This guide and tutorial will show you how to use the freshly released PwnageTool to jailbreak your iPhone 4, iPhone 3GS, or iPhone 3G. There has been a couple jailbreak tools for iOS 4.1 released recently but only PwnageTool will preserve your baseband allowing you to update to a jailbroken 4.1, while still preserving your baseband so you can unlock.

PwnageTool is available for Mac only. If you don’t have a Mac, try to find a friend who does, and simply use his computer to cook the firmware. This guide was written using an iPhone 4 but the steps are the same, no matter what iPhone model you have (only the firmware downloaded will change).

This being said, make sure to follow this guide to jailbreak your iPhone iOS 4.1 with PwnageTool. As always when hacking your iPhone, you are proceeding at your own risks…

Step 1: Download PwnageTool from our iPhone downloads section. You will need a torrent downloader (ie. uTorrent) to download the file. Download iOS 4.1 for your iPhone from our download page as well.

Step 2: Make sure iTunes is up to date. If not, update iTunes and reboot your computer.

Step 3: Sync your iPhone in iTunes in order to backup everything, just in case something goes wrong. When the sync is done, close iTunes and leave your iPhone connected to your computer via USB.

Step 4: Launch PwnageTool. For the purpose of this tutorial, we will choose to use the expert mode. Select Expert Mode, then select your iPhone. Click the blue arrow to continue.

Step 5: Select “Browse for IPSW” then click the blue arrow. A window will popup letting you choose the firmware you downloaded in step 1.

Step 6: You will then be presented several options. Selecte “general” and click the blue arrow to continue.

Under General, you can choose if you want to activate your phone. You should only do that if you are using an unofficial carrier and want to unlock your iPhone. If you are using an official carrier (like AT&T in the US), you don’t need to select “activate”.

Click the blue arrow to continue.

Step 7: You will then be taken to the Cydia Settings page. Click the “download packages” tab, and click refresh. This step will allow you to pre-install jailbreak apps on your iPhone. Select the package you want to pre-install and click “add to queue”. Click the blue arrow when you’re done.

Step 8: You will then be taken to the “custom packages settings”. Cydia Installer should be selected by default. If not, make sure to select it, then click the blue arrow to continue.

Step 9: Hit the “build” button and click the blue arrow to continue.

Step 10: PwnageTool will ask you where you want to choose your custom IPSW. I chose to save it to my desktop.

Step 11: PwnageTool will now start building your custom IPSW. It will probably ask you for your admin password. This step should take a couple minutes.

Step 12: PwnageTool will then help you enter DFU mode. It will make a funny sound and will instruct you to get your iPhone in DFU mode. Simply follow the onscreen prompts: hold power and home button together for 10 seconds ; release power button while still holding the home button. When done, PwnageTool will tell you to go and restore in iTunes.

Step 13: Once you launch iTunes, it will tell you it has found an iPhone in Recovery Mode. Click OK to continue.

Step 14: Now that you have your custom cooked firmware, you need to install this firmware on your iPhone. Hold the “Alt/Option” key and click “Restore” at the same time. DO NOT click “Restore” without holding the “Alt/Option” key! A dialog box will pop up and you’ll be able to choose the custom IPSW file you created.

Step 15: iTunes will give you the following message. Click ok to proceed.

Step 16: iTunes will now restore your iPhone using the cooked iOS 4.1 firmware. This process might take a few minutes so be patient. When done, your iPhone will reboot.

That’s it. You have successfully jailbroken your iPhone using PwnageTool. You can now use UltraSn0w to unlock your iPhone if necessary.

If you have any question, please feel free to ask in the comment section below or in our forums.

  • Ron

    Did you ultrasnow after your jailbrake ? You need to do that to make calls.

  • debochopper

    Once again thanks Dev Team. I’m glad you guys waited a week after they released the other break tools. This is so much better. I now have my custom package that I can customize even more with my own plist files and themes.

    iPhone 4, 4.1, 1.59base, T-mobile, FaceTime working and MMS

    • Chad

      How did you get your facetime working?

  • Angad Singh

    any idea when does pwnage comes out for windows???
    just fyi i dwongraded my iphone to ios 3.1.2 and then used fuzzy band to downgrade my baseband to 05.13.04 and then unlocked it with ultrasn0w… i also tried to downgrade on 3.1.3… it did not work….
    Also iOS 4.1 is way fast enough that u can easily have multitasking on it….

  • Adrian

    My phone is jailbroken using redsnow but its abit laggy. can i use this pwnage tool to jailbreak it again? i mean is just to jailbreak it coz my baseband is 05.14.02. i know i cant unlock it. my main point is to solved the laggy things. can i do it?

  • David Micallef

    So, first off, thanks so far. My iphone is not a brick, and I do have Cydia on it. I do have a question, I apologize if it seems stupid but i’m as green as it gets to this stuff. When I plugged in my iphone after the disconnect, its asking me “Set up your iPhone”. I’m sure you’re all familiar with this screen on itunes. I’m guessing i’m supposed to set it up as a new phone, however, I’d appreciate a little direction. I’d like to have all my old apps as well, however, I don’t know if restoring my old back up will cause damage. HELP PLEASE!

  • nitesh

    hi i am use an unlocked iphone3g with 5.09 bootloader.i accidentally upgraded to iOS 4.1 and then jailbroked it with redsnow but i was unable to unlock it because it is on baseband 05.14.02.
    now my question is:how to unlock it.can i unlock it if i downgraded the firmware to 4.0.2 or 4.0.1 or 4.0
    PLEASE HELP ME.IT IS AN EMERGENCY FOR ME PLZZZZZZZZZZ…..

  • dmac

    hi, i just got my iphone. it is FU and its 4.1, the question is do i need to download the custom firmware? thanks

  • Helmut von Lichtenstein

    I have a jailbroken 4.01 phone bought iphone4 on day it came out. i can get into DFU mode no problem on its onw, but if i use pwnage tool to get into dfu mode, it keeps rebooting, it gets stuck on number 6 on that part where you just hold home button. i am hable to make the custom ipsw file, but i get the error 1600. i know i need pwnage tool to get me into dfu mode, but it just doesnt work!

    please advise

    • ifone

      I have the exactly same problem. Can’t get Pwnagetool to put my iPhone to the proper dfu mode and it gets stuck on 6. Anyone know what to do?

  • zeeshan

    hello sebastien how r u?i have restored my iphone 3g on ios 4.1 with baseband 5.14 is pawnage 4.1 jailbreak n unlock my iphone if its possibile then how can i do that plz tell me i am very thankful to u for that

  • Dodadee

    @sebastien thanks again for creating this site! I have a problem getting passed the DFU mode screen, i have everythinglined up, with the .ipsw on my desktop along with an ipod touch 4G. When i go through all the steps of holding and releasing the power and home button, I get a message from itunes saying that “itunes has detected an ipod in recovery mode. you must restore this ipod before it can be used with itunes.” this message comes up before i can get the pwnagetool to recognize that i am in dfu mode, i then get the error message saying that i have failed to enter DFU mode, when itunes has already discovered this.

    • Make sure iTunes is turned off

      • Dodadee

        I exit iTunes every time before I run the DFU test, I did it for the literally 10th time and still itunes pops up and tells me the same message… im frustrated because i feel that i am so close!! can anyone help me on this? i really dont want to delete itunes, i have over 100gb of music that has been categorized neatly, would hate to delete me 1400 duplicates again… and have to say up until sebastien… you’ve been the greatest!!

  • rhona

    my 3g iPhone is on 4.1. Unfortunately, it has never been jailbroken. I need to jailbreak and unlock it. Where should i start? Thanks in advance for the advice 🙂

  • rhona

    by the way, it’s on 05.14.02. does that matter? please help meee 🙂 thanks 😉

  • dee 1

    i followed the instructions but all i see now is the pineapple logo on the screen.its been like that for the past 30 mins.. what should i do?

  • Hean

    Hi I have an ATT iphone 4 which was jailbroken and unlocked (i am using it in China). I upgraded from 4.0.1 to ios 4.1 thru pwnagetool 4.1.2. Follow the instructions and everything went beautiful. I have a jailbroken and unlocked (baseband 01.59.00) iphone 4. The only issue as I found is my facetime is stuck at “waiting for activation” forever. Tried all the different things found on the net but none has worked. Then I saw a tread saying I need to use the expert mode of pwnagetool and uncheck the “activate the phone”. My question is if I uncheck “activate the phone” in pwnagetool, will my iphone 4 baseband get upgraded and I can no longer use ultrasnOw to unlock my iphone?

    Anyone has encounter facetime issue after 4.1 upgrade? My only reason to upgrade to ios4.1 is so that I can use facetime over email. I was able to use facetime with another iphone 4 but now it seems i lost all facetime functionality.

    Appreciate any thoughts and helps!

    Thanks

    • Hean

      For those with ATT iphone 4 who couldn’t activate Facetime once jailbreak and unlocked with pwnagetool 4.1, you can try using the expert mode and uncheck “Activate the phone”. Once the phone is jailbroken, you will need the original ATT sim card to activate the phone and facetime will work after that. That works for me finally…..

  • jeolet

    can i download costume cooked firmware from the web and directly restore via itunes in my pc

  • franklin89

    hey i have a iphone 3g with 4.0.2 (8A400) with baseband 5.13.04 which is the same as 4.0 and 4.0.1 if im not mistaken. so would i be able to upgrade to 4.1 using your method?

  • brunnnn

    I have a 3g 3.1.3 with baseband 05.12.01 and i need it unlock. Will these steps will work for me to update to 4.1?

  • iain

    I have an iphone 4 (4.02) , I have cooked 4.1 firmware for it with pwnagetool, the phone is in dfu mode,I select the firmware and hit restore, but every time I try to restore the firmware I get error 1600 or 1601. I have tried deleting the iphone folder in the apple app data folder but it still gives me the error, anyone any ideas on this one ?.

  • Angel

    Thanks Sebastian… it’s work perfect now i have iphone 3G with 4.1 and baseband 05.13.04 jailbroken and unlock with ultrasn0w…

    thanks

  • libreville2010

    Hello,
    I have an Iphone 3G, ipsw 3.1.2, modem firmware 05.11.07.
    I unlocked and jailbroke it a year ago using blackrain and cydia.
    Can I update to ipsw 4.1 using your tutorial without worrying about locking it again?

  • dan

    when do u think 4.0.1 upgrade will accept ur software?

  • dan

    sorry 4.1 just bought new 4 with no way to downgrade.

  • iain

    just to let everyone know, i was having problems with 1600, 1601, 1602 errors etc whilst trying to restore a jailbreak i had cooked with pwnagetool, tried 3 pcs trying to restore it with no luck.tried redsn0w in the end which solved the problem, i ran that 1st then used itunes to restore my jailbroken firmware i had made orignally with pwngtool, this time itunes ran with no problem at all.

    • emceeaye

      I’m in a similar situation. I am trying to restore a jailbreak I cooked with pwnagetool. I have a 3gs new bootrom baseband 5.13.4 and getting 1601 errors as well. I think I’ll try Redsn0w as well–Did you also need to unlock it, and if so, what did you use?

      Thanks.

  • fgh

    My iphone is 4.1 can i jailbreak it useing these steps

  • iain

    i used ultrasn0w to unlock, when i first restored the pwnagetool firmware i had no signal at all, evenon the carrier it was locked too, linked it up to my wifi opened cydia and downloaded ultrasn0w, rebooted and it works fine now, tested with two different carriers and works fine.

  • csmarc

    Sebastian, very good tutorial, just one comment. If you use a friend Mac to cook the firmware and just try to restore on ITunes will not gone work, I received the error 1600.
    You have to use on Windows RedSnow to exploit the the Iphone on the DFU mode, and then you can restore the custom firmware on ITunes. I spent some time to find out that.

  • vhonn

    awesome guide but want to clarify first before ill jailbreak my iphone 4, I got an iphone 4 iOS 4.0. Do I need to update first my firmware to 4.1 before jailbreaking? and then restore it using Customed iOS 4.1 using itunes?

  • dan

    Have a question! As some of you might know… Jailbreaking iphone 4 can cause facetime and mms stop to work. This when a unlock is also needed. I read an interesting thread where a guy found a work around… He jailbroke his iphone 4 using pwnagetool and used his original at&t sim didnt asign pwnagetook to ‘activate the phone’ in expert mode. He also stated that after jailbreaking he simply unlocked the phone using untlrasn0w. Is this really possible? I thought if you didnt assign ‘activate the phone’ the baseband would be changed also… Anybody an idea on this???

    Thenks!

  • Ben

    What is the admin password ?

  • Yasser Farid

    I have iphone 3Gs, when I reach the restoring step in itune I got error message (the iphone could not be restored because the firmware file is not compatible). what can I do? thanks

  • Sow

    jesus!!! you forgot to mention that you need to use redsnow to enter into DFU mode so iTunes can accept custom firmware!!!!! If you dont then you get 1600 errors and everything..

    1. download redsnow
    2. download the original uncooked 4.1 firmware from apple site
    3. use the original uncooked firmware for redsnow to detect which IPSW your using
    4. then in the options screen untick all boxes except for the option that says something like ‘just enter into DFU mode for now’
    5. redsnow will enter phone into DFU mode
    6. use itunes to restore your PRECOOKED IPSW now. (remember to use SHIFT + RESTORE to select the correct cooked IPSW.

  • henry

    Will I be able to downgrade firmware following this tutorial?

  • dOncastellOCastell

    thank fOr the infO everyOne..

  • Steezy

    i have an iphone 3gs mc model new bootrom jailbroken with blackra1n with baseband 5.11.07.. what steps do i follow to successfully upgrade to 4.1 while preserving my baseband? from my understanding 1) i need a friend to cook up a custom 4.1 fw for my iphone with pwnage tool.. 2) i need to run redsnow with a stock 4.1 fw n then enter it on pwn dfu mode through redsnow 3) i restore my iphone to the cooked custom fw n then i unlock with ultrasnow.. is this right??

  • hangrai

    I have an Unlocked Jailbreak iPhone 4 , with version 4.0.2(8A400), can i upgrade and unlock to 4.1 or 4.2 ?

  • Anubhav

    I am a Mac user and would like to upgrade from 3.1.2 to 4.1. If I update itunes as required by the steps it will go to 4.2 , will that create any trouble.

    Thanks

  • Anubhav

    One Shot smooth Jailbreak and Unlock from 3.1.2 to 4.1 using Pwnage tool.

    Thank you Seb

  • Gauravsaini91

    Guys i update my firmware from 3.1.3 to 4.1 and it also update my baseband to 05.14.02 and also the bootloader to 6.2 pls help me what to do

  • itzmashy

    Hey guys, I’m a totalll noob so please bare with me, and I’ve had this iphone 4 for a while, thinking it was on 4.1 (my ex had the phone) I got it back today to find out its on 4.0.2 with baseband 1.59.00. Which is the best, and safest way to jailbreak and unlock it? I know limera1n is supposed to work on this OS, but the baseband listed is much higher then the one i have, will that make a difference? And the tutorials I’ve been able to find are only for 4.1.. please help!!!

  • itzmashy

    nvm got it, but now how do i unlock it? 🙂

  • pdxdale

    I have the following iPhone 3GS:
    Firmware: 3.1
    Baseband: 05.11.07-6.4_M3S2
    Bootloader: 6.4
    Bootrom: iBoot-359.3 (old bootrom)

    The phone has never been jailbroken. I hope to jailbreak the phone with PwnageTool then unlock with ultrasn0w for use with T-Mobile. Does that sound like a reasonable plan?

    Should I use PwnageTool to create a custom 3.1 ISPW or should I create a custom 4.1 ISPW?
    Do I use PwnageTool 3.1 or the latest version 4.2.1?

  • Nikki

    i have an iphone 4 ver 4.1 baseband 02.10 jailbroken but locked with at&t
    i can’t use it here in the philippines….how can i unlock it?help please.
    thanks and merry christmas

  • Hi,
    got a 3gs on 4.1 and would like to update to 4.2.1 jailbroken and unlocked. any ideas on how to do this right ?

  • yes tombeur you can update to 4.2.1 and can jailbreak and unlock your iphone.But for unlocking you have to change your baseband which voids your warranty and maybe unable to update to further versions to the .there is a tutorial on this website..:)

  • JAG

    Hi,

    I’m a bit confused. I have a 3gs jailbroken at 4.0.1 with 05.13.04 baseband. I would like to upgrade to 4.1.2 (and I used pwnage tool 4.1.2 to get a custom ipsw) but after I enter DFU mode (pwnage tool says “UR in”) i select the custom ipsw in itunes and it says my device isn’t eligible… what’s going on?

    Thank you

  • ceiji

    i get the same error too.. says my device is not eligible.. any help?

  • IndiePhoenix

    Yes, I also got on a Mac “device is not eligible” and on a PC error 3194… Any help?

  • Jordan

    Would it also work if you don’t enter DFU mode? You create the IPSW file and press shift (in windows, when you launch iTunes) the same way you would do a manual update?

  • Dan

    okay i have a question.. ive done all the steps til u hit option and click restore.. then itunes tells me that my phone can’t restore to that build.. and my only option is more info which does nothing for me or ok. ive done the build 2 times.. so i did just cydia and not add other stuff and it did it as well.. did i do something wrong?

  • pedro

    I got a message on the iTunes:
    The iphone “iphone” could not be restored. This device isn’t elegible for the requested buid.

    can any one help me with this?

    Thank you