As per the request of iH8sn0w, a HD video tutorial was created for helping user in Jailbreaking iPhone 3GS with new bootrom and having 3.1.2 SHSH blob backup.
You will need:
- iPhone 3GS new bootrom
- 3.1.2 SHSH blob
- sn0wbreeze (DOWNLOAD NOW)
- iOS4 IPSW (DOWNLOAD NOW)
Notes:
- For iPod Touch 2G (MC Model) you don’t need to have 3.1.2 SHSH Blobs
- For iPod Touch 3G / iPhone 3GS you need to have 3.1.2 SHSH Blobs NOT 3.1.3
- This is tethered jailbreak, which means that you have to Reconnect your device with computer whenever it’s turned off to turn it on
Here is the video :
Warning Note: All the standard warnings apply. This is for advanced users only. Only proceed if you think you know your iPhone inside out.
I figured making a tool would take a bit too long. So, i’m going to write up this tutorial. It isn’t recommended for regular users.
**BEFORE PROCEEDING, ENSURE THAT YOU HAVE YOUR PHONE BACKED UP!**
THIS TUTORIAL ASSUMES YOU ARE ALREADY ON 3.1.2!
——-
WHAT YOU WILL NEED:
* An iPhone 3G[S] — new bootrom
* 3.1.2 already installed or 3.1.2 installed via SHSH blobs. <– Broken blackra1n’d devices will work. (Especially if Spirit messed you up!).
* Payload Pwner-r3 for the 3GS. (http://www.mediafire.com/?fyozyytzze1)
* sn0wbreeze V1.7
* iBooty V1.3 (http://www.mediafire.com/?g1nynqrnz03)
* LibUSB (64-Bit users read carefully!!!)
* 3.1.2/4.0 3GS firmware downloaded.
——-
*NOTE : IF YOU HAVE THE SLEEP ISSUE, YOU WILL NEED TO RESTORE BACK TO 3.1.2 FIRST.*
STEP A : Installing LibUSB for iRecovery
Run this mini tool to detect your O/S + Arch. — Windows + Arch. Detector (http://www.mediafire.com/?imyzm2t3zam)
*********
WARNING : IF LIBUSB IS NOT INSTALLED PROPERLY, YOUR USB MIGHT NO LONGER WORK!
*********
Windows XP Users download this installer — LibUSB Installer (http://www.mediafire.com/?zyy0mjthhij)
*********
Windows Vista/7 users RUNNING 32-Bit:
* Download the installer and run it in compatibility mode for Windows XP. (http://www.mediafire.com/?zyy0mjthhij)
*********
If you are a 64-Bit user, follow this tutorial — LibUSB 64-Bit Tut(http://www.ipodtouchfans.com/forums/showthread.php?t=148985)
*********
Once LibUSB is installed iRecovery should be able to function now.
——-
STEP B : Pwning iBEC + iBoot
I : Download this easy tool here — Payload Pwner-r3 for 3GS (http://www.mediafire.com/?fyozyytzze1) // It will help you create the payload + iBEC.
**SAVE THE PAYLOAD + iBEC WHERE iBooty is.**
——-
STEP C : Making a Custom IPSW
I : Download sn0wbreeze V1.7 from here — sn0wbreeze V1.7
II : USE EXPERT MODE!
III : In General, Checkmark “Disable NOR Flash” <– THIS IS ESSENTIAL!!!!
IV : Build it. It will be on your Desktop.
**CUSTOM BOOT LOGOS THAT ARE MADE IN sn0wbreeze WILL NOT WORK ON NEW BOOTROMS!**
*Mac Users : PwnageTool does not have this option. I don’t think it will ever be in there. Use a Windows Virtual Machine or friends PC to create your firmware.*
——-
STEP D: iBooty Prep.
Most of you know of the utility “iBooty” that I made for Aki_nG.
It will work as long as you place all of the correct files there.
I : Download iBooty GUI here — iBooty for 3GS (http://www.mediafire.com/?g1nynqrnz03) and Extract it.
II : Extract your Custom IPSW created by sn0wbreeze with 7-Zip or another un-archiver.
III : Grab the kernelcache and bring it into the same folder as ibooty.
Also grab the iBEC from the folder “Firmware\dfu\iBEC.n88ap.RELEASE.dfu”
Aswell as DeviceTree from the folder “Firmware\all_flash\all_flash.n88ap.production\DeviceTree.n88ap”
IV :
* Rename your Kernel 4.0-Custom to “kernel.40″
* Rename your iBEC 4.0-Custom to “ibec.40″
* Rename your DeviceTree 4.0-Custom to “devtree.40″
======
Your folder should look like this :
- iboot.payload <– Created with Payload Pwner.
- devtree.40 <– Grabbed from Custom IPSW made by sn0wbreeze.
- ibec.40 <– Grabbed from Custom IPSW made by sn0wbreeze.
- irecovery.exe <– Comes with iBooty.
- readline5.dll <– Comes with iBooty.
- iBooty.exe <– Comes with iBooty.
- kernel.40 <– Grab from Custom IPSW made by sn0wbreeze.
- sn0w.img3 <– Comes with iBooty.
- wait.img3 <– Comes with iBooty.
======
——-
STEP E: Restoring to 4.0 + Booting
——-
*MAKE SURE YOU ARE ON 3.1.2 WHEN DOING THIS*
I : Run iBooty and Select “Prepare Device for Custom Firmware”. Run the Process and if you see the image, you can proceed!
II : Now open iTunes and restore to the custom ipsw.
***WHEN DONE, YOUR DEVICE WILL GO INTO RECOVERY MODE. IT WONT BOOT.***
——-
STEP F : Booting
I : Just Re-Run iBooty and select “Boot It”. If all goes well it will boot!
[...] This post was mentioned on Twitter by Arjun Komath, Arjun Komath. Arjun Komath said: Now on #techulus: Jailbreak 3GS New Bootrom 4.0 (Tutorial) HD Video http://bit.ly/awDZIQ [...]
i dont recieve and image on my screen
I am sorry, I didnt understand. Could you elaborate your comment.