iPhone Dev Team had released PwnageTool 4.2 few weeks back, which allows users who want tojailbreak and also unlock their iPhone to update their iPhone with a pre-jailbroken iOS 4.2.1 while preserving the baseband from getting upgraded so that it can be unlocked using Ultrasn0w.
Some important points before we proceed:
Don’t forget to backup your iPhone before you proceed. You can refer to this post for instructions on how to backup your iPhone.
Please ensure that your iPhone has enough charge.
This guide is only for iPhone 4, iPhone 3GS and iPhone 3G users.
Users who want to unlock their iPhone:
PwnageTool does not unlock your iPhone.
You can use Ultrasn0w to unlock your iPhone after you have successfully updated and jailbroken your iPhone with iOS 4.2.1.
But there is a catch. Ultrasn0w 1.1-1 can only unlock the following basebands (you can check the baseband by going to Settings –> General –> About –> Modem Firmware):
iPhone 4 baseband – 01.59.00
iPhone 3G and iPhone 3GS basebands – 04.26.08, 05.11.07, 05.12.01, 05.13.04 and 06.15.00.
So if your iPhone is currently on iOS 4.0.2 or lower then PwnageTool 4.2 will allow you to create a custom pre-jailbroken iOS 4.2.1 and preserve the baseband so that you can unlock your iPhone using Ultrasn0w 1.1-1.
Similarly, if you accidentally upgraded your iPhone 3G or iPhone 3GS with iOS 4.2.1 or iOS 4.1 then its baseband would have got upgraded to 05.15.04 or 05.14.02. Unfortunately, 05.15.04 and 05.14.02 basebands for iPhone 3GS or iPhone 3G cannot be unlocked nor can it be downgraded.
Please read the instructions carefully especially the ones highlighted in bold.
If you meet the requirements mentioned above then you can proceed with the step-by-step instructions to jailbreak your iPhone using PwnageTool.
Step 2: You also need to download the iOS 4.2.1 firmware file:
iPhone 4 users download – iPhone3,1_4.2.1_8C148_Restore.ipsw
iPhone 3GS users download – iPhone2,1_4.2.1_8C148a_Restore.ipsw
iPhone 3G users download – iPhone1,2_4.2.1_8C148_Restore.ipsw
Download the file using Firefox since Safari might auto extract it.
Step 3: Double click and launch the PwnageTool. This will create a PwnageTool icon that you can click and drag into the Pwnage folder.
Step 4: Double click on the PwnageTool icon to launch the application. You will be presented with a warning. Click ‘OK’ to proceed.
Step 5: The PwnageTool window will now open. On the top menu bar, click on the Einstein icon to select “Expert mode“.
Step 6: You will also need to select your device from the next screen. Click on the iPhone 3G, 3GS, 4 picture to select the model. Click the blue arrow button at the bottom-right side of the window to continue.
Step 7: The application will now ask you to “Browse for IPSW“. If the application does not automatically pick the appropriate IPSW, you may click on the ‘Browse for IPSW‘ link and select the IPSW file that you have saved on your desktop Pwnage folder. Click on the blue arrow button to proceed.
Step 8: You will now be shown the Firmware bundle customization page. Click on ‘General‘ and press the blue arrow button to continue.
Step 9: In ‘General Settings‘, you will find an option that reads ‘Activate the phone‘. Check this option if you are NOT using an official iPhone carrier. Deselect the option if you are with an official network carrier. Press the blue arrow to proceed. Here you can also enable the multitasking, custom Home screen wallpaper, battery percentage indicator that officially not supported in iOS 4.2.1 for iPhone 3G.
Step 10: In the ‘Cydia Settings‘ window, click on the ‘Download packages‘ tab and press ‘Refresh‘. This will display all the available packages. Select the ones you want (OpenSSH and OpenSSL) and then click on the blue arrow button.
Step 11: Now click on the ‘Select Packages‘ tab. You will see the selected packages displayed here. Press ‘Select All‘ and click on the blue arrow button to continue.
Step 12: The ‘Custom Packages Settings‘ window will list package settings for your custom .ipsw. Click on the blue arrow button to move to the next step.
Step 13: Here you have the option to change logos for Boot and Recovery. You can choose the default images or click on browse to provide your own logos. Do note that the images need to be in grayscale/RGB with a maximum dimension of 320×480. Once selected, press the blue arrow button to continue.
Step 14: You are now ready to start the Pwnage process. Click on the Build button to select it and then click on the blue arrow to start the Pwnage process.
Step 15: The application will now prompt you to save your custom .ipsw file. Save the file in the Pwnage folder on your desktop. Save the file with a suffix Custom_Restore so that you can easily identify it. The IPSW file will take close to ten minutes to be completely built.
Step 16: You will be prompted to enter your administrator credentials. Enter the details and click ‘OK’.
Step 17: You will then be prompted if your iPhone has been Pwned before, click on “No”.
Step 18: After the custom ipsw has been built you will be asked to connect your iPhone to the computer. Once it detects your device PwnageTool will guide your through the steps to putting your iPhone into DFU mode.
Press and hold the power and home buttons for 10 seconds.
Then release the power button and continue holding the home button for 10 seconds.
Once your iPhone is successfully in DFU mode, PwnageTool will prompt you to launch iTunes.
Step 19: iTunes will now prompt you with a message that reads “iTunes has detected an iPhone in recovery mode“. Press OK. Your iPhone is now in recovery mode.
Step 20 : While on the iTunes window, hold the Alt/Option key and click on the ‘Restore‘ button. (This is a VERY IMPORTANT STEP as just pressing the “Restore” button will result in restoring your iPhone with the latest firmware, which is iOS 4.2.1 firmware currently, by holding down Alt/Option button, allows you choose the custom iPhone firmware file).
Step 21: Navigate to the Pwnage folder on your desktop and select the custom IPSW file (REMEMBER the custom firmware file with Custome_Restore suffix) that was just built (and NOT the original firmware file). Click on the ‘Choose‘ button to proceed.
Step 22: iTunes will now restore the custom firmware on your iPhone. The process will take up to 10 minutes. Once it is completed, your iPhone will reboot and should be updated with iOS 4.2.1. It should also be successfully jailbroken.
We hope you found this tutorial useful. Please let us know how it goes in the comments below.
[images via iClarified]