH blobs before using the jailbreak. ECID SHSH or SHSH blob is a unique signature given to every Apple mobile device. When you decide to restore the firmware on your iPhone, iPod Touch or iPad, Apple servers checks this signature.

As you know, if a new firmware is released it becomes impossible to restore the older firmware from iTunes. But Cydia creator tuned up a new server and now it mimics Apple’s verification server and saves your older SHSH blobs so that you can restore back your device to the older firmware. Without having your SHSH blobs saved you may accidentally update new firmware and then you not only lose your jailbreak but also won’t be able to restore the older firmware to re-jailbreak your device.

This is also important because there is a big possibility that Apple will soon find out what exploit is used by the jailbreak and then it will be patched in the form of new firmware.

You can save your SHSH blob in three ways. Here is a guide to make it using AutoSHSH.

1. Download AutoSHSH. (Latest version is here).



2. Start AutoSHSH and plug in you iPhone/iPod Touch/iPad in recovery mode (only one device at a time). Recovery mode launches when you turn off your device and hold down the “Home” button when connecting the USB cable. Then you must see “Connect to iTunes” message and logo on your device.



3. In AutoSHSH click on “Grab my SHSH Blobs Automatically”. When the app will grab the signature you must choose whether you want to save it locally or not. Do not forget where you saved the signature. In the end of the procedure AutoSHSH will also upload it to saurik’s server.

If you have some problems with using AutoSHSH to save your blobs, write it in comments or try saurik’s method or Firmware Umbrella instead.

Now, when you saved you SHSH blobs, you can make the jailbreak. It is recommended for you to sync your device with iTunes beforehand. Then use the following guide:

1. Download “Spirit” (link for Windows, link for Mac OS X).
2. Plug in your device (it will be instantly recognized).
3. Hit the “Jailbreak” button.

That’s all!

Additionally here is a video tutorial for jailbreaking:

Please note that Spirit is not a carrier unlock so it won’t allow you to use unauthorized wireless carriers. The jailbreak is also “sort of beta”, so it may be buggy. DevTeam notifies that some apps in Cydia that are NOT designed for iPad may crash your system and require you to restore so be careful.

Famous iPhone hacker, Geohot, is working on a new jailbreak tool for future iPhone/iPad with firmware 4.0. The codename of this new utility is LimeRa1n. No release date yet. We’ll keep you updated.

MuscleNerd just released redsn0w 0.9.5 beta – the first public jailbreak of iPhone OS 4. This utility is only for developers of jailbroken apps, so they can update apps for firmware 4.0. The jailbreak only supports the iPhone 3G and runs on MAC OS X. There is no carrier unlock right now.

You can download RedSn0w 0.9.5 and get more info here.

A few hours ago iH8sn0w posted a tweet that he is able to run jailbreak on the new firmware 4.0 beta 1. DarkMalloc, another developer who worked on the project, has just released new video that shows firmware 4.0 jailbreak on iPhone 3G:

The interesting thing, besides the presence of Cydia and MobileTerminal, is the possibility to have multiple applications open at once. That means that multitasking on iPhone 3G can be enabled. Officially Apple doesn’t want to activate this functionality on iPhone 3G, just iPhone 3GS and later devices.

Geohot, the famous iPhone hacker and the creator of different jailbreak and unlock utilities (purplera1n, blackra1n and blacksn0w), is now working on a new jailbreak utility. It will support untethered jailbreak for all devices with the latest bootrom and the latest firmware. This includes iPhone 3GS and iPod Touch 3G.

Here is what Geohot writes in his blog:

The jailbreak is all software based, and is as simple to use as blackra1n. It is completely untethered, works on all current tethered models(ipt2, 3gs, ipt3), and will probably work on iPad too.

Don’t ask about a release date. You won’t make it happen any sooner.

It is still unclear if he used one of the recent iPhone Safari hacks to gain control of the device or if this is something else.

Here is a teaser video:

Recently MuscleNerd, the member of DevTeam, reported the presence of an interesting security bug in Safari for the iPhone. It will probably allow a quick remote jailbreak of iPhone or iPod Touch simply by connecting the device to an external website created for this purpose.

The bug was discovered by two hackers Ralph Phillip and Vincenzo Iozzo, who won the prize of $15 000 during CanSecWest. Their initial idea was to use a web portal to do the exploit of the SMS database and retrieve it’s content.

iH8sn0w has just released a new version of Sn0wbreeze, the Windows tool that allows you to jailbreak Firmware 3.1.3. This is a small update that fixes a problem that occurs only on 64bit operating system.

You can download the new sn0wbreeze 1.5.2 here.

We still recommend to use DevTeam utilities – RedSn0w (Windows and MAC OS) and PwnageTool (MAC OS only).

iH8sn0w, through a new tweet, informs that his new utility f0recast will be released tonight.

There are many different iPhone and iPod Touch models and firmware versions for them. Each device has it’s own bootrom, bootloader, iBoot and baseband versions that determine if user can perform jailbreak and unlock. So it is quite complicated for users to answer a simple question: “Is my device jailbreakable?”. f0recast will solve this problem.

f0recast is a small Windows application that will able to give a straight answer if the iPhone or iPod touch is able to be jailbroken. Just connect your iPhone, launch the app and push a button.

f0recast is only an informational tool which determines if your device can or cannot be jailbreaked. It will NOT jailbreak your device.