About a week ago Apple released iOS 4.2 version for Apple TV 2G. And if you want to run third-party apps and plugins on Apple TV2 like nitoTV, GrooveShark Client and Plex Client, here is step by step guide to jailbreak the device on iOS 4.2 with PwnageTool.
The PwnageBundle which is being used in this guide to jailbreak ATV2 on iOS 4.2 is not from official sources but it works without any problem and is tested by @nitoTV, the developer behind popular nitoTV plugin.
This whole guide is taken from ReadMe file present in PwnageBundle folder because we couldn’t find a better way to explain all these steps. Very very special thanks to @nitoTV for this awesome guide!
Disclaimer: If you do not have your SHSH blobs backed up for your AppleTV at 4.1 i HIGHLY advise avoiding any upgrading whatsoever, tethered or not, until a real proper jailbreak is available. If you don’t understand the above GO BACK NOW, do NOT attempt the following.
Made it this far? Another warning:
If you aren’t a developer or someone trying to tweak iOS 4.2 the following jailbreak is STRONGLY discouraged. Booting tethered on the AppleTV is an easy process, but it is still a PITA that a casual user would probably not have the desire to put up with. Read the ENTIRE documentation at least once before running through the process.
You will need a computer that is close enough to your AppleTV that it can be plugged into USB, power and HDMI without any major movement of the AppleTV itself), if you don’t meet this requirement the following is impossible, unless your microUSB cable is REALLY long.
Required:
- A MicroUSB cable
- An Intel Apple laptop Running Snow Leopard (i say laptop because of reaching distance for the USB, power, HDMI)
- AppleTV 4.2 ipsw AppleTV2,1_4.2_8C150_Restore.ipsw
- PwnageTool 4.1.2 ( 4.1.3 is untested but could potentially work as well) (this is an unofficial mirror http://iphoneroot.com/download/PwnageTool_4.1.2.dmg and still works as of 11-29-10)
Step 1. Move this entire folder to the desktop (only necessary if you are following these directions verbatim)
Step 2. Open Terminal app (if you don’t know where this is, you REALLY shouldn’t be doing this.
Step 3. run the following commands (this will fail if you didn’t move this folder to the desktop, PwnageTool almost MUST be in your /Applications folder)
cp -r ~/Desktop/tethered/AppleTV2,1_4.2_8C150.bundle /Applications/PwnageTool.app/Contents/Resources/FirmwareBundles/
cp ~/Desktop/tethered/Info.plist /Applications/PwnageTool.app/Contents/Resources/CustomPackages/CydiaInstallerATV.bundle/Info.plist
Step 4. Run PwnageTool on the 4.2 ipsw (if you don’t know how to do this, again you REALLY shouldn’t be here) saving into the ~/Desktop/tethered folder with the default name PwnageTool gives it (AppleTV2,1_4.2_8C150_Custom_Restore.ipsw)
Step 5. back in the terminal run the following:
unzip -j ~/Desktop/tethered/AppleTV2,1_4.2_8C150_Custom_Restore.ipsw Firmware/dfu/iBSS.k66ap.RELEASE.dfu kernelcache.release.k66 -d ~/Desktop/tethered/
Step 6. Restore the AppleTV to the ~/Desktop/tethered/AppleTV2,1_4.2_8C150_Custom_Restore.ipsw firmware (your AppleTV SHOULD be in DFU mode after finishing up with PwnageTool)
NOTE: Do not install any packages through cydia in expert mode, this produced very unpredictable results.
Step 7. Unplug and then replug the USB, after the AppleTV has finished started up (will be blinking steadily), plug in the power cable
Step 8. Run the following commands in terminal:
cd ~/desktop/tethered
./tetheredboot -i iBSS.k66ap.RELEASE.dfu -k kernelcache.release.k66
NOTE: it will loop a complaint re: DFU mode, just ignore this, once you are finished getting in DFU mode tetheredboot will take over.
Step 9. MANUALLY put the AppleTV in DFU (*DO NOT USE PWNAGETOOL*)
DFU Mode:
- Hold Menu for 7 Seconds
- Without releasing menu, press power for 7 seconds
successful output from tetheredboot looks like this:
Initializing libpois0n
No matching processes belonging to you were found
Waiting for device to enter DFU mode
Device must be in DFU mode to continue
opening device 05ac:1227…
Found device in DFU mode
Checking if device is compatible with this jailbreak
Checking the device type
Identified device as AppleTV2,1
Preparing to upload limera1n exploit
Resetting device counters
Sending chunk headers
Sending exploit payload
Sending fake data
libusb:error [darwin_transfer_status] transfer error: timed out
Exploit sent
Reconnecting to device
Waiting 2 seconds for the device to pop up…
opening device 05ac:1227…
Uploading iBSS.k66ap.RELEASE.dfu to device
[==================================================] 100.0%
libusb:error [darwin_reset_device] ResetDevice: device not responding
libusb:error [darwin_close] USBDeviceClose: no connection to an IOService
Waiting 10 seconds for the device to pop up…
opening device 05ac:1281…
Setting to configuration 1
Setting to interface 0:0
Uploading kernelcache.release.k66 to device
[==================================================] 100.0%
libusb:error [darwin_transfer_status] transfer error: device not responding (value = 0xe00002ed)
Step 10. If all went well, unplug USB and plug in HDMI and your AppleTV should be ready to go. You will need to repeat 7-9 every time you restart your AppleTV, this isn’t a convenient process by any stretch!
Step 11. To get nitoTV installed ( i couldn’t get the cydia, or custompackage sot work in PT)
apt-get install wget
wget -O- http://apt.awkwardtv.org/awkwardtv.pub | apt-key add –
echo “deb http://apt.awkwardtv.org/ stable main” > /etc/apt/sources.list.d/awkwardtv.list
apt-get update
apt-get install com.nito.nitotv
Note: The “Finder” app name changed from lowtide to AppleTV, this means any appliances installed through nitoTV or apt-get will not show up unless moved from /Applications/Lowtide.app/Appliances to /Applications/AppleTV.app/Appliances, we are working on a solution for this, hopefully it will be resolved in beigelist in the near future.
Special Thanks:
- chronic-dev (tetheredboot, everything in general)
- iphone-dev (pwnagetool, everything in general)
- hedsick (for the custom bundle)
- vonswankoFSM (DFU tip, pointing out my general idiocy ;P)
Download:
- Download PwnageBundle for AppleTV2 jailbreak on iOS 4.2
PwnageTool Bundle to jailbreak the latest iOS 4.2.1 on Apple TV 2 is also available now.
I don’t boot my Apple TV2 after jailbreak… It only often blinking, when connected to MacBook via USB.
If I pluging on power (and HDMI) cable, it came to nothing, no led blinking, no signal…
I use the TinyUmbrella for kick my device into Recovery Mode. After its my device not started, and not detected via TinyUmbrella….
PLEASE, HELP me, can are doing I now?
very very thanks!!!!
Well its tethered jailbreak. You have to use Redsn0w to boot it.
Everything worked until I plugged the HDMI cable back in. The “Welcome” screen (choose language, technically) screen popped up, but I was unable to control anything with the Apple Remote. The light on the ATV still would blink when I pressed any buttons on the Apple Remote, but the until would not indicate any change (up down, or enter) on screen.
Well, its tethered jailbreak, so you’ll have to use redsnow to get it booted.
Checking if device is compatible with this jailbreak
Checking the device type
Sorry device is not compatible with this jailbreak
Your device in incompatible with this exploit!
Everything’s seems to work ok except i lost my network, no connection with the network (Cable or WIFI) Any thoughts?
If I try to get ssh connection, I always get this message: connect to host “AppleTV_IP” port 22: Connection refused
PLS Help
I cant get past the Manual DFU mode either. The menu & down for 6 seconds and then menu & play for 6 seconds didnt work either. Please help if you can.
If you are not getting the DFU mode, or even in DFU mode you receivve errors during restoration, I will recommend you to use this software. A must have tool for all jailbreakers.
https://www.shoutpedia.com/ireb-4.1-4.0.x-download-for-mac-and-windows-6803/
This doesn’t work for AppleTV 2 on 4.2 firmware. When installing things in the Lowtide directory it will not show up on screen. However if you move the folder to AppleTV it will show up on reboot but then crash and stick on a reboot loop until you remove the folder again!!
You even get the reboot loop if you leave it in Lowtide and create a symbolic link in AppleTV!!
There doesn’t seem to be a way round it. Even changing all the ownership permission etc doesn’t help.
However for some reason it will not do the reboot loop and will stick with the app showing on the Apple TV home screen if you unplug the internet during the reboot loop.
But if you plug back in the internet or connect back to a wifi it will then reboot and get stuck in the loop again!!
Anyone have any ideas??? lol
The first thing, if I didn’t mention in the post, is that it is tethered jailbreak. You will have to connect your device with PC and use software like Redsn0w to boot the Apple TV. Download Redsn0w, select “just boot tethered right now” to get rid of this reboot loop.
You mention “save this folder…”…. What folder?
The folder you download from the link mentioned at the bottom of above post. Unzip it and place it at desktop.
hey guys i have a pc ..can you post your ispw so i can just restore it and thats it..??
and can you still ssh
“wrong firmware bundle selected” msg when I select 4.2 firm on pwnagetool 4.1.2 or 4.1.3 any suggestion?
go through the steps up top again, you modify pwnage tool and the bundle to accept it.
Thanks for the tutorial, but I am getting stuck at Step 9 : Manually putting into DFU Mode. When you tell us to hold the power button, what button are you talking about?
https://www.shoutpedia.com/put-apple-tv-dfu-mode-6033/