How to Jailbreak iOS 4.3.2 on iPhone 4 Using PwnageTool [Guide]

The just released iOS 4.3.2 has been successfully jailbroken on iPhone 4 using PwnageTool and unofficial PwnageTool bundles. At this stage this jailbreak is tethered, meaning you have to connect your device with PC for successful boot. It is yet to be confirmed whether @i0nic’s untethered jailbreak exploit has been patched in this release or it is still open. Here is the step by step guide to get jailbreak state on iPhone 4 running on iOS 4.3.2. The guide for other devices will be published later.

The steps involved in this guide can be divided into 5 parts.

  1. Downloading the required files
  2. Patching/modifying the existing PwnageTool to make it compatible with iOS 4.3.1
  3. Creating custom iOS 4.3.2
  4. Restoring custom iOS 4.3.2 on your device
  5. Booting the device

Part 1: What’s Required:

Part 2: Patching / Modifying PwnageTool using custom bundles

Since official Pwnagetool can not jailbreak iOS 4.3.2, we have to modify it using the custom PwnageTool bundles. First of all move Pwnagetool into Applications folder.

Step 1: Right click on the PwnageTool which you download in Par-1 and then click on “Show Package Contents”.

jailbreak

 

Step 2: Navigate to this path /Contents/Resources/FirmwareBundles and put the bundle iPhone3,1_4.3.2_8H7.bundle which you will find in the PwnageTool bundle folder.

Step 3: Close the folder.

Part 3: Creating Custom iOS 4.3.2

Step 1: Launch the updated iTunes.

Step 2: Back up your device.

Step 3: Launch modified PwnageTool from Application folder.

Step 4: Now select your iPhone and click the blue arrow to continue.

Jailbreak iOS 4.3 GM on iPhone 4 using Unofficial PwnageTool Bundle 12

Step 5: Browse for iPSW file (iOS 4.3.2) which you have already downloaded in Part 1. (Make it sure that iPSW file is placed on desktop)

Jailbreak iOS 4.3 GM on iPhone 4 using Unofficial PwnageTool Bundle 22

Step 6. Now hit the Build button to cook the custom firmware and save it on your PC.

jailbreak iOs 4.3.1

Part 4: Restoring iOS 4.3.2 Custom Firmware

Put your iPhone into DFU mode. PwnageTool will help you in this process. Follow the onscreen instructions for this purpose.

dfu mode

  • Hold Power and Home buttons for 10 seconds
  • Now release the Power button but continue holding the Home button for 10 more seconds
  • You device should now be in DFU mode

After the iPhone is in DFU mode, launch iTunes and it will tell you it has found an iPhone in recovery mode. Press OK to continue.

Jailbreak iOS 4.3.1 on iPhone 4 using Unofficial PwnageTool Bundle iTunes iPhone in Recovery M

To install the custom cooked firmware, press the Alt/Option key and click on “Restore” in iTunes.

Now wait for few minutes until iTunes does its job. The iPhone will reboot after it has been restored successfully.

Part 6: Booting the Device in Tethered Boot

Since iOS 4.3.2 jailbreak is tethered, we will have to connect the device with PC and use a software “tetheredboot” to boot it into a tethered jailbroken state.

Tetheredboot utility requires two files from iOS 4.3 to do its jobs. The names of those files are

  • kernelcache.release.n90
  • and iBSS.n90ap.RELEASE.dfu.

To get these files, change the extension of iOS 4.3.2 from .ipsw to .zip and extract it. You will find them under /Firmware/dfu/ folder.

Put all these files and tetheredboot utility into a new folder on desktop and name it “tetheredboot”.

How to Invoke Tethered Boot:

Start terminal and drag “teheredboot” into it. Now type “-i” (without quotes) and drag iBSS file, and then type “-k” and drag Kernel file into terminal. You can watch this video for more details.

/Users/AamirUsman/Desktop/tetheredboot/tetheredboot –i
/Users/AamirUsman/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu -k
/Users/AamirUsman/Desktop/tetheredboot/kernelcache.release.n90

Replace “Aamirsman” with the name of user on your Mac machine and “Desktop” with name of location where you placed the “tetheredboot” folder.

When you are asked to put your device into DFU mode, follow the same method you used in Part 4. After a short period of time you will see “Exiting libpois0n” in the terminal windows which indicates your iPhone, iPad, iPod Touch will be booted within few moments.

Here is the complete video guide on how to boot the device  jailbroken on iOS 4.3.2 using tetheredboot.

[yframe url='http://www.youtube.com/watch?v=ri4LENZ6hxQ']

Enjoy tethered jailbroken device running on iOS 4.3.2.

Disclaimer: This guide is posted for testing and educational purposes only. Please don’t try it if you don’t know what you are going to do.

You can also download the bundles from Blogsdna.