Jailbreak iPhone, iPod Touch, iPad

Good news from DevTeam. They just announced via twitter that unlock for firmwares 3.1.3 and 4.0 is ready:

RT @MuscleNerd: ultrasn0w tips: 1) Works for all basebands since 3.0 FW 2) Remember to disable 3G on T-Mobile USA

ultrasn0w 0.93 released! Cydia repo is repo666.ultrasn0w.com. Works with basebands 04.26.08 thru 05.13.04

This means, that all users with basebands 04.26.08, 05.11.07, 05.12.01 and 05.13.04 can use ultrasn0w 0.93.

There is no jailbreak for just released iOS4, so you need to wait a bit. Firmware 3.1.3 who need unlock can update ultrasn0w and use their iPhones with any carrier.

Apple recentrly released new version of iPhone OS 4. it is called iOS 4.0 GM. Here is an update from DevTeam about iOS 4 jailbreak:

For those who can legitimately activate to the iPhone3G 4.0GM seed, the “point to previous IPSW” redsn0w trick works and will jailbreak your 4.0GM. The “trick” is to point redsn0w at the 4.0beta4 IPSW instead of 4.0GM (do this after you’ve updated to 4.0GM and activated through the new iTunes 9.2 on your Mac). Since the carrier unlocks aren’t yet supported at 4.0, don’t do this if you use yellowsn0w/ultrasn0w/blacksn0w. Many JB apps are still pretty buggy in 4.0, so again this is mostly useful only for developers of those JB apps.

Note: If you’re experiencing MobileSafari crashes, double check that you’re running the version at the bottom of this page.

For those without legit iPhone3G 4.0GM seed access, please wait until the full public 4.0 release for updates to the jailbreak tools.

You can download redsn0w 0.9.5.b4 here.

Last week Apple has released its iPhone Os 4.0 beta 4 and redsn0w is finally updated to support this as well as beta 1. New version of jailbreak is 0.9.5.b4 and it can be applied on iPhone 3G only(!).

Redsn0w 0.9.5.b4 is targeted at developers who make jailbroken apps, and will not work if you are already using blacksn0w, ultrasn0w or yellowsn0w.

iPhone Dev-Team warns:

“You should stay clear of this beta software if you rely on a carrier unlock.”

To use the jailbreak, follow the guide below:

1. Download redsn0w 0.9.5.b4 here. (Only Mac OS X version since app are developed on this OS).
2. Make sure you have already activated your iPhone 3G with iTunes and your own developer ID.
3. Launch the jailbreak.
4. Select your stock iPhone1,2_4.0_8A274b_Restore.ipsw (beta4) or iPhone1,2_4.0_8A230m_Restore.ipsw (beta1) file that you used to update your firmware.
5. Choose “Install Cydia” and then click “Next”. Use DFU mode to install the redsn0w.
6. When your iPhone 3G comes back up, you will notice Cydia has a blank white icon. It also has no sources so you should go to the Sources panel and add this repo: http://apt.saurik.com/cydia-3.7 (make sure you are connected to the Internet before). When Cydia restarts, you should see its real logo now, and the standard sources should be ready to use.

Finally the jailbreak for iPad, iPhone and iPod Touch from the Dev Team is available for download. It’s free and untethered and it’s called “Spirit”. The jailbreak supports every iDevice with firmware version 3.1.2, 3.1.3 or 3.2.

If you have iPhone 3GS or an iPad you should backup your SHSH blobs before using the jailbreak. ECID SHSH or SHSH blob is a unique signature given to every Apple mobile device. When you decide to restore the firmware on your iPhone, iPod Touch or iPad, Apple servers checks this signature.

As you know, if a new firmware is released it becomes impossible to restore the older firmware from iTunes. But Cydia creator tuned up a new server and now it mimics Apple’s verification server and saves your older SHSH blobs so that you can restore back your device to the older firmware. Without having your SHSH blobs saved you may accidentally update new firmware and then you not only lose your jailbreak but also won’t be able to restore the older firmware to re-jailbreak your device.

This is also important because there is a big possibility that Apple will soon find out what exploit is used by the jailbreak and then it will be patched in the form of new firmware.

You can save your SHSH blob in three ways. Here is a guide to make it using AutoSHSH.

1. Download AutoSHSH. (Latest version is here).



2. Start AutoSHSH and plug in you iPhone/iPod Touch/iPad in recovery mode (only one device at a time). Recovery mode launches when you turn off your device and hold down the “Home” button when connecting the USB cable. Then you must see “Connect to iTunes” message and logo on your device.



3. In AutoSHSH click on “Grab my SHSH Blobs Automatically”. When the app will grab the signature you must choose whether you want to save it locally or not. Do not forget where you saved the signature. In the end of the procedure AutoSHSH will also upload it to saurik’s server.

If you have some problems with using AutoSHSH to save your blobs, write it in comments or try saurik’s method or Firmware Umbrella instead.

Now, when you saved you SHSH blobs, you can make the jailbreak. It is recommended for you to sync your device with iTunes beforehand. Then use the following guide:

1. Download “Spirit” (link for Windows, link for Mac OS X).
2. Plug in your device (it will be instantly recognized).
3. Hit the “Jailbreak” button.

That’s all!

Additionally here is a video tutorial for jailbreaking:

Please note that Spirit is not a carrier unlock so it won’t allow you to use unauthorized wireless carriers. The jailbreak is also “sort of beta”, so it may be buggy. DevTeam notifies that some apps in Cydia that are NOT designed for iPad may crash your system and require you to restore so be careful.

Wow! Hours after iPad 3G sales launch and it has already been jailbroken! Below is a video of MuscleNerd where jailbroken iPad 3G runs Cydia.

MuscleNerd used the jailbreak called “Spirit”. It’s a tool that makes untethered unlock of iPad, iPod Touch 3G and iPhone 3GS and DevTeam promises it will be available soon. Stay tuned for further instructions how to save your SHSH Blobs and then use Spirit to jailbreak your device.

MuscleNerd just released redsn0w 0.9.5 beta – the first public jailbreak of iPhone OS 4. This utility is only for developers of jailbroken apps, so they can update apps for firmware 4.0. The jailbreak only supports the iPhone 3G and runs on MAC OS X. There is no carrier unlock right now.

You can download RedSn0w 0.9.5 and get more info here.

Geohot, the famous iPhone hacker and the creator of different jailbreak and unlock utilities (purplera1n, blackra1n and blacksn0w), is now working on a new jailbreak utility. It will support untethered jailbreak for all devices with the latest bootrom and the latest firmware. This includes iPhone 3GS and iPod Touch 3G.

Here is what Geohot writes in his blog:

The jailbreak is all software based, and is as simple to use as blackra1n. It is completely untethered, works on all current tethered models(ipt2, 3gs, ipt3), and will probably work on iPad too.

Don’t ask about a release date. You won’t make it happen any sooner.

It is still unclear if he used one of the recent iPhone Safari hacks to gain control of the device or if this is something else.

Here is a teaser video:

Recently MuscleNerd, the member of DevTeam, reported the presence of an interesting security bug in Safari for the iPhone. It will probably allow a quick remote jailbreak of iPhone or iPod Touch simply by connecting the device to an external website created for this purpose.

The bug was discovered by two hackers Ralph Phillip and Vincenzo Iozzo, who won the prize of $15 000 during CanSecWest. Their initial idea was to use a web portal to do the exploit of the SMS database and retrieve it’s content.

Today Apple began selling iPhones without AT&T plan. Apple’s new policy is that anyone can walk into an Apple Store and pick up an iPhone 8GB for $499, 16GB for $599 and 32GB for $699. They allow one unit per customer per day, up to 10 iPhones.

The iPhones are still locked to AT&T’s network. Of course, these devices will be sold with the latest baseband which is not yet unlockable; however, you can use RedSn0w to perform a tethered jailbreak.

The number of jailbreak utilities for iPhones and iPod Touches with the latest iBoot is dramatically increasing. All of them are FAKE. Some of them will fill your computer with viruses, which is not good.

gull1hack, spartanbr3ak, br0k3n_appl3 are just some of these new programs that in one way or another deceive the user and then run malicious code. We therefore ask you to stay away from ANY such software. Some time in the future GeoHot or DevTeam will release new jailbreak and unlock software. Other than that is fake and dangerous. Install only programs you trust or the ones recommended by iPhoneRoot.

Here is a twitter comment from DevTeam: