Jailbreak

Check out the most comprehensive jailbreaking coverage on the internet, including the latest news, apps, tweaks, and detailed tutorials about everything jailbreak.

Apple Reminds Us That jailbreaking Is Illegal

Sébastien Page ∙ Updated January 28, 2019

In case you're not aware of it, you can't legally jailbreak or unlock your iPhone. You can't! I know what you think. You bought this phone and you should be able to do whatever you want with it but it is not legally correct. The software installed on the iPhone is copyrighted by Apple and by jailbreaking it, you alter the software, getting yourself into a copyright infringement.

After having my share of troubles with Apple's lawyers and during a phone meeting with their top copyright lawyer, he actually informed me that jailbreaking was illegal, but they can't go after every jailbreaker for obvious reasons...

About a month ago, I published an article about the EFF petition to make unlocking and jailbreaking exempt from the DMCA. Basically, it's a petition to make it legal for you do jailbreak your iPhone if you feel like it. In their asshole way of doing business, Apple replied quite extensively to the petition, obviously saying they don't want the jailbreak to be made legal, which I disagree with, but completely understand.

So what can happen? Most likely nothing! Jailbreaking will not be made legal; I really don't think so. On the other hand, jailbreaking will not be made illegal either. Still, it's interesting to see EFF fight for us.

Engadget has a pretty good post about it. Read it for more info.

Read More

RedSn0w iPod Touch 2G Jailbreak

Sébastien Page ∙ February 1, 2009

The long awaited RedSn0w jailbreak for iPod Touch 2G is now available but let me tell you right now that it is not for the feint of heart! Indeed the Dev Team released RedSn0w yesterday in a very discrete way as they didn't even mention it on their blog.

The main reason why RedSn0w was so quietly release is probably due to the fact that this version is what could be considered as a pre-release and it is "a no frills tethered jailbreak for iPod Touch 2G " as the Dev Team puts it in the read me file.

RedSn0w is in fact a tethered jailbreak and if you're sure about what you're doing, you should even try. You will have to use RedSn0w at your own risk and the Dev Team was clear that it will not provide any support.

WE WILL BE PROVIDING ABSOLUTELY NO SUPPORT FOR THIS!!!!! If you post comments on our blog looking for support, we reserve the right to ban your user ID from the blog. You really shouldn't be doing this unless you understand it all enough to not need support!

This version is for Mac only and does not include a GUI but if you know your way around a computer, you should be able to have it run on Linux and Windows. I haven't tried it myself as I don't have an iPod Touch 2G but so here are the instructions straight from RedSn0w.com. For the full read me file, go to the website.

----------------------------------------------------------------------------- rslite ----------------------------------------------------------------------------- This is an interface to the DFU and Recovery modes of the device. It requires you to have libusb installed on your Mac. Due to buggy interaction between libusb and the Apple device, any output that is long gets all chewed up. But if you stick to just the "!" and the "#" commands, you won't notice. We don't normally use this tool but it's a lot easier to distribute and compile than the GUI we use. The "!" (exclamation point, no quotes when you use it) sends a file. The "#" (pound sign, no quotes when you use it) sends a script. In both cases, you name the file right after the symbol. ----------------------------------------------------------------------------- Basic instructions ----------------------------------------------------------------------------- Note: these are the bare bones instructions. Please don't come to us looking for more detailed instructions. Preparation 1) Copy the FirmwareBundles and CustomPackages directories into your PwnageTool.app/Contents/Resources directory 2) Create a custom 2.2.1 ipsw with PwnageTool in Advanced mode. Don't enable custom boot logos. 3) From your custom 2.2.1 ipsw, extract these (patched) files: iBSS.n72ap.RELEASE.dfu (name it iBSS221pwn.dfu) iBoot.n72ap.RELEASE.img3 (name it iBoot221pwn.img3) 4) From the official 2.1.1 ipsw, extract this (unpatched) file: iBSS.n72ap.RELEASE.dfu (name it iBSS211.dfu) Installing the jailbroken custom ipsw 5) Put your ipt2g into DFU mode using keypresses. Don't have iTunes running! 6) Start rslite. Send the official iBSS from 2.1.1: !iBSS211.dfu 7) Start rslite again. Send the redsn0w-lite patch: #pwn211ibss.txt 8) Send the patched iBSS from 2.2.1: !iBSS221pwn.dfu 9) Use iTunes to do a full restore using your custom 2.2.1 ipsw Tethered boot After the install, your ipt2g will not be bootable without assistance from a tethered computer. The method in this README.txt requires you to go into DFU mode, but you should be able to find (or work out on your own) other more convenient ways. 10) Repeat steps 5-8 11) Send the patched iBoot from 2.2.1: !iBoot221pwn.img3 Your homescreen should soon show up. You can then start iTunes.

If any of you guys try this, please let us know how it goes in the comments...

Read More

PwnageTool 2.2.1 Guide & Tutorial

Sébastien Page ∙ Updated January 23, 2016

This tutorial will show you how to use PwnageTool to jailbreak your iPhone firmware 2.2.1. Note that PwnageTool only works with Mac OS X. PwnageTool will create a custom 2.2.1 firmware that you will then load to your iPhone. This will allow you to update your iPhone without updating the baseband, which is a very important feature if you're considering using YellowSn0w to unlock your iPhone.

Read More

Dev Team Updates QuickPWN and PwnageTool for 2.2.1

Sébastien Page ∙ Updated November 12, 2019

I thought the Dev Team would release updated version of QuickPWN and PwnageTool sometimes next week, but as usual, they were faster than I expected. In a blog post, the Dev Team gives us more info about these 2 jailbreaking tools and also tells us about the dos and donts.

I could try to paraphrase what they said but I think it's better I just copy/paste their post entirely. I do not like doing this but I believe it is very important information that shouldn't be disregarded.

I highly suggest you go visit the Dev Team blog and leave a nice comment over there. Click here to read this post on the Dev Team blog.

You can expect a QuickPWN guide and tutorial from me within the next couple hours, so stay tuned!

UPDATE:

Tutorial for QuickPWN: QuickPWN 2.2.1 Guide Tutorial for PwnageTool: PwnageTool 2.2.1 Guide

This is the low down on our tools for use with the 2.2.1 firmware from Apple, read the whole post in full before attempting anything.

GOLDEN RULE: If you have a 3G iPhone running 2.2 firmware and you want to keep your ability to use yellowns0w (or the option to use it in the future) do NOT use QuickPwn, and do not use the official ipsw or the iTunes update process without using PwnageTool. Yellowsn0w will NOT work with the baseband version (02.30.03) that is present in the recent 2.2.1 update  - you will need to create a custom ipsw that will allow you to update safely without affecting the baseband. Please read all parts of this post before downloading and using these tools. Read items 1, 2 and 3 again and again. At the bottom of this post are the bittorrent files for the latest versions of PwnageTool and QuickPwn. These apps are suitable for the recent 2.2.1 release. The Yellowsn0w version has been updated to 0.9.7. Yellowsn0w is available from Cydia or Installer - this version allows compatibility with pwned 2.2.1 system (not baseband) - again - remember 0.9.7 yellowsn0w DOES NOT WORK WITH 2.2.1 (02.30.03) directly - you need to be running a ‘pwned’ version of 2.2.1 which doesn’t upgrade the baseband. Users of OS X 10.5.6 will be unable to use DFU mode correctly, please see the note towards the end of this post to easily fix this issue.

Baseband 101

The ‘baseband’ is the generic name given to the internal components of the iPhone that handle the phone calls and Internet access. This ‘baseband’ is a tiny and unique independent computer system that runs inside your iPhone, it is separate to the main system that handles the applications (such as email and google maps) and it talks to the main part of the phone over an internal communications network. Think of it like a cable modem or other peripheral that is attached to your home PC that needs occasional updates. When a software update is released and presented to you within iTunes the baseband is sometimes updated (to fix bugs or add new features). The 2.2.1 update for the iPhone 3G contains such an update, so running the vanilla updater straight away with iTunes will reprogram and update the baseband. This could be bad for certain people, depending on your ultimate aim.

SIM Free/SP Unlocked/Factory Unlocked iPhone 3G

This applies if you bought your iPhone 3G for $$$$$$$. This model of iPhone 3G doesn’t have an Service Provider lock (aka factory unlocked) and you are able to put any SIM card into the phone and get service. Your phone is already unlocked so you do not need to worry about baseband updates, simply upgrade to 2.2.1 using iTunes and then use QuickPwn to Pwn and Jailbreak. This will add Cydia and Installer too.

Locked iPhone 3G - Preserve Baseband

This applies if you have a locked iPhone 3G and you wish to update to 2.2.1 but preserve the iPhone’s current baseband software. Preserving the baseband will ensure that you can still use “yellowsn0w” the iPhone 3G unlock application. To upgrade your phone to 2.2.1 and preserve the state of the baseband you need to create a custom .ipsw with PwnageTool. This custom .ipsw will not contain the baseband update but of course will still give you any new stuff from 2.2.1

There are plenty of tutorials about this process on the web, but PwnageTool contains intuitive graphics and easy to follow prompts that should have you up and running in no time at all. Please note: PwnageTool is only available for Mac OS X.

Locked iPhone 3G

If you are using your iPhone with one carrier and have no interest in the possibility of an iPhone 3G unlock in the near future then just restore or upgrade to 2.2.1 using iTunes and use QuickPwn to Jailbreak and add Cydia and Installer.

iPhone 2G (1st Generation)

Update or Restore your iPhone 2G with iTunes then run QuickPwn to do the magic, ‘nuff said, you don’t need to worry about anything. iPod Touch 1G (Original iPod Touch)

Update to 2.2.1 with iTunes and run QuickPwn. iPod Touch 2G (New iPod Touch)

Sorry, no support at this time, but Redsn0w is being actively researched and developed.

Fixing DFU mode on 10.5.6

As noted previously OS X 10.5.6 introduced a bug that affected the use of DFU mode. with some Macs. There have been previously published hacks and techniques to fix this, but here is another method that can be used to easily restore functionality.

You will need an account with ADC (Apple Developer Connection) this is free and takes a few minutes to sign up, you should read the terms and conditions carefully and you should only sign up if you are thinking of developing applications in the future - http://developer.apple.com/mac/ Download the disk image “IOUSBFamily Log release for Mac OS X 10.5.5 Build 9F33” (yes, that is a “5” in 10.5.5 - this is a developer debug package of the USB kernel extension). Install IOUSBFamily-315.4.1.pkg from within the disk image Reboot your system!

Official Bittorrent Releases -

PwnageTool 2.2.5 for Mac OSX is here SHA1 Sum - 8fe2f20c00f48b37d8262d6872a12166c6e165ba QuickPwn 2.2.5 for Mac OSX is here SHA1 Sum - 2f1353242ef10dc408e95786643e497fcd04e4ea QuickPwn 2.2.5-2 for Windows is here SHA1 Sum - 82aae63218316af42e4fa20f8c69d9eb4fe9d4ee

Click here for the official blog post by the Dev Team.

Read More

Sorta QuickPWN 2.2.1 Is Out. I Say Stay Away

Sébastien Page ∙ January 29, 2009

I knew it wouldn't take long for some hacker to come up with an unofficial version of QuickPWN to jailbreak the new firmware 2.2.1. This time, it's Russian hacker Vortex that created the bundles and if I can give you a piece of advice, STAY AWAY from it.

People using this unofficial QuickPWN had varied results. So again, wait for the Dev Team to come up with an official version. They are most likely already working on it and I bet you we'll have updated versions of QuickPWN and PwnageTool within a week.

As usual, I will give you the heads up when I have more info!

If you really can't wait and want to take the risk of messing up your iPhone, then you can download this unofficial version of QuickPwn here.

UPDATE: Just got a tweet from MuscleNerd saying "iphone users in particular (even 2G) can do permanent damage running "untrusted" bundles (either broken or intentionally bad)"

If I wasn't clear enough before... DO NOT USE unofficial versions of QuickPWN or PwnageTool!

Read More

RedSn0w FAQs – Everything You Wanted To Know About RedSn0w

Sébastien Page ∙ Updated January 29, 2016

After hearing about RedSn0w and watching the video demo, you most likely have many questions. Most answers to these questions are in the Dev Team's blog, but given then amount of comments, it's not really easy to find what you want.

Fortunately for us, Caleb Mingle wrote a nice FAQ page with most question related to RedSn0w you can think of, such as:

What exactly is a 'tethered' jailbreak? Will you give us an ETA for release? What is this: 32957a35889c4dd2f8dfe483dd9023eafb6b4a22? Has anyone decoded it? I heard that this mod involves modifying hardware.. am I right? Is this jailbreak more difficult then the other jailbreaks? Do you think all Cydia apps will work properly on the 2G? etc...

Go over there to get answers to your RedSn0w questions!

Read More

RedSn0w Demo

Sébastien Page ∙ January 17, 2009

Dev Team member MuscleNerd showed us a demo of RedSn0w running on an iPod Touch 2G earlier today on Qik. The video reveals that RedSn0w is a patch that keeps the iPod Touch from detecting the jailbreak and stopping it from booting. Absolutely brilliant! RedSn0w is still not ready for a public release but as I said before, I am pretty sure it will be released before the end of the month.

Read More

The RedSn0w Release Is Now Imminent

Sébastien Page ∙ Updated January 29, 2016

If you have followed this blog and the coverage of RedSn0w, I guess you'll be interested to learn about an update the Dev Team posted on its blog about RedSn0w.

Here is the news, in the Dev Team's own words:

Update 2: A picture is worth a 1000 words but a video might be better in this day of Photoshop and fake YouTube videos.  So we’re thinking of doing what we did before Christmas for yellowsn0w — show a demo of the jailbreak on Musclenerd’s Qik account (announced via his twitter account over there on the right hand side).  Since Qik provides a live chatroom right next to the video, we’ll probably be in there too right after the video’s over. Note: anybody posing as any devteam member on that chat right now is faking it.  We won’t be on that chat except for a very specific time that we’ll announce. (We may possibly not even do the chat since it’s so ripe for abuse).

It's still not been officially said that RedSn0w is a jailbreak for the iPod Touch 2G but such screenshot kinda gives it away... If I had to make a guess on when RedSn0w will be released, I would say "before the end of the month". But hey, I'm right only 99% of the time...

Read More

FreeYourPhone.org Petition To Make Unlocking, Jailbreaking Exempt From DMCA

Sébastien Page ∙ Updated March 27, 2017

Jailbreakers and unlockers unite! Now is the time to get heard and do something against to make jailbreaking and unlocking legal. Yes, in case you didn't know, jailbreaking your iPhone is technically illegal. If you're like me, you're probably thinking something alon these lines: "fuck that! I paid for this phone so I should be able to do whatever I want with it". Truth is you legally can't!

The Electronic Frontier Foundation created FreeYourPhone.org in order to collect signature from people like us to appeal to the Copyright Office:

Hundreds of thousands of cellphone owners have modified their phones to connect to the network or run the software of their choosing, and many more would like to. But the Digital Millennium Copyright Act poses a legal threat to phone users, even though the law was supposed to protect copyright owners and distributors of digital music and movies. This threat of litigation has driven consumers underground, stifling innovation and competition.

Now, you can support EFF's request that the Copyright Office grant an exemption to the DMCA that will protect phone users.

After submitting your electronic signature,

Read More

RedSn0w Through Safari?

Guest Author ∙ Updated January 23, 2016

I read an article saying that there is a flaw on desktop Safari:

I have discovered that Apple's Safari browser is vulnerable to an attack that allows a malicious web site to read files on a user's hard drive without user intervention. This can be used to gain access to sensitive information stored on the user's computer, such as emails, passwords, or cookies that could be used to gain access to the user's accounts on some web sites. The vulnerability has been acknowledged by Apple.

Now this got me thinking.... RedSn0w.com = on the fly jailbreak?

Think about it. If their website accesses your iPod and does the things necessary either to jailbreak on the go or to prepare for a jailbreak (Chronic Dev said that the exploit is in some sort of file in 2.1.1); this could be interesting and true.

This is one of the only reasons I can think of for the RedSn0w domain.

I do not know if mobile Safari has the same weaknesses as desktop Safari; but it could . There are some Safari exploits that actually crash your iPod (try this to crash yours if you dare!) ; I had to connect mine to the power to get it to restart. But whatever the Dev Team has up their sleeves should be interesting.

Read More

RedSn0w Is The iPod Touch 2G Jailbreak

Sébastien Page ∙ January 14, 2009

Let me toot my own horn for a second here... As usual, I was right... RedSn0w is indeed the future iPod Touch 2G jailbreak and the Dev Team is clearly working on it as we speak. Earlier today, the Dev Team published a post on their blog titles "Thermonuclear Pop":

Well it isn’t a British Thermonuclear Device. It isn’t an episode from “The Twilight Zone” And it certainly isn’t iPhone 3G related (right now) There is one other device… It fits in your pocket.. What can it be?

If you're not convinced yet, I invite you to read some of the comments on their blog, especially this one, where MuscleNerd confirms RedSn0w is iPod Touch 2G related. Now the question is: when can we expect this ipt2g jailbreak? Only time (and the Dev Team) will tell...

Read More

JailBird, Supposedly A Replacement To WinPwn

Sébastien Page ∙ Updated November 12, 2018

A new application called JailBird is about to come out, and the developer, difrnt, already talks about it as the replacement for WinPwn.

According to difrnt:

Jailbird is meant to be a replacement for WinPwn, this means unlike Quickpwn, you will be able to generate a Custom IPSW and change your partition size! Jailbird will support all 2.0 firmwares from 2.0 - 2.2 and will be the first GUI based pwnage tool for Windows that supports FW 2.2.

It was quite unclear to me what JailBird does so I emailed difrnt and asked what device it jailbreaks or unlocks and why would I use JailBird over QuickPwn.

Here is his reply:

It will Jailbreak the iPhone 2G, iPhone 3G, and the iPod Touch there is not yet support to jailbreak the iPod 2G.

Jailbird works like Pwnage-Tool just on the windows platform.

Unlike QuickPwn, Jailbird will be able to generate a custom IPSW (firmware) that when restored with iTunes will return a Jailbroken iDevice unlike quickpwn where you are required to restore the default firmware then "quickpwn it" to get a jailbroken device.

I look forward to the release of this new tool so I can try it out and see what it's worth.

Read More