Jailbreak iOS 4.0 with PwnageTool – Complete How to Guide

We did inform you about PwnageTool bundles which were released yesterday to jailbreak iPhone 3GS on iOS 4.0 (formerly iPhone OS 4), while preserving your baseband on the older 05.11.07 or 04.26.08 so that you can unlock it using ultrasn0w or blacksn0w. We got lots requests via twitter, facebook and email for full instructions on how to patch the existing version of PwnageTool so that it can work with iOS 4.0 GM release. And so here are the complete set of instructions for you to get it to work.

[Important Update: Final version of this guide for iPhone 3GS with PwnageTool is posted here. For iPhone 3G and iPod touch 2G, use Redsn0w guide posted here.]

iOS 4.0 Jailbreak

Warning / Note: Perform the following instructions at your own risk only. I am not responsible if you end up bricking or locking your phone. Only proceed if you are an advanced user, and know what you are doing. Otherwise, wait for the official tools which would be out soon.

Supported Device(s):

iPhone 3GS ONLY, with older bootrom which has at least been jailbroken once with either redsn0w, PwnageTool, Blackra1n or Sn0wbreeze. If your phone is one of those with newer bootrom, and has only been jailbroken with Spirit, this is not for you. You will end up getting 1600/1604 error when restoring the custom cooked firmware via iTunes.

What is working and what isn’t?

I have tested it and it worked for me. But since I don’t rely on an unlock, I couldn’t test the ultrasn0w or blacksn0w part. Of all the reports that I have got from various testers, I can confirm that this method will preserve your baseband, but ultrasn0w or blacksn0w unlock wont work now as they need an update for iOS 4. So if you rely on an unlock, I will suggest you stay away from this, but if you desperately want to jailbreak your device, you can do it now while preserving your baseband but you will only be able to unlock it once ultrasn0w update is released in approx. two weeks time.

Step 1: Download PwnageTool 3.1.5 from the download link given here.

Step 2: Download the latest version of PwnageTool Bundles from msft.guy here and then extract it to your desktop.

Step 3: Download iOS 4.0 for iPhone 3GS, and iTunes 9.2 Beta for Mac. You can get the official bits if you are a registered developer, or from different content sharing sites around the web. Please do not ask for the download links, a simple Google will do it all !

Step 4: Download the updated Cydia bits (data.tar file) from here.

Step 5: Copy PwnageTool that you downloaded in Step 1 to your desktop. Right click, and then click on “Show Package Contents” as shown in the screenshot below.

iOS 4 Jailbreak (1)

Step 6: Navigate to Contents/Resources/FirmwareBundles/ and paste iPhone2,1_4.0_8A293_bundle.bundle file in this location and then simply close this folder.

iOS 4 Jailbreak (2)

Step 7: Now navigate again to Contents/Resources/CustomPackages/CydiaInstaller.bundle/files/ and paste data.tar file (for Cydia) that you downloaded in Step 4.

Step 8: Start “Terminal” program on your Mac and run the following commands:

cd desktop

cd PwnageTool.app/Contents/Resources/CustomPackages/CydiaInstaller.bundle/files/

tar -xPvf data.tar

iOS 4 Jailbreak (4)

once you are done, close all the open windows.

Step 9: Now start this patched version of PwnageTool, Select iPhone 3GS as your device and you will now notice that PwnageTool will automatically detect iOS 4 firmware file as shown in the screenshot below.

iOS 4 Jailbreak (3)

Step 10: Simply follow Step 5 to Step 7 posted here to create a custom-cooked iOS 4 firmware file which will preserve your old baseband.

Step 11: Once the .ipsw file has been created, you will now have to restore your iPhone to this custom firmware 4.0 that you just cooked using PwnageTool 3.1.5 for your iPhone 3GS. Start iTunes 9.2 Beta, Click on your phone icon from the sidebar in iTunes. Now press and hold left “alt” (option) button on the keyboard and then click on “Restore” (Not “Update” or “Check for Update”) button in the iTunes and then release this button.

This will make iTunes prompt you to select the location for your custom firmware 4.0. Select that custom .ipsw file and click on “Open”.

Step 12: Now sit back and enjoy as iTunes does the rest for you. This will involve a series of automated steps. Be patient at this stage and don’t do anything silly. Just wait while iTunes installs the new firmware 4.0 on your iPhone. Your iPhone screen at this point will be showing a progress bar indicating installation progress. After the installation is done, iPhone will restart automatically and you should now have a fully jailbroken iPhone 3GS running on iOS 4.0.

UPDATE 1: There were some errors in the post above which I have now fixed. Thanks to everyone for pointing it out in the comments.

You can follow me on twitter or join our facebook fanpage to keep yourself updated on all the latest iPhone jailbreaking and unlocking releases.