Just recently, Apple has released the new iOS 4.3.4 to patch the JailbreakMe 3.0 PDF exploit. However, it also has been noticed that though Apple has removed the exploit, but, this new iOS firmware can still be jailbroken using PwnageTool bundles. Actually, this method works on iPhone, iPad and iPod touch except iPad 2 having iOS 4.3.4. Furthermore, it also preserves the baseband for Ultrasn0w unlock for future purposes.
Here’s one important point to be noted that this jailbreak is tethered i.e. you’ll need to boot into jailbroken state once your iOS device loses power or restarts.
- PwnageTool 4.3.3
- iOS 4.3.4
- iTunes 10.3.1
- Mac OS X
- Bundle and PwnageTool 4.3.4 for iPhone 4 only
- Tetheredboot utility
- Actually, if you are depended on a carrier unlock, then, don’t update to iOS 4.3.4 as there is no unlock for iOS 4.3.4 baseband.
- During the whole process, your baseband will be saved.
- It’s a semi-tethered jailbreak.
- Hacktivation is supported by it completely.
How To Jailbreak iOS 4.3.4 On iPhone 4 Using PwnageTool Bundle
NOTE : You’ll get all the necessary download links for this guideline at the end of the article.
Step – 1 : First of all download PwnageTool bundle and extract the .zip file on the desktop and inside it, you’ll get a .Bundle file. Just move that file to the desktop.
Step – 2 : Now, download PwnageTool 4.3.3 and copy it in /Applications folder on your Mac, then right click the program icon, and after that, click on “Show Package Contents” and it will open a new folder.
Step – 3 : Finally, go through the path Contents/Resources/FirmwareBundles/ and then, paste the file and the downloaded bundle.
Building a Custom iOS 4.3.4 Firmware
Step – 1 : First of all, download iOS 4.3.4 and move the downloaded file to your desktop.
Step – 2 : Now, start “PwnageTool” in “Expert Mode”, and choose your iOS device.
Step – 3 : Then, browse for the downloaded iOS 4.3.4 file and select it.
Step – 4 : After that, click on “Build” to start building the custom firmware.
Step – 5 : Now, PwnageTool will create a jailbroken IPSW firmware file for your iOS device. And, after that, allow your iOS device to be in DFU mode;
- First press and hold the “Home” button and the Sleep/Wake button at the same time.
- After exactly 10 seconds, release the Sleep/Wake button. Just continue holding the “Home” button until you enter into DFU mode.
Restoring Custom Firmware Built With iTunes
Step – 1 : Now, open iTunes and then, click on the name of your iPhone in iTunes and in the “Summary” tab, just hold down the “ALT” key and click on “Restore”, which will open a new window from which you select the custom firmware with PwnageTool just built.
Step – 2 : Then, confirm the process and wait till the process is getting completed. Well, on average, it will take between 10 to 15 minutes. Finally, at the end of the installation, your iPhone will be rebooted and will be updated to the new iOS 4.3.4 firmware and unlocked.
Restarting In Tethered-Mode
Step – 1 : First, download the Tetheredboot utility and then, extract the .zip file on the desktop of your Mac.
Step – 2 : Now, actually, we’ll require two files on the iOS 4.3.4 i.e. kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu . In order to recover, you can just create a copy of the custom firmware and rename the file extension of iOS from 4.3.4 ipsw to .zip and then, extract the archive .zip and the necessary files will be inside.
Step – 3 : After that, you should copy the file kernelcache.release.n90 andiBSS.n90ap.RELEASE.dfu , located in the path / Firmware / dfu, in that you’ll create a new folder on the desktop, providing it the name “tetheredboot” and inserting in the same well tetherboot utility.
After that, turn off your iPhone, and start Terminal on your Mac and type in the following commands:
Then, enter your administrator password, and type the following;
After that, you’ll see the Terminal in operation. At some stages, you’ll be asked to enter DFU mode, follow the above mentioned instructions.
Now, your iPhone will be in DFU mode. hence, just wait so that the device will reboot and that the terminal displays the message “Exiting libpois0n”.
That’s it! After a few moments and your iPhone will turn on you so run the jailbreak and reboot tethered mode on iPhone OS 4.3.4.