Apple today released iOS 4.3.1 for idevices which has already been jailbroken after making some modifications in the existing PwnageTool bundles developed by Djayb6.
Jailbreaking iOS 4.3.1 on all idevices including iPhone 4 is tethered for now, which means you have to connect your device with the PC to get jailbroken state on it after every reboot.
Update: Redsn0w 0.9.6, Pwnagetool 4.3 and Sn0wbreeze 2.5 are now available to jailbreak iOS 4.3.1 untethered on all idevices except iPad 2.
The complete step by step instructions to jailbreak iPhone 4 are posted here. We can break the method into 6 parts.
- Downloading the required files
- Patching/modifying the existing PwnageTool to make it compatible with iOS 4.3.1
- Patching Ramdisk
- Creating custom iOS 4.3.1
- Restoring custom iOS 4.3.1 on your device
- Booting the device
Part 1: Download the Required Files
You should have the following on your computer before starting the actual process.
- Latest version 10.2.1 of iTunes installed on your PC
- PwnageTool
- PwnageTool bundles for iOS 4.3.1 and Universal Ramdisk Fixer (Both in one folder download here
Link 1, Link 2) Official Download links for PwnageTool bundles including updated Ramdisk Fixer - Newly released iOS 4.3.1 .iPSW file for your device
Part 2: Patching / Modifying PwnageTool using custom bundles
Since official Pwnagetool can not jailbreak iOS 4.3.1, we have to modify it using the custom PwnageTool bundles. First of all move Pwnagetool into Applications folder.
Step 1: Right click on the PwnageTool which you download in Par-1 and then click on “Show Package Contents”.
Step 2: Navigate to this path /Contents/Resources/FirmwareBundles and put the bundle iPhone3,1_4.3.1_8G4.bundle which you will find in the PwnageTool bundle folder.
Step 3: Close the folder.
Part 3: Patching Ramdisk
Now we have to fix the broken PwnageTool ramdisk process to support iOS 4.3.1.
Step 1: Launch Universal Ramdisk Fixer which is also included in the PwnageTool folder
Step 2: Follow the simple on-screen instruction to fix the ramdisk.
Part 3: Creating Custom iOS 4.3.1
Step 1: Launch the updated iTunes.
Step 2: Back up your device.
Step 3: Launch modified PwnageTool from Application folder.
Step 4: Now select your iPhone and click the blue arrow to continue.
Step 5: Browse for iPSW file (iOS 4.3.1) which you have already downloaded in Part 1. (Make it sure that iPSW file is placed on desktop)
Step 6. Now hit the Build button to cook the custom firmware and save it on your PC.
Part 5: Restoring iOS 4.3.1 Custom Firmware
Put your iPhone into DFU mode. PwnageTool will help you in this process. Follow the onscreen instructions for this purpose.
- Hold Power and Home buttons for 10 seconds
- Now release the Power button but continue holding the Home button for 10 more seconds
- You device should now be in DFU mode
After the iPhone is in DFU mode, launch iTunes and it will tell you it has found an iPhone in recovery mode. Press OK to continue.
To install the custom cooked firmware, press the Alt/Option key and click on “Restore” in iTunes.
Now wait for few minutes until iTunes does its job. The iPhone will reboot after it has been restored successfully.
Part 6: Booting the Device in Tethered Boot
Since iOS 4.3.1 jailbreak is tethered, we will have to connect the device with PC and use a software “tetheredboot” to boot it into a tethered jailbroken state.
Tetheredboot utility requires two files from iOS 4.3 to do its jobs. The names of those files are
- kernelcache.release.n90,
- and iBSS.n90ap.RELEASE.dfu.
To get these files, change the extension of iOS 4.3.1 from .ipsw to .zip and extract it. You will find them under /Firmware/dfu/ folder.
Put all these files and tetheredboot utility into a new folder on desktop and name it “tetheredboot”.
Method 1 to Invoke Tethered Boot:
Start terminal and run the following commands:
sudo -s
type your admin password and run:
/Users/aamirusman/Desktop/tetheredboot/tetheredboot
/Users/aamirusman/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu
/Users/aamirusman/Desktop/tetheredboot/kernelcache.release.n9
Replace “aamirusman” with the name of user on your Mac machine and “Desktop” with name of location where you placed the “tetheredboot” folder.
When you are asked to put your device into DFU mode, follow the same method you used in Part 5. After a short period of time you will see “Exiting libpois0n” in the terminal windows which indicates your iPhone, iPad, iPod Touch will be booted within few moments.
Method 2 to Invoke Tethered Boot:
Put your device into DFU mode. Open the terminal and run the following commands.
cd /Users/username/Desktop/Tetherboot/
./tetheredboot iBSS.n90ap.RELEASE.dfu kernelcache.release.n90
You can also check this command, posted by DjayB6 over twitter, to boot the device tethered.
Here is the complete video guide on how to boot the device jailbroken on iOS 4.3.1 using tetheredboot.
Enjoy tethered jailbroken device running on iOS 4.3.1.
Thank Youuuuuuuuuuuuuuu! I’m from Mexico and I did it in my iPhone 3GS 32GB iOS 4.3.1 AT&T without original SIM! Just one thing :/ the commands in the terminal in my mac no worked :( but I used the windows version tetheredboot.exe on Windows 7 32b and finished :)