How to Jailbreak with RedSn0w

What is RedSn0w?

RedSn0w is a jailbreak tool developed by the Dev-Team. Originally called QuickPWN, this jailbreak tool was quickly renamed, and has now become a household name for most jailbreakers. Unlike PwnageTool, RedSn0w works for both Mac and Windows, and is considered to be one of the most reliable jailbreaks by the whole community.

Latest Versions

The latest version of RedSn0w is 0.9.15b3
The latest untethered jailbreak using RedSn0w is iOS 5.1.1
The latest tethered jailbreak using RedSn0w is iOS 6.0.1
The latest beta jailbreak using RedSn0w is iOS 6.1 beta 4

Essentials

Basic RedSn0w Tutorials

Advanced RedSn0w Tutorials

Managing SHSH Blobs With RedSn0w

Advanced RedSn0w User Preferences

What Device and iOS Version Can RedSn0w Be Used With?

To date, RedSn0w can be used to jailbreak the following iOS devices:

  • iPhone 5: none
  • iPhone 4S: iOS 5.1.1, iOS 5.0.1, iOS 5.0
  • iPhone 4: iOS 6.0.1, , iOS 6, iOS 5.1.1, iOS 5.1, iOS 5.0.1, iOS 5, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3, 4.2.6, 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3
  • iPhone 3GS: iOS 6.0.1, iOS 6, iOS 5.1.1, iOS 5.1, iOS 5.0.1, iOS 5, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3, 4.2.6, 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3
  • iPhone 3G: 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3
  • iPad 3: iOS 5.1.1
  • iPad 2: iOS 5.1.1, iOS 5.0.1
  • iPad 1: iOS 6, iOS 5.1.1, iOS 5.1, iOS 5.0.1, iOS 5, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3, 4.2.1, 3.2.2
  • iPod Touch 4G: iOS 6.0.1, iOS 6, iOS 5.1.1, iOS 5.1, iOS 5.0.1, iOS 5, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3, 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3
  • iPod Touch 3G: iOS 5.1.1, iOS 5.1, iOS 5.0.1, iOS 5, 4.3.5, 4.3.4, 4.3.3, 4.3.2, 4.3.1, 4.3, 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3
  • iPod Touch 2G: 4.3.4, 4.2.1, 4.1, 4.0.2, 4.0.1, 4.0, 3.1.3

This list will be updated as new versions of RedSn0w are released.

When Not to Use RedSn0w

Because RedSn0w used to require you to update your device to a newer version of iOS in order to jailbreak it, we used to strongly suggest that those of you who unlock the iPhone stay away from RedSn0w, as it might cause you to lose your ability to unlock.

That’s no longer the case. If you rely on an unlock for your iPhone and still want to run and jailbreak the latest iOS version available, you can use RedSn0w, PwnageTool or Sn0wBreeze. All three tools will allow you to update to a newer firmware and jailbreak it while preserving your baseband, which is the key to your unlock.

Download RedSn0w

RedSn0w is a very light utility that can be downloaded in just a few seconds. As mentioned above, RedSn0w will work with both Mac and Windows.

You can download RedSn0w from our downloads section. You will see that there are several versions available there, but we suggest you always use the latest version available. RedSn0w usually is compatible with older iPhone firmwares, so even if you want to jailbreak iOS 4.3.2 for example, you might still want to download the newer version of RedSn0w.

Tethered vs Untethered

RedSn0w has the ability to perform both tethered and untethered jailbreaks depending on the device and the firmware version the device is running. An untethered jailbreak is the most desirable because it allows you to reboot your device at will without needing to perform a tethered boot with the aid of a computer.

A tethered jailbreak, on the other hand, means that if you’re out and about and your device reboots, it will be unusable until you can perform a tethered boot with the aid of a computer. The chances of this happening are slim, but it is a definite annoyance if it happens to occur while you’re away from your computer. Some strides have been made to lessen the impact of tethered jailbreaks by using a so-called semitethered boot. The semitether, is a package that allows you to reboot the device and maintain limited functionality for phone calls and such until you can get back to your computer to perform the tethered boot.

For more information on the different types of jailbreaks, see the following video explanation:

How to Put Your Device into DFU Mode

Learning how to reliably place your iDevice into DFU mode is a step that you must learn if you want to be an effective jailbreaker.

DFU mode stands for Device Firmware Upgrade mode and differs from the restore mode with the iTunes logo that you may be used to. DFU mode differs from recovery mode because it does not load the boot loader, hence you will see a solid black screen instead of the more friendly “connect to iTunes logo”. Getting into DFU mode is super easy, but it does require some practice. We generally recommend putting your device into DFU mode prior to even starting any jailbreaking actions, because it just makes the process more seamless.

To place your device into DFU mode, do the following:

Step 1: Connect your device to your computer

Step 2: Hold the Home + Power buttons on your device simultaneously for 10 seconds.

Step 3: Release the Power button without releasing the home button. Continue holding Home for another 10 seconds.

Step 4: Release Home, and your screen should stay completely black. If so, chances are you successfully entered into DFU mode.

Notes: If iTunes is configured to do so, iTunes will open and report that: “iTunes has detected an iPhone in recovery mode. You must restore this iPhone before it can be used with iTunes.” If your screen is black and iTunes reports this message, this is a surefire indicator that you are successfully in DFU mode.

To kick your device out of DFU mode, simply hold Home + Power for 10 seconds and release. The Apple logo should then appear.

For more help with DFU mode, see the following video explanation:

How to Jailbreak A4 and below (no A5) device With RedSn0w

Jailbreaking your iDevice with RedSn0w is extremely simple as long as you follow the directions. Every time a new firmware is confirmed to be jailbreakable, we will post a new video that shows you how. The latest jailbreakable firmware is iOS 5.1.1. Please see the video below that shows how to jailbreak this firmware with RedSn0w using DFU traditional method. This method works with A4 devices and below only. For this reason, it is preferable if you use the non-DFU method below, unless you meet special circumstances outlined here.

How to Jailbreak an A4 and below + A5 Device With RedSn0w

With the release of RedSn0w 0.9.12b1, you can now jailbreak A5 devices on iOS 5.1.1 (iPad 2, iPhone 4S, iPad 3) using the Rocky Racoon exploit. This jailbreak was previously not incorporated into RedSn0w; instead you had to rely on the standalone Absinthe tool, or the Rocky Racoon untethered jailbreak tweak from Cydia. With the latest version of RedSn0w, it is now possible to untether jailbreak A5 devices running iOS 5.1.1.  This method also works with A4 devices and below running iOS 5.1.1. This is the preferred method to use when jailbreaking with RedSn0w.

Tethered Booting With RedSn0w

Tether Booting is the action of booting an iDevice that has been jailbroken using a tethered jailbreak. Unlike untethered jailbreaks, tethered jailbreaks require a tethered boot anytime you wish to reboot the device. Please see the video below for a tutorial that shows how to perform a tethered boot with RedSn0w.

Preserving Baseband With RedSn0w

Preserving your baseband is useful if your current baseband is unlockable, and you want to keep that baseband but still upgrade your firmware to the latest version. Newer versions of RedSn0w are now capable of preserving your baseband, which was once a feature that was exclusive to the Dev Team’s PwnageTool jailbreak tool. Please see the video below that shows how to preserve your baseband with RedSn0w.

Using Pwned DFU Mode

Pwned DFU mode is almost the same as normal DFU mode with a slight twist. Unlike regular DFU mode, Pwned DFU mode allows you to use iTunes to restore your iDevice with custom firmware (IPSW) created by Preserving your Baseband with RedSn0w.

Please refer to our Preserving Baseband With RedSn0w video for additional insight into Pwned DFU mode. Pwned DFU is also needed when following our downgrade tutorial referenced in our How to Use the Recovery Fix section below. You only need to use this mode when you have created and are restoring your iDevice using custom firmware. In every other circumstance, normal DFU mode should suffice.

How to Use the Recovery Fix

The RedSn0w recovery fix option is instrumental for those moments when you receive recovery errors when performing restores in iTunes. It’s especially useful when attempting to downgrade firmware that is no longer being signed by Apple.

Here is an example of the error that you may receive in iTunes that the Recovery Fix can remedy:

The following video showcases how to use the Recovery Fix option when downgrading iOS 5 back to iOS 4.

How to enter DFU mode with a broken Home button

Starting with RedSn0w 0.9.14b2, you can now restore your device and force it into DFU mode using the DFU IPSW option in the Extras > Even more > options.

By pointing to a stock firmware file, you can create a firmware that will place your device into DFU mode after a restore with iTunes. Please view our full written tutorial, and the video walkthrough below for more info.

How to jailbreak iOS 6

The official public version of RedSn0w supporting iOS 6 was released, and with it comes Cydia support as well. You no longer need to install Cydia manually, as we explain in our full tutorial.

How to jailbreak iOS 6.0.1

You can now jailbreak ioS 6.0.1 using RedSn0w using our jailbreak tutorial found here. Also, check our video walkthrough below for a step-by-step visual tutorial.

How to jailbreak iOS 6.1 beta

If you’re a developer using the iOS 6.1 beta, it is possible to jailbreak iOS 6.1 beta using the latest version of RedSn0w. In order to do so, you must select the iOS 6.0 public IPSW as we explain in our tutorial here. Be sure to watch our video below as well.

Managing SHSH Blobs With RedSn0w

Fetch:

Submits your SHSH blobs to Cydia. Requires DFU mode.

Verify:

A method to verify what SHSH blobs are available. Requires DFU mode.

Submit:

Submits blobs residing on your Mac or PC directly to Cydia for caching. No DFU mode required

Query:

Queries the Cydia server about all blobs for a device. Uses the ECID to accomplish this, no DFU mode required.

Stitch:

Stitching is a feature that allows you to create an all encompassing IPSW firmware file that can always be used regardless of whether or not Apple is still signing that particular firmware. Stitching combines both the firmware file with the SHSH blob for that device to allow you to downgrade at anytime. This is a highly recommended procedure to do every time a new Firmware version is released. It will ensure that you can always easily go back to a previous firmware with minimum steps. Please see the following video tutorial to learn more about stitching. Note: Stitching is not yet compatible with iPhones.

Advanced RedSn0w User Preferences

ECIDs:

This will list all of the ECIDs for all devices used by RedSn0w.

Boot args:

Boot arguments give you the ability to execute advanced commands while running RedSn0w. These are generally reserved for the accompanying boot-ipt4g command line tool, but can be executed in GUI mode as well. Please refer to boot-ipt4g.command for valid boot args.

Boot logo:

Allows you to designate a specific boot logo to replace the standard “Pwnapple” boot logo. Should be PNG format.

Backup:

Starting with RedSn0w 0.9.10b8, you can now back up arbitrary files. The purpose of this was initially intended to backup activation tickets for the SAM unlock procedure. The SAM unlock no longer works, but if you were able to generate an activation ticket with SAM before Apple fixed the issue with their activation server, it’s a good idea to use RedSn0w’s new backup feature to save off your activation ticket.

By doing this, you will be able to restore your activation ticket, and unlock your iPhone to work with that SIM, even if you’ve restored your iPhone.

You can also use the Backup option to backup any other files you have stored on your device. All you need to do is input the specific path that you want to backup. Your device will need afc2 installed to use this, but that generally comes prepackaged with most jailbreaks, including RedSn0w.

Restore:

Starting with RedSn0w 0.9.12b1, you can now easily restore SAM unlock activation tickets. RedSn0w gives you the option to restore an indivudual plist file that you backed up manually, or restore a full Lockdown.zip file that you created using the backup feature above.

See our full SAM unlock activation ticket restore tutorial for more details.

Downgrade:

Starting with RedSn0w 0.9.11b1, you can downgrade to iOS 5.0.1 from higher firmware on an A5 device (iPad 2 or iPhone 4S only). This downgrade option only works when you have SHSH blobs saved for iOS 5.0.1 either locally or on Cydia.

The ability to downgrade is something that can be fixed with a future firmware upgrade by Apple, but for some reason they decided not to fix it with iOS 5.1.1. For that reason you are able to downgrade iOS 5.1 and iOS 5.1.1 to iOS 5.0.1 if you have your SHSH blobs saved for 5.0.1.

Please see our video walkthrough, and tutorial on downgrading with RedSn0w for a step-by-step guide on the entire downgrade process. We also have a dedicated Windows tutorial for downgrading with RedSn0w.