Just couple of days ago, Apple launches the first software update for it’s recently release iOS 4.3 operating system for iOS devices. If you are unaware, the iOS 4.3.1 is compatible for iPhone 4 (GSM model), iPhone 3GS, iPad 2, iPad 1, iPod Touch 4G, and iPod Touch 3G.
Fortunately, you will be able to jailbreak this new iPhone operating system using the iPhone Dev Team’s PwnageTool version 4.2 for Mac OS X with the help of the PwnageTool Bundles 4.3.1. Additionally, if you are an iPhone unlocker, you will be glad to know that you will be able to unlock your iPhone 3GS with Ultrasn0w 1.2, of course, with the help of the Ultrasn0w Fixer. You will need this Ultrasn0w Fixer to be able to install the official Ultrasn0w because Apple introduces a new ASLR security features on the iOS 4.3. So if you want to jailbreak your iOS devices and unlock your iPhone 3GS, just follow the step-by-step guide posted below.
Note: iH8sn0w already fixed Ultrasn0w unlock on its Sn0wbreeze 2.4 beta 1 for Windows users.
Download the Required Tools and Software:
Download latest iTunes 10.2.1 and install it on your Mac machine.
Download PwnageTool 4.2
Download PwnageTool bundles 4.3.1 | Download PwnageTool bundles 4.3.1 for iPad
Download iOS 4.3.1
How To Patch / Modify PwnageTool using custom bundles
In order to enable PwnageTool to jailbreak iOS 4.3.1 you need to modify it using the custom PwnageTool bundles.
Step 1: Right click on the PwnageTool which you download in Par-1 and then click on “Show Package Contents”.
Step 2: Navigate to this path /Contents/Resources/FirmwareBundles and put the bundle folder which you downloaded for your device in Part 1 in this location.
How To Patch Ramdisk
Step 1: Launch Universal Ramdisk Fixer and just simply follow the on-screen instruction to fix the ramdisk.
How To Create Custom iOS 4.3.1
Step 1: Launch the iTunes 10.2.1 and backup your iOS device
Step 2: Start the modified PwnageTool with PwnageTool Bundle
Step 3: Now select your iOs devie (iPhone or iPad) and click the blue arrow to continue.
Step 4: Browse for iPSW file (iOS 4.3.1) which you have already downloaded earlier.
Step 5: Then, simply click the Build button to create custom firmware and save it on your PC.
How To Restore Custom iOS 4.3 into the iOS Device Through iTunes
Step 1: You need to put your iOS device into the DFU mode. Just simply follow the onscreen instructions:
* Hold Power and Home buttons for 10 seconds
* Now release the Power button but continue holding the Home button for 10 more seconds
* You device should now be in DFU mode
Step 2: Once in DFU mode, launch iTunes and the software will automatically detect your iOS device, just press OK to continue.
Step 3: Now, install the custom cooked firmware by pressing the Alt/Option key and click on “Restore” in iTunes. Wait till the restoration completed. The device will reboot after it has been restored successfully.
How To Tethered Boot iOS Device
Again, there’s no available untethered jailbreak method for the iOS 4.3.1, so we need to tethered boot the device every time we reboot. You can use software called “tetheredboot” to boot your iOS device into a tethered jailbroken state. You can download the tetheredbooth using this link.
Tetheredboot requires two files from iOS 4.3:
* kernelcache.release.n90,
* and iBSS.n90ap.RELEASE.dfu.
To get these files, change the extension of iOS 4.3 from .ipsw to .zip and then extract it. You will find them under /Firmware/dfu/ folder.
Put all these files and tetheredboot utility into a new folder on desktop and name it “tetheredboot”.
Method 1 to Invoke Tethered Boot:
Start terminal and run the following commands:
sudo –s
type your admin password and run:
/Users/aamirusman/Desktop/tetheredboot/tetheredboot
/Users/aamirusman/Desktop/tetheredboot/iBSS.n90ap.RELEASE.dfu
/Users/aamirusman/Desktop/tetheredboot/kernelcache.release.n9
Replace “aamirusman” with the name of user on your Mac machine and “Desktop” with name of location where you placed the “tetheredboot” folder.
When prompt to put your device into DFU mode, just follow the same method you used in the previous step. After a short period of time you will see “Exiting libpois0n” in the terminal windows which indicates your iPhone, iPad, iPod Touch will be booted within few moments.
Method 2 to Invoke Tethered Boot:
Put your device into DFU mode. Open the terminal and run the following commands.
cd /Users/username/Desktop/Tetherboot/
./tetheredboot iBSS.n90ap.RELEASE.dfu kernelcache.release.n90
That’s it. You now have a jailbroken iOS device on iOS 4.3.1.
