http://iclarified.com/entry/index.php?enid=893


Works great. Give it a try

you know your iphone wants that restore:iphone: :eek:

N41

Will sticky for a few days so people have an idea of what to do or where to start :)

i use this tutorial and is perfect my iphone it's pwned in 10 minutes

You can send donations to iphone.devteam@gmail.com using paypal.

Will do! ;-)

One thing I found though was that holding down home and connecting the iPhone did not result in the thing going into recovery mode. In that case I held down home and power together, waited for the apple logo, kept holding BOTH buttons and eventually it went into recovery mode that way. The firmware was the orignal 1.1.4 from Apple.

Is that worth adding as a note?

Well, after a coupled failed attempts and an 1600 error (not the "try a different usb port" one) i came up with the following conclusions:

When you restore your iphone to 1.1.4 before using pwnage its better to go into DFU (where the screen is black and you dont see an itunes or cable icon)

After you pwnd your iphone and created your custom firmware you need to put the iphone in RECOVERY (NOT DFU). Even if you get a message from itunes saying that you need to activate your iphone, you can still restore to yout custom firmware. To do so just remove from dock. Power off your iphone. And then when it is off, press the home button and connect it to the dock. Keep pressing it until you see the cartoonish steve jobs. Just like the video from the dev team.

Hope this helps

How do you go to DFU?

Turn phone off.
Attach phone to comp.
Hold home and power together for exactly ten seconds
Release power and keep holding home until iTunes recognizes phone.
Phone display will not come on.
You're now in DFU mode and ready to restore.
Use option key on mac or shift key on windows when selecting restore in iTunes.

IF I DID a ziphone unlock, but i want to get clearly rid of that and use this what do i need to do first??

Just do the tutorial

Youll be fine

N41

All works 100% 1.1.4 and 2.0 - Using 2.0 now

Turn phone off.
Attach phone to comp.
Hold home and power together for exactly ten seconds
Release power and keep holding home until iTunes recognizes phone.
Phone display will not come on.
You're now in DFU mode and ready to restore.
Use option key on mac or shift key on windows when selecting restore in iTunes.

There's no EXACT time the iPhone will sort itself out

Thanks Xserve2.

Could I ask some newbie questions...

I read the tutorial on using pwnage tool, and I am thinking, when I put my otb iphone into recovery mode after the ipsw browsing step (but before the iPwner step), I assume iTunes will detect my phone.
Do I need to close iTunes before iPwning?
If I need to close iTunes, do I have to eject the phone first before closing iTunes?
Thanks very much!!:)

PwnageTool will detect iTunes is open and ask you to close it.

Just close it anyway when it pops up by exiting it from the mac taskbar.

I have updated the tutorial/FAQ thread accordingly with that information. Thanks.

These tutorials show you how to unlock them and such but nothing actually shows how to do it all if you are trying to keep AT&T. I get that you just don't check anything off and it will just put the jailbreak on 1.1.4, but I want to test out 2.0 on my phone for work so I want to keep my AT&T service, is this possible? If so how? Thanks, sorry for being a pain.

You have to pwn and install customised firmware with unlock and activation to 1.1.4 to be able to use 2.0 beta.

As the 2.0 beta cannot be activated or used even with an official AT&T contract unless you are a registered developer.

However if you just want to use 1.1.4 leaving everything unchecked will just jailbreak the phone and add installer. But again that won't let 2.0 work unless your unlocked and activated before you go up to it.

isnt 2.0 supposed to be buggy? people were saying its quite unusable coz of the bugs? is that true?

lol Read the FAQ!

I think I am going to start a poll of who actually reads it.

2.0 is buggy - DRM doesn't work, there is no itunes, no appstore and its likely to crash randomly lots and lots.

You have to pwn and install customised firmware with unlock and activation to 1.1.4 to be able to use 2.0 beta.

As the 2.0 beta cannot be activated or used even with an official AT&T contract unless you are a registered developer.

However if you just want to use 1.1.4 leaving everything unchecked will just jailbreak the phone and add installer. But again that won't let 2.0 work unless your unlocked and activated before you go up to it.

Thanks man I know what I am doing now :)

When you restore your iphone to 1.1.4 before using pwnage its better to go into DFU (where the screen is black and you dont see an itunes or cable icon)

After you pwnd your iphone and created your custom firmware you need to put the iphone in RECOVERY (NOT DFU). Even if you get a message from itunes saying that you need to activate your iphone, you can still restore to yout custom firmware. To do so just remove from dock. Power off your iphone. And then when it is off, press the home button and connect it to the dock. Keep pressing it until you see the cartoonish steve jobs.

hmmm ... it worked for me doing it the other way around ... restore to 1.1.4 -> recovery mode -> pwnage -> DFU mode -> restore custom firmware.

My pwned phone works better than ever ... maps, youtube, everything is up and running, even got a better reception AND I've got my 4.6 BL back after a little Zibri accident ;)

one of the best things about pwnage is bootneuter.. Its amazing they've managd to patch 2 bootloaders so fast! does neutering the BL involve using the AppleImage2NORAcces thing?

I have an unlocked phone 1.0.2 with iphone.unlock.no and have not upgraded or unlocked with any other versions. I beleive i have to virginize my unlocked phone before i can use pwnage tool. Can someone help with a few questions:

1. Do i have to "Virginize" my 1.0.2 unlocked phone?
2. Do i have to use Itune to restore or update 1.1.4 before install Pwnage tool?

Thanks for your help.

Noodles

Great link.

Followed it exactly works perfect.

Thanks!

READ THE FAQ as it has the answers to your questions!

ALL OF THEM! so read it and don't be lazy!

I read the FAQ, the instruction for 1.0.2 is to virginize, upgrade and unlock. My questions are related to PWNAGE tool.

If you know the answers, thanks.

THE PWNAGE FAQ! Read that FAQ!

It says if your not on 1.1.4 then RESTORE to 1.1.4 THEN use pwnage.

You don't need to virginise - read the correct FAQ!

um
if you used the unlock.pxl or the iunlock, or anysim 1.0 I believe, you need to virginze on 1.0.2

The later versions of anysim for 1.1.1, you don't have to.

N41

Thanks for the comments.

I have read a lot of threads and some said I dont have to verginize, some said I do. Some even said the "virginze" process caused problems.

Thanks for the comments.

I have read a lot of threads and some said I dont have to verginize, some said I do. Some even said the "virginze" process caused problems.

virginize through isntaller. and um, virginize if youre coming from 1.0.2


dont worry

you'll be ok :)

N41

A bit curious why the bootloaders (bl39.bin and bl46.bin) are different between the one downloaded from thepiratebay and the one downloaded from the link given by iClarified? Both working?

A bit curious why the bootloaders (bl39.bin and bl46.bin) are different between the one downloaded from thepiratebay and the one downloaded from the link given by iClarified? Both working?

perhaps the one from piratebay had the locations blank (FB)? i'll say use the ones from iclarified.

Why do you think they are different? because one is called BL-39 and the other bl39?

Things can be named differently but be exactly the same! I used the pirate bay download and it worked perfectly.

As far as being FB - BootNeuter does that for you if you select it otherwise it doesn't!

To check 2 files are the same, or to validate a file, use a hash like MD5. The MD5 hashes are unique and are available for both the bootloaders.

Windows: http://www.md5summer.org/

I have to be honest I am not exactly sure how to do that!

If the hashs are all unique and you compare 4 differently named files then they will all have different hashs!? Which doesn't help in anyway!

I used TPB complete version and it worked perfectly - someone should compare the different versions however but if they work then I don't see what difference it makes?!

If the hashs are all unique and you compare 4 differently named files then they will all have different hashs!? Which doesn't help in anyway!

No, the MD5s will be identical. Try for yourself, check the MD5... change the name and check it again. You will get a match.

I tried by renaming them to the same and sticking them in different folders so I wouldn't get confused but they appear to have different MD5 hashes!

I clicked on creat md5 to see what happened and they all came up different.

Which is a bit wierd - obviously both sources work perfectly so whats up with that?

DevTeam?

..
I clicked on creat md5 to see what happened and they all came up different.

Which is a bit wierd - obviously both sources work perfectly so whats up with that?

DevTeam?

well, if it's FB vs plain both should work.. i'm wondering if pwnage allows to use any files for the bootloaders without checking the hashes. perhaps should only allow valid ones?
i haven't tried it yet, so perhaps it does this already.. *shrug*

why would you go to an untrustwd source and download it when you can get it from iclarified?


You're just causing more trouble than needed for yourself

N41

EDIT

Thanks to MuscleNerd we have confirmed that the pirate bay version is authentic and works as planned.

BootNeuter.app from that source has the same MD5 as the official download from the dev site.

The MD5 inconsistancies are down to the Bootloaders being different lengths of which only the first part is important (I don't really
understand the technical side of that!) but Pwnage and BootNeuter both check the MD5 hash of the bootloaders and they were
both accepted and BootNeuter is authentic so all is well in the world! lol

EDIT

Thanks to MuscleNerd we have confirmed that the pirate bay version is authentic and works as planned.

BootNeuter.app from that source has the same MD5 as the official download from the dev site.

The MD5 inconsistancies are down to the Bootloaders being different lengths of which only the first part is important (I don't really
understand the technical side of that!) but Pwnage and BootNeuter both check the MD5 hash of the bootloaders and they were
both accepted and BootNeuter is authentic so all is well in the world! lol

Thanks for the "official" clarification.

I brought this up since I am very careful when handling these "sensitive materials" bootloader images (as I want no brick). I downloaded the bootloaders from iClarified first, then I downloaded from the thepiratebay according to the sticky, and I did a bin diff over the bootloaders to see if they are identical. To my surprise, the bootloaders have different lengths (thepiratebay one is 0x20000 bytes whereas the iClarified one is 0x20001), and the ending (filling I guess) part are different also (thepiratebay one is filled with 0x00 whereas iClarified one filled with 0xFF and the last extra byte is 0x00). I was not sure whether this matters to PwnageTool.

Now it sounds that both are working (maybe only the beginning part of the bootloader images are taken?), good to everyone :)

Think this one from dev says it all:
http://hackint0sh.org/forum/showpost.php?p=274716&postcount=10

Very hard with my iPhone... I am almost exhausted... :(

My iPhone was ZiPhoned and I have followed the steps in the guide posted. All went well up to the very last step, STEP 21 when the iTunes reported that it restored the iPhone and then automatically I got the BootNeuter window and with the bottom message saying: "Please wait.. Determining current settings". The iPhone luminosity is lower than normal and the all the features/switches: Bootloader version, Neuter, Unlock, etc are on OFF and could not do anything.

I left the phone like that for more than 30 minutes and nothing happens.
I have turned it OFF (Home and Pwr button), turn it back ON but it stays at the apple logo, nothing happens, no further boot.

I have turned it again OFF, plug it in USB and even the iPhone stays only with the logo, the iTunes recognize it. I have done again a custom restore but it is the same, it stays with "Please wait.. Determining current settings" forever.
Please help, what else should I do?

Assuming you have NOT upgraded to 2.0 beta before 1.1.4 then...

Unfortunately it appears that ZiPhone has quite possibly damaged your phone so that BootNeuter will not work!

Have a read of the thread that is called "bootneuter stuck on determining settings" but it appears that the curse of ZiPhone has struck again!

Assuming you have NOT upgraded to 2.0 beta before 1.1.4 then...

Unfortunately it appears that ZiPhone has quite possibly damaged your phone so that BootNeuter will not work!

Have a read of the thread that is called "bootneuter stuck on determining settings" but it appears that the curse of ZiPhone has struck again!

Spinstorm,
First, I wish to thank you very much for replying so fast. It is unbelievable how a junk software could actually damage a hardware permanently... I am thinking it is only flash memory that regardless what you write on it, with the proper toll (soft) you can erase it and and write what you want...
Don't I have any other option to try, or another application?

If I buy a new communication board and replace it ($150, they provide guides how to do it), I read that it will solve any problem 99.99%.
But once I have it and replace it, what should I do, use the same guide?

I am not an expert on that area - if I was you I would post in that thread I mentioned (and in which I just posted a question myself) and hope that someone with the knowledge I don't have will tell you.

Of course if your on an official contract you could just change your phone!

I just bought from eBay spending close to $700 and it worked for one week in Canada.
When it started to loose the carrier signal, I read to use the damned ZiPhone and from ever since I am doomed!

Why don't you restore to normal 1.1.4.

You could unlock with iLiberty+ then get BootNeuter off installer and see if it works! - maybe this would be better because at least if it fails your already unlocked!

iLiberty+ will unlock you and then you can try BootNeuter to put you bootloader back to 4.6 (or whatever it came from).

I would add you could have got a new iPhone from hamgo.com for $549 (http://www.hamgo.com/cellphone.html) and then if it was messed up they would replace it!

I got my US phone from there back in Septemeber and they ship international - its not the cheapest but I wanted to get a phone from somewhere reliable!

Why don't you restore to normal 1.1.4.

You could unlock with iLiberty+ then get BootNeuter off installer and see if it works! - maybe this would be better because at least if it fails your already unlocked!

iLiberty+ will unlock you and then you can try BootNeuter to put you bootloader back to 4.6 (or whatever it came from).

I would add you could have got a new iPhone from hamgo.com for $549 (http://www.hamgo.com/cellphone.html) and then if it was messed up they would replace it!

I got my US phone from there back in Septemeber and they ship international - its not the cheapest but I wanted to get a phone from somewhere reliable!

Thanks again Spinstorm. When I try to do a normal 1.1.4 or 1.1.3 it ends up with error 1011. And when I want to restore it again wit iTunes, I get: "The iPhone cannot be used with iTunes because the SIM is PIN locked or not installed." I tried with two different good SIM's.
I understand that this is common to the phone that were ZiPhoned.
With this error, the iLiberty does not recognizes my phone.
In the last two weeks I spent an incrdible amont of time on this issue.

This is still not very clear..... I've read all the tutorials, watched the videos and am confused.

Right now I have an AT&T 1.1.4, unlocked phone with installer.app + apps and such on it. (my phone was unlocked long ago, but most recently 1.1.4 with ziphone)

When I open pwnageTool am I supposed to give it a virgin 1.1.4 restore from apple? or just give it the 2.0 firmware I have?

Don't get it.

It is VERY CLEAR!

It in BIG BOLD TEXT!

You HAVE TO RESTORE TO CUSTOM 1.1.4 BEFORE 2.0 or your phone WON'T Work!

Assuming your already on 1.1.4. Select the 1.1.4 iPhone restore file. Click on "iPwner". Put the phone into recovery mode.

It will restart after its done. Build the custom 1.1.4 firmware with unlock, update baseband, activate and neuter baseband (and if your on pwnagetool1.1 select installer and bsd subsystem as well).

Then put the phone back into recovery mode. Select the 1.1.4 CUSTOM firmware and restore with it.

When it is done then you can make a 2.0 custom firmware - make sure that the correct boxes are ticked - ie activate - all the others will be greyed out.

Then you can restore in itunes with the 2.0 custom firmware and it will work.

You have to press alt+ restore to select the correct firmware in iTunes.

Read the stickied FAQ at the top of the forum!