How to Jailbreak iPhone 4.3.2 with PwnageTool [Tutorial]

By , Apr 24, 2011

The Dev Team has updated the popular jailbreak tool, PwnageTool, with an untethered jailbreak for iOS 4.3.2. PwnageTool now joins RedSn0w and Sn0wbreeze as the third tool that can jailbreak iOS 4.3.2.

In this tutorial, we will show you how to use PwnageTool to jailbreak your iPhone 4.3.2 while also preserving your baseband. PwnageTool is for Mac OS X only and is the only way to preserve your baseband to make sure you can unlock later…

Step 1: Download PwnageTool from our downloads section. Download the iOS firmware for your device. (Try using ipswDownloader or check our downloads section.) Save your IPSW to your desktop.

Step 2: Open PwnageTool and agree to the warning.

Step 3: Select your device model and click the arrow to continue.

Step 4: Select “Expert Mode.” PwnageTool will ask you to either use the firmware you downloaded in step 1, or to browse for firmware on your computer. If you downloaded your IPSW to your desktop, PwnageTool should find it automatically. Select the firmware and click the arrow to continue.

Step 5: Select “General” and click the arrow to continue.


Step 6: If you are on an official carrier (such as AT&T, etc.), do not select “Activate the phone” and make the root partition to about 1,000 MB. Click the arrow to continue.

Step 7: You will now be taken to the customize Cydia settings. You can now select packages to be pre-installed on your jailbroken iPhone. This is a great method to install jailbreak apps directly and save you time later on. For the purpose of this tutorial, we will not install any packages. Click the arrow to continue.

Step 8: You will now be taken to the “Custom Packages Settings”. Make sure “Cydia Installer” in selected. Click the blue arrow to continue.

Step 9: Select “Build” and click the arrow to continue.

Step 10: Select a location (like the desktop) on your computer to save your custom IPSW. PwnageTool will now build your custom firmware. This could take a few minutes.

Step 11: When done, PwnageTool will ask you to connect your iPhone to your computer and enter DFU mode. Plug your iPhone into your computer to start jailbreaking.

Step 12: PwnageTool will now guide you into DFU mode. Simply follow the instructions on the screen. Hold the Power and Home button together for 10 seconds. Release the Power button while still holding the Home button for 10 seconds. Your iPhone should then enter DFU mode and PwnageTool will let you know you once you’ve entered DFU mode.

Step 13: Launch iTunes. iTunes should tell you it has detected an iPhone in recovery mode. Click OK to confirm.

Step 14: Still in iTunes, hold the Option/Alt key on your Mac while clicking on Restore. Make sure you are holding the Option key, not the Command key. iTunes will give you the option to select a firmware from your hardrive to restore. Select the custom ISPW firmware you created and saved in step 10.

Step 15: iTunes will now restore your iPhone using the custom IPSW. It should take a few minutes. Once the restore is complete, your iPhone will be jailbroken and running iOS 4.3.1. You should now have Cydia on your iPhone.

Congrats, you just jailbroke your iPhone!

Let us know how PwnageTool works with iOS 4.3.2. Did you have a successful jailbreak? Share your stories in the comments!

  • Share:
  • Follow:
  • azharhamzahya

    Yeah,PwnageTool FTW.Thanks

    • azharhamzahya

      Worked perfect for me.No issue with Cydia. Jailbreak + Unlock.Thanks guys

  • John

    How Stable is it?

  • MisterZ

    Step 0: Connect your iPhone to iTunes and perform a backup. This is important so that you can restore later on Step 15.

    • JoBerlin

      That’s true. But on major upgrades (I upgraded from 4.2.1 to 4.3.2) I prefer a clean Install. The backups is good in case I have to go back to the older version of iOS.

  • 2meu

    any info on the verizon iphone 4 4.2.7 jailbreak?

  • Mir

    i ended up locking my Iphone 4 running 4.3.2!!!
    it’s asking to activate teh phone with a sim card so cna anyone please help me how to activate without a sim card???

    • JoBerlin

      Build a new custom IPSW. In step 6 (picture below the text for step 6): It’s really important that you check the box “Activate the phone”. Install that new custom IPSW and everything should be fine.

  • JoBerlin

    I upgraded from 4.2.1 to 4.3.2. Like I wrote in the reply to MisterZ I did a clean install. Everything’s running smooth so far.
    And here’s a little HOWTO for setting up the phone up from scratch without loosing anything important (I’m not responsible if you screw up your phone and this HOWTO may contain errors. I suggest you should only try this if you know what you’re doing!):
    You’ll need: Cyberduck and Terminal on the Mac and sshd and AppLinks (both available from Cydia) on the phone.
    1. Run AppLinks on the phone. A directory with links to all installed apps.
    1a. Remove the simcard to prevent being interrupted. Otherwise you might have to backup the sms.db several times.

    *For the following steps: note the owner and read/write permissions for all files!
    2. Start up Cyberduck and connect to your phone. Save the following:
    SMS: /private/var/mobile/Library/SMS/sms.db
    Safari (Bookmarks&History) but only if you don’t sync the bookmarks: /private/var/mobile/Library/SMS/Safari
    Some more:
    Contacts /private/var/mobile/Library/AddressBook
    Mail: /private/var/mobile/Library/Mail
    Calendar: /private/var/mobile/Library/Calendar
    Call History: /private/var/mobile/Library/CallHistory
    Notes: /private/var/mobile/Library/Notes
    Like I stated before: Don’t backup stuff that gets synced anyway. Connect your phone to iTunes and check the “Info” section of your phone. Don’t backup the content that gets synced (e.g. calenders, notes, contacts, …) because it’ll confuse iTunes. You might end up with having all notes 2 times and other strange effects!
    Have a look around in the Library what else you might need that is not synced with iTunes. For example JailBreak stuff.

    2a. Photos:
    /var/mobile/Media/DCIM save all the ###APPLE directories. Your pictures are inside those.
    Save the .MISC directory. It contains THE COUNTER! so camera.app knows which number the next picture should get. The results will be really weird if you don’t save it. If you don’t put the pictures back and keep them on you computer you don’t have to worry about the counter.

    3. Save data and settings from your important apps:
    thx to AppLinks you’ll find links to all apps and games in /private/var/mobile/AppLinks/ for example Motion GPS X is in GPS.app. Backup the subdirectories Documents, Library and tmp.

    4. Install the (new) jailbroken!!! iOS. iTunes will ask you if you like to use a backup or set up as a new phone. Choose new phone here.
    5a. Install all the apps you had installed before.
    5b. Install ssh and AppLinks from Cydia.
    5c. Run AppLinks

    Start up terminal on your mac and ssh into your phone as root. The standard password for the users root and mobile is alpine. Change the passwords: run passwd on the phone!
    6. Copy all files you backed up before back into the correct directories of your phone. Copy the Documents, Library and tmp directories back into the apps. Rename files and directories before you replace them: e.g. Documents -> Documents.old. This is a precaution in case something goes wrong!

    For every file or directory do this before copying back the next file(s)/directorie(s):
    6a. Change the owner of all files and directories, that were in /private/var/mobile/ or subdirectories, back to mobile (it’s the standard user on the phone) with this command: chown mobile file_name or whole directories: chown -R mobile directory_name. If you noted root as the owner during backing up you don’t have to change the owner.
    6b. Correct the read/write permissions to the values you noted during backup. But most common are 644 for files and 755 for directories. The commands are chmod 644 file_name and chmod -R 755 directory_name.

    7. Start all apps and games you backed up to see if they are running. If something is broken: delete the data you copied to the phone. Rename the renamed directories and files back and check if it’s running now. Try copying back your backup and set the owner and permissions right. (Have a look which permissions the original files have.)

    8. Reinsert your SIM. Have a look if all old texts are back. Send yourself a text to see if everything went as expected. If you don’t receive your own text retry or ask someone else to send a text to you.
    I forgot to set the owner right once and as a result I couldn’t receive SMS. (sms.db owner: mobile permissions: 644).

    This worked fine for me. I have some *nix knowledge and use the terminal, ssh and cyberduck frequently. Don’t blame me if something went wrong.
    If you find any mistakes or have more tips please reply to this post.

  • SRUm1sh

    Thanks iDB! I could successfully update from iOS 4.1 to 4.3.2 on my iPhone 3GS with BB 6.15.00. PwnageTool rocks and so does UltraSn0w. Excellent!

  • Mike

    When I click on the Pwnage 4.3.2 it downloads PwnageTool_4.3.2.dmg.6340182.TPB.torrent that I cannot open. How do I open it? I didnt have an issue with 4.3 before because it downloaded PwnageTool_4.3.dmg. Please advice.

  • ankit_surat2000@gmail.com

    Loved It…Totally became fan of pwnage tool..thanks guys..first ever try to jail break and i did it..very helpful and easy instructions..thank you again guyz good work..keep it up..

  • AT

    Will this work with ios 4.3.2 and the 04.10.01 baseband? Thanks…

  • sOleFresh

    I am on an iPhone 4 running 4.2.1 on 01.59.00 BB. I HAVE AT&T service but like to preserve my BB for future unlocking. Now since i have AT&T should i not click the activate iPhone or yes?..I want to make sure i stay on 01.59.00. Thnx

  • A. Philski

    I also can’t seem to open Pwanage Tool because it is a torrent file. Can anyone tell me how to get this done?

  • old tom

    successful ios update and jb with pwnage tool. smooth all the way thru.

    small question tho. after updateint to 4.3.2 and using pwnage tool, i have lost the animated boot logo. I still have the boot logo setting in the factory settings list, but when i select my boot logo animation and reboot the phone, its still the stock apple logo.
    any suggestions/help would be appreciated.
    thanks
    tom

    • CP

      Using latest redsn0w.
      firstly JB by pwnage tool then run a redsn0w like a over write JB.
      But you have only chose (mark) “Allow boot animation” at redsn0w setting.
      Do not chose (mark) ”Install Cydia”.
      After redsn0w running, nothing change i.e. installed appli will not dapper,
      BB will not change, only boot animation will be installed.

  • http://www.joesnyder.com Joseph Snyder

    i have a rash on my leg? how do i get rid of it? :D

  • http://ultrasnow.eu Ultrasnow

    Is there an untethered jailbreak for 4.3.3 using Pwnage Tool? I accidentaly updated my device.

  • jimmy

    Didn’t work…
    iTunes alerts that “the iPhone could not be restored because the firmware file is not compatible”.
    Please advise???

    • JoBerlin

      Had that Problem with a friends iPhone. Try saving your SHSH with TinyUmbrella. If your phone wasn’t jailbroken before you have to switch off “Request SHSH from Cydia” in the “Advanced”-Tab. Start the TSS Server in TinyUmbrella. Now your SHSH should be stored local. Retry to update.

  • Mary Dorazio

    I Just want to thank you for the TuT! I am a Noob and it all came together Perfectly!

    Thank you!!!

  • Anna

    What do you do if you are NOT on an official carrier and you are jailbreaking it so that you can unlock it and use it on a different service (e.g. T-mobile)? Do you click “activate this phone”? Do you still set the root partition to 1000 MB?