Thursday, September 25, 2008

Unlocking iPhone using Pwnage Tool for Firmware 2.1

How to Unlock an iPhone
A step by step guide for the Pwnage Tool for iPhone firmware 2.1



Before you begin unlocking your 2G iPhone here are some things you need to know or do:

1. Back up your iPhone (contacts, mails, calendar and etc.).
2. Upgrade to iTunes 8.
3. Download and install Pwnage Tool for Firmware 2.1 from blog.iphone-dev.org.
4. Unlock your iPhone at your own Risk.
5. This guide has been tested with 2G iPhone only so don't try this with your iPod Touch!
6. This guide if for Mac users only.
7. Read
blog.iphone-dev.org for more instructions.

The very first thing to do is to upgrade your iPhone firmware to version 2.1 and the only way to do this is though your iTunes 8. If you have not upgraded your iTunes yet then you can not update your iPhone firmware.
After updating your iPhone firmware you are now ready to use your Pwnage tool.


Step 1: Open your Pwnage Tool from your Applications folder.


PLEASE NOTE: COPY THE PWNAGE TOOL APPLICATION TO YOUR APPLICATIONS FOLDER OR DESKTOP BEFORE RUNNING. RUNNING DIRECTLY FROM THE DISK IMAGE WILL CAUSE ERRONEOUS BEHAVIOR (such as missing bootloader files and other oddities).


Step 2: Select what pwnage mode you want to use.



The two modes are:

1. Simple Mode - Which provides step by step instructions as below and automatically detects your correct firmware and adds the unlock and activation and jailbreak with Cydia automatically to your custom firmware.

2. Expert Mode - Where you can adjust the settings on the various different additions to the custom firmware - if you click through and do not change anything in expert mode it will make the same custom firmware as simple mode however doing this instead of simple mode can fix issues with the simple firmware not working correctly.


Step 3: Select what device you want to pwn. Click iPhone.




Step 4: Select the firmware bundle .ipsw that you wish to use. You will be prompted if Pwnage Tool cannot find this file, as a last resort you can browse for these files and you will be prompted to ask if you would like to do so.

PwnageTool will AUTOMATICALLY search for the correct firmware for your device. IMPORTANT: iPhone and iPhone 3G firmware is differently named. original iPhone firmware for 2.0 is named iPhone1,1_2.1_5F136_Restore.ipsw iPhone 3G firmware is named iPhone1,2_2.1_5F136_Restore.ipsw

You can make sure you have the correct firmware on your mac by connecting your iPhone/iPod to iTunes and clicking on restore then iTunes will download the correct firmware. Disconnect your device when downloading as you don't want to restore with standard firmware!





If you are going to unlock your original iPhone then you will need the bootloader files for 3.9 and 4.6 - the following steps let you select them.

PwnageTool will automatically detect the bootloader files for you if they are on your mac. Bootloaders can be downloaded from : http://www.enkrypted.com/bootloaders.rar


Once you have downloaded bootloaders next step is to configure your iPhone using the expert mode of the pwnagetool.


Step 5: Select General

Step 6: Put a check mark on the "Enable baseband update"

Step 7: Put a check mark on the "Update bootloader" and select Upgrade to 4.6

Step 8: Select what package to install from Cydia.

You have to click "Download Packages" tab, hit the Refresh button and add the items manually to populate the list as shown in the picture above.

Thanks to John for the help.

Step 9: Customize package settings



Step 10: Customize boot logo

Step 11: Browse for your customized Boot logo file saved in your computer.


Step 12: Upload your custmoized Boot logo file.


Step 13: Now you are ready to build your customized iPhone Software... Click "Build".


Step 14: Save your custom .ipsw file to desktop.



Step 15: Pwnage Tool will now build your .ipsw file.


Step 16: Input your admin password.




Step 17: Click NO!



This is the tricky part if you answer yes your iPhone won't have any carrier signal! So be sure to click "NO"!



Step 18: Turn of your iPhone. Please note that after turning off your device, series of instructions will be flashed on screen and you will have to follow them correctly. Failure to do so will cause DFU mode to fail.


Thanks again to John for contributing.

Step 19: Congratulations you have entered DFU Mode!


Step 20: Time to restore your iPhone with your custom .ipsw! Close Pwnage tool.

Step 21: Open iTunes 8. You will be prompted to check with the Apple servers to determine the device type. Click the "Check" button to get into recovery mode as shown in the screenshot below.


Thanks again to John for his valuable contribution.

Step 22: Restore you iPhone with your customized .ipsw file. Be sure to hold down the alt key while you click the restore button.

This is another tricky part....be sure to hold down the "alt" key while you click the restore button so that you will be able to browse for the custom .ipsw file you saved in you desktop.

WARNING!
If you don't hold down the alt key you will be restoring the original iPhone firmware!

Step 23: Browse for your custom .ipsw file saved on your desktop.



Step 24: Wait for a few moments while your .ipsw file is being extracted.


Step 25: Patience is a Virtue!



WARNING!

This might really take a long time so please be patient! Turning off or restarting your iPhone at this point may cause permanent damage!


Step 26: Your almost done! Allow iTunes to verify your iPhone software.


Step 27: Congtatulatons you just Pwned your iPhone! But there are still a few steps to complete the process. At this point you need to restore your backup of your contacts, mail, calendar, iPod music and etc.

Step 28: Restoring from backup. Depending on how many photos, music files and etc. you have, this might take 20 - 30 mins. So please be patient.



Step 29: Congratulation you have successfully Pwned and restored your iPhone!



Thank you to iPhone-dev Team!

Enjoy your iPhone firmware 2.1!

55 comments:

Sillimanster said...

thanks for putting up the instruction!

chewy831dude said...

can you use this for iphone 3g?

The Technophile said...

@chewy831dude sorry but this works for the 1st generation iPhone for now.

But the iPhone-Dev team are working on the 3G soft unlock.

You might want to check out their website....

http://blog.iphone-dev.org/post/51840602/timber

John said...

Just wanted to say thanks. This worked like a charm and was easy to follow. There were three differences in my case, however, and you might want to mention them in your instructions:

* At Step 8 (Cydia settings), there was nothing pre-populated in the list and I had to click the "Download Packages" tab, hit the Refresh button there, and add the items manually. You may have implied that this is necessary, but it wasn't completely clear :)

* At Step 18, I was re-reading your instructions and didn't realize that the Pwnage tool had gone ahead without me! This caused the tool to say that DFU mode had failed and I had to try again (which it let me do without starting over thankfully). It might be wise to add a note that you should watch the screen for the instructions immediately.

* When I launched iTunes for Step 21, it actually prompted me once before the prompt displayed in your screenshot asking me to check the Apple servers to determine the device type. I had to click a "Check" button before I got the notice about recovery mode. If you click Cancel instead, you will have to restart iTunes and click the "Check" button to continue through Step 21.

Thanks again.

The Technophile said...

Hi John!

Thank you for your valuable contribution. I must have overlooked at those steps, thanks to you it is now complete.

I really appreciate your help. I hope this guide will be useful to others too.

Thanks again.

Anonymous said...

Hi... just a quick question as I currently have an OTB unlocked 2G iphone on 1.1.1. Can I upgrade directly to 2.1 using this method or do I need to do any other interim upgrades first? There seems to be a lot of conflicting info out there. In either case, your instructions are well presented and appear easy to follow. Thanks for your efforts. Looking forward to upgrading. Cheers, Jack

The Technophile said...

Hi Jack,

I upgraded my 2G iPhone from 1.1.4. directly to 2.1 using the same method posted here and did not encounter any problem. This should work for 1.1.1.

Just remember to upgrade your 1.1.1 to 2.1 from iTunes 8 first before using pwnage tool.

Cheers!

Anonymous said...

Thanks for confirming Carlo... I think I'm ready to take the plunge and will let you know how it goes though it may be a few days before I get around to it. Thanks again for the tutorial. Cheers, Jack

maria said...

thanks for your help but I need more HELP...using pwnage tool cannot successfully do DFU mode...my iphone won't TURN-OFF!!! please i need your help badly! i don't have a phone it got stuck on recovery mode! giving me iTunes/connect screen. its still blinking going back to apple icon to iTunes?

The Technophile said...

Maria,

Remove your iphone from the usb and try to press the home and power button simultaneously until iphone shuts off.

Then reconnect devie and turn it on. Try to enter DFU mode again.

Maria said...

Thanks! But I've tried that many times it just keeps turning back on by itself w/ that screen iTunes/usb? It won't shut off? I'm frustrated alrdy...Help how to turn it off please? I would really love to jailbreak/unlock my iphone.

The Technophile said...

Hi Maria,

I'm beginning to wonder if you have you upgraded your firmware to 2.1 with iTunes 8?

Maria said...

Yes I did without thinking! :( Is that bad? I don't have AT&T carrier so it was unlock before so it aftr upgrdg frm iTunes got stock to that screen bc I hv diff carrier..that's why I'm trying to do over again. Don't tell me any bad news please!

kevin said...

Having tried unsuccessfully to find info, I think I have done this wrong too. Having had a jail broken iphone 2g, I have then installed itunes 8 and then upgraded firmware 2.1. I have now just installed pwnage 2.1 which allowed me to verify ok but now itunes is telling me my sim card (T-mobile) does not appear to be supported. Please insert the SIM that came with iphone". Any ideas what can be done next?

The Technophile said...

Maria,

Don't worry you did the right thing! You upgraded your iPhone using iTunes 8.

Your problems are really odd and there are only 2 possible things that could cause this:

1. You must have run the pwnage tool from the disk image. You have to extract/copy the pwnage tool to the "Applications" folder inorder for pwnage tool to run properly.

2. You must have missed out some steps in this guide. Be sure that you are using pwnage tool in "Expert mode" and make sure that you click No in step 17.

Hope this will work for you now.

The Technophile said...

Kevin,

After upgrading to 2.1 did you go through all the steps listed in this guide?

Please make sure that you have complete the following:

1. Use Pwnage Tool in Expert Mode.
2. Make your you have selected the proper choices in "Step 7"
3. Make sure you select "No" in step 17.

Good Luck!

Anonymous said...

Is it OK to use Pwnage tool 2.1 in conjunction with iTunes 8.0.1? Thanks for the instructions.

The Technophile said...

Are you using iTunes 8.0.1? I haven't tried pwnage tool with 8.0.1.

This might be the reason why you are getting oddities. Try to search the Internet who have tried using the new iTunes with Pwnage Tool and see if it works.

Maria said...

Thank you so much! I just did it finally fixed my iPhone. Mayb its really timing on DFU mode got everything back I'm surprised all my info still there no msg/contact was lost only my prev app gone. Now I just need to know how to download app using Cydia/Installer. Is there any site on how to or what to download?

The Technophile said...

Congratulations Maria!

I'm sure there are lots of info you can google on Cydia and Apps.

kevin said...

Thanks for the help so far,
I have tried again using expert mode (which I did miss out). I don't think bootlegger 39 & 46 downloaded as they are bin files on my desktop. How do I open these files. I've tried stuffit etc... googled etc

kevin said...

It seems that you don't have to actually open the bin files. I just had them sitting on desktop and they appear to have done the job somehow. Phew... success my brick has come back as an updated iphone! >:-). Probably best not to try this in the early hours of the morning after too much wine! Thanks guys for all your help.

The Technophile said...

Congratulations Kevin!

D. said...

Hello,

I've just read the entire tutorial and I have everything ready to start. I have a 2G iPhone 16 GB, jailbroken, unlocked to my local carrier (not AT&T or T-Mobile or whatever) and I am a Mac user. I have firmware 1.1.4 and I want to upgrade to firmware 2.1.

Right now, my iPhone has been backed up, I have Pwnage Tool 2.1 and the two .bin files for the bootloaders. I also have iTunes 8.0.1 (11) and this is my problem.

I just wanted to make sure with you guys that when you say iTunes 8, you're actually referring to iTunes 8.0.1 (11). If you go to iTunes and press About iTunes, you'll see in big letters: iTunes 8. But shortly after, it will appear below iTunes 8.0.1 (11).

So really my question is: do I have the correct version of iTunes in order for this to work, or not?

Thank you in advance,

D.

The Technophile said...

Hello D.

iTunes 8.0.1. was not yet released when this blog was published.

I normally do not upgrade my iTunes until I get a go signal from blog.iPhone-Dev.org. But I tried googling and found out that some users have actually pwned their iPhone using iTunes 8.0.1.

I suggest you do some research also and find out for yourself.

Thanks for asking.

D. said...

Hello again,

Thanks for your answer. I have still another question though. The tutorial says that one of the things one must do before opening Pwnage Tool 2.1 is to unlock the iPhone at our own risk, which I have done a long time ago now, using ZiPhone.

So I assume that Pwnage Tool does not perform any kind of unlocking, right? But then you mention that I need to mess around with bootloaders "if I want to unlock an original iPhone". That part is a little bit confusing. Could you please explain?

Thank you again,

D.

The Technophile said...

Hi again d.

Pwnage Tool is actually a tool to unlock and jailbreak your iPhone. And to unlock your iPhone you need to download boot loaders and replace the one in the iPhone but this will all be taken cared of by the Pwnage Tool.

The recent version of the tool is designed for the iPhone firmware 2.1, therefore, for this to work you will need to upgrade you firmware first using iTunes 8.0.0. for the Pwnage Tool to work.

I hope this answers your questions. Thanks for asking.

D. said...

Can't I upgrade to firmware 2.1 using iTunes 8.0.1?

D.

The Technophile said...

As I have said earlier, I tried to google and found out the there are a few who have successfully pwned their iPhone with iTunes 8.0.1.

So I would assume that it would work. Let us know how it goes.

Good Luck d!

:)

D. said...

Ok, thanks for your help. I will try this and report it later.

D.

D. said...

Just one more question: if anything goes wrong I can always restore my iPhone to 1.1.4 firmware using iTunes, right?

D.

Anonymous said...

What I have read BUT not confirmed is that 8.0.1 itunes stops the restore of a custom ipsw. Thus one can pwn using quickpwn in 8.0.1 but NOT pwnage with a full restore. I have not tried.

D. said...

Well, I am having the same problem Maria had. My iPhone won't turn off, i.e. the red sliding bar doesn't appear. It goes black for a moment, and then the counting starts in Pwnage Tool. But then the iPhone simply starts again before I am supposed to press the buttons. When I finally press the buttons I fail to enter DFU mode every time.

I have tried to remove the iPhone from the USB port and then shutting it down, but it won't work either. It just keeps coming back to recovery mode.

I upgraded to firmware 2.1 via iTunes 8.0.1.

I will keep trying to enter DFU mode but I don't think this is a matter of timing, because my timing is excellent... I've tried it several times now.

Maria: could you please explain how you solved this?

Thanks,

D.

D. said...

Ok, so I've managed to do the following: since I couldn't enter DFU mode while Pwnage Tool was working, I closed Pwnage Tool, then entered DFU mode somehow (really, I've done so many things now that I can't remember all of them) and restored, via iTunes, to the original factory defaults (that is, erase all and install 2.1).

After that, I installed QuickPwn and ran it. Now I have firmware 2.1 on my 2G 16GB iPhone, but I can't make any calls. Everything else works just fine.

Maybe now I need to run Pwnage Tool again, so that I can unlock my phone?

Please help asap

Thanks in advance,

D.

Anonymous said...

hi can i change the pineapple logo back to apple? how? thanks! :)

The Technophile said...

Yes you can change the pineapple logo with your own boot loader image with the following format:

PNG file in RGB or Grayscale with a dimension of 320x480 pixels. File must not go over 100kb.

The Technophile said...

Hi d,

You need to run pwnage tool in expert mode and make sure you follow step 7.

Good luck d.

Anonymous said...

hi. but i pwned my iphone already? is there any apps available or set up so i can put the apple logo back again instead of pineapple?

The Technophile said...

Hi Anonymous,

There is no other way you have to use pwnage tool again, create you logo and restore your custom .ipsw.

Anonymous said...

Hi Carlo,

Successfully upgraded from 1.1.4 to 2.1 without a hitch thanks to your guide. It's nice to finally have it upgraded to the latest firmware.

Thanks!

The Technophile said...

That's Great!

Anonymous said...

Hi Carlo, I finally worked up the courage to upgrade my 1.1.1 today and thanks to your guide, did so successfully. A couple of suggestions if I may which might add to your instructions.
1. Let people know what to expect after they turn their phone off before going into DFU mode (Being asked to wait 5 seconds, then pressing home and off button simultaneously for 10 seconds after which just the home button for a further 10 seconds.) This way there are no surprises.
2. Also, (and I think more importantly) after restoring to the custom restore software, a message appears on the phone that Bootneuter needs to do its thing and after that the baseband gets flashed. My guess is, you probably want to let it do this before trying to restore to your backup. You didn't mention this and I thought it might be important.

Just one further question for you as my wife also has an iphone on 1.1.1. Do you think I might be able to just restore hers to the custom restore software that the Pwnage tool created for mine?? And, if so, do you know how to quickly get it into DFU mode?

Meanwhile, thanks again for your tutorial. I hope my suggestions were useful. Cheers, Jack

Anonymous said...

If I'm changing the logo back to apple I have to redo the whole steps? I have to start from Step 1? Please tell me I'm scared to do it again. :) J/U/A ? And where can I download the apple logo?

Anonymous said...

I use pwnage tool but my Cydia packages is empty? And there is an error it says Error:NetDB...? Did I do something wrong? Installer is ok. What are some sources that I can add? Thanks for your help!

Aaron said...

I'd like to add that Pwnage tool 2.1 does indeed work with iTunes 8.0.1 (11). Make sure you have the 2.1 version of Pwnage, there are a lot of downloads out there that are previous versions, and will fail right at step 1 (won't find the fw, and manually selecting the fw file fails).

Anonymous said...

Just would like to thank you guys for your selfless work. 8GB 2G was frozen and refused to power off. Custom built the IPSW using pwnage 2.1 and it refused to accept the custom build. I tried everything listed and kept getting error 6 in restore mode and error 1600 in DFU mode. Uninstalled iTunes 8.0.1, reinstalled 8.0.1 and worked like a charm. Thanks a lot for all you guys who contributed to this forum and I hope everyone solves their respective problems.

rfender said...

Great tutorial! Needed one like this the first time I pwn'd. So I used Pwnage Tool 2.0 to unlock my 1st gen phone about 3 months ago. Worked great. So now I have a working phone running 2.0.1 on AT&T PAYG GoPhone network.

Now I want to upgrade to 2.1. When I re-pwn using Pwnage Tool 2.1, should i click YES in step 17?? Do I even need to re-pwn. What's your experience in this scenario?

Thanks

Ruxandra said...

Thanks a lot for posting this, restore is in progress right now and i'm a happy camper :)

The Technophile said...

Your welcome Ruxandra

Eric said...

Hi i need to restore my iphone to take it back to the apple store...do i simply restore from itunes? or can i restore from pwnage? btw it worked great!

The Technophile said...

Eric,

That's right just simply do a restore in iTunes and use the original .ipsw

Dzgnr said...

Thnx dude. Wicked tut! Great to see stuff like this in the bloggosphere.

Anonymous said...

Hey i did everything right it all worked fine but all of a a sudden the iphone froze and my iphones screen is black with the white pinneaple i have tried hitting the power and home button as if i were to turn it off but nothing happens... and u even tried taking the sim card out but nothing i dnt know what else to do!! i tried connecting it to the computer but the screen still has the pnneaple in the middle of a black screen

Anonymous said...

In fact with this incredible simple unlocking solution unlock-iphone.org has become the leader in the business. The unlock comes as best and final solution for all people wiling to unlock iPhone 3G but hesitant to do so previously because of the share complexity of this task.
________________
[url=http://www.unlock-iphone.org]unlock iphone 3g[/url]

unlock iphone 2g said...

Is there a way to go about this?
Please suggest!!