SubscribeThis step-by-step guide will show you how to use Dev Team’s PwnageTool 3.1.3. Some important points to note before we start:
- Hacking your iPhone could void its warranty. So please proceed with caution.
- This guide is applicable only for iPhone 3GS users. iPhone 3G users can refer to this guide. We’ll publish a guide for iPhone 2G users shortly.
- PwnageTool 3.1.3 will work only if you had jailbroken or pwned your iPhone 3GS running iPhone OS 3.0 or iPhone OS 3.0.1. If you accidentally upgraded your jailbroken iPhone 3GS to iPhone OS 3.1 then PwnageTool 3.1.3 might not work.
- If your iPhone 3GS came with iPhone OS 3.1 pre-installed or you have not jailbroken your iPhone 3GS running iPhone OS 3.0 or iPhone OS 3.0.1 then PwnageTool 3.1.3 will not work. Dev Team is figuring out a way to make it work so please be patient.
- PwnageTool does not unlock iPhone 3GS but it allows you to jailbreak your iPhone 3GS by allowing you to create a pre-jailbroken iPhone OS 3.1 and also preserves your iPhone 3GS’s baseband from getting updated so that you can use UltraSn0w to unlock it.
- Upgrading to iPhone OS 3.1 breaks tethering hack.
- This guide cannot be used to downgrade your baseband from 05.11.07 to 04.26.08 (currently there no method away to downgrade the baseband from 05.11.07 included in iPhone OS 3.1).
- If you already have a jailbroken iPhone and have installed jailbreak iPhone apps then this method will also result in wiping out the jailbreak apps. You’ll need to reinstall them via Cydia.
- The only way to update your jailbroken iPhone 3GS to jailbroken iPhone OS 3.1 and preserve its baseband is by using the PwnageTool 3.1. PwnageTool is only available for Mac users, so Windows users who want to unlock their iPhone 3GS should either get the custom firmware created by the PwnageTool on a Mac from someone they trust or borrow their friend’s Mac and follow this guide.
Step One
Make a folder called “Pwnage” on the desktop. In it, you will need a couple of things. PwnageTool 3.1, found here or here
You will also need the 3.1 iPhone firmware.
3.1.0 (3G): iPhone1,2_3.1_7C144_Restore.ipsw
When downloading the IPSW file, it is best to download it with Firefox since Safari often auto extracts it!
Step Two
Double click to mount PwnageTool 3.1 then drag the PwnageTool icon into the Pwnage folder.
Then from the Pwnage folder double click to launch the PwnageTool application.
Click Ok if presented with a warning.
Step Three
Click to select Expert Mode from the top menu bar
Step Four
Click to select your iPhone. A check-mark will appear over the image of the phone.
Step Five
Click the blue arrow button to continue. You will be brought to the “Browse for IPSW” page. On my laptop, it automatically found the IPSW. If PwnageTool doesn’t automatically find the ipsw file you can click Browse for IPSW….
Click to select the found IPSW file, a checkmark will appear next to it. Then click the blue arrow button to continue.
Step Six
You will then be brought to a menu with 7 choices. Click to select General then click the blue arrow button.
The General settings allows you to decide the partition size. Check Activate the phone if you are not with an official carrier then click the blue arrow button.
NOTE*: Deselect Activate if you have an iPhone legitimately activated on an official carrier.
NOTE*: You may need to increase the size of the root partition slightly. My first attempt failed at creating the IPSW until I increased the size to about 695 MB.
The Bootneuter settings are greyed out for the 3G iPhone. Click the blue arrow button.
The Cydia settings menu allows you to create custom packages so you do not have to manually install the necessary them later.
Click to select the Download packages tab. Then click the Refresh button to display all the available packages. Double clicking the package you want will download it and make it available in the Select Packages tab.
Checkmark the ones you want then Click the blue arrow button.
The Custom Packages Settings menu displays listed package settings for your custom IPSW. For know leave these settings as is. Click the blue arrow button to continue.
The Custom Logos Settings menu allows you to add your own images as boot logos. Click the Browse button to select your Boot logo and Recovery logo. If you would like to use the iClarified ones they can be found here: Boot Logo, Recovery Logo
Click the blue arrow button to continue.
Step Seven
You are now ready to begin the pwnage process! Click the Build button to select it then click the Blue arrow button to begin.
Step Eight
You will be asked to save your custom .ipsw file. Save it to your Pwnage folder you created on your Desktop.
Your IPSW is not being built. Please allow up to 10 minutes.
You will be asked to enter your administrator password. Do this then click the OK button.
When prompted if your iPhone has been Pwned before, we clicked No. It allows for a more thorough restore.
You will be asked to turn off the device. Make sure it is connected to the USB port.
Step Nine
Be ready to follow directions now. It will ask you to hold the home button and the power button for 10 seconds. Then, you will have to release the power button and hold the home button for 10 seconds to enter DFU.
If you fail, it will show you a message. Click Yes. Unplug the iPhone from the USB. Turn it off, then turn it back on. Plug it back into the USB and turn off the iPhone when prompted.
When done correctly, PwnageTool will display a message telling your that it successfully entered DFU mode. iTunes will also pop-up.
Step Ten
In iTunes, hold the Alt/Option key and click Restore.
Step Eleven
Navigate to the Pwnage folder on your desktop using the dialog window that appears. Select the custom IPSW that was created (iPhone1,2_3.1_7C144_Custom_Restore.ipsw) and click the Open button.
Step Twelve
iTunes will now restore the firmware on your iPhone. This can also take up to 10 minutes.
Sources: iClarified
