DevTeam

Dev Team Releases Redsn0w 0.9.5b4 Jailbreak for iPhone OS 4 Beta 4

Sébastien Page ∙ Updated February 5, 2016

RedSn0w has been updated to version 0.9.5b4 by the Dev Team for the recent iPhone OS 4 beta 4. This beta release of RedSn0w is not for casual iPhone users. It is aimed at developers of jailbreak apps so they can update their applications to work on OS 4.

RedSn0w 0.9.5b4 jailbreak for iPhone OS 4 beta 4 uses the same pwnage2 DFU-mode exploit that has been using since OS 2.X, so nothing has been revealed to Apple.

Because this version is for iPhone OS 4 beta 1-4 which contain a baseband update, anyone who's remotely interested in unlocking should stay away from the OS 4 betas or even this version of RedSn0w.

Further information and instructions can be found here.

How to Prepare Your iPhone or iPad for the Spirit Jailbreak

Sébastien Page ∙ Updated March 5, 2018

Even though Comex delayed the release of Spirit, we know that we're just a few days away from the official release date. Spirit will sure be able to jailbreak your iPhone, iPod Touch and iPad, but the exploit used will most likely be patched in a matter of days by Apple.

To protect yourself in the event of an "accidental upgrade" to a newer firmware which would make you lose your jailbreak, you will have to save your SHSH blobs.

What is SHSH and why save them?

Taimur gave us a pretty good description of what SHSH are and why they are important:

"So first up, what exactly is SHSH blob or ECID SHSH? Well, it is basically is a unique signature which is checked against Apple servers whenever you decide to restore the firmware on any of your iDevice (iPhone, iPad and iPod touch). Once a new firmware is released, Apple stops signing the older firmware, hence making it impossible to restore back to the older firmware from iTunes.

Now to “why is it important to save SHSH blob”: The creator of Cydia has setup a new server which basically mimics Apple’s verification server and can save your older signature (SHSH blob) so that you can downgrade or restore back to the older firmware. This is important because if you don’t have your SHSH blob saved, and accidentally update to new firmware, you’ll loose your jailbreak and furthermore, you wont be able to downgrade back to older firmware to re-jailbreak your device."

The Dev Team warned us yesterday about the consequences and gave us simple directions on how to save our SHSH. There are 3 ways to do that:

If your iPhone is already jailbroken, you can save your SHSH on Saurik's server. If you're not jailbroken yet (ie. you have an iPad), you can use Firmware Umbrella to create a local copy of your SHSH blobs As an alternative to Firmware Umbrella, you can use autoSHSH

Note that saving or backing up your SHSH blobs is not vital or mandatory. It's just a safety step that will allow you to restore or downgrade should something go wrong in the future.

iPhone OS 4 Jailbreak: Dev Team Releases RedSn0w 0.9.5 Beta

Sébastien Page ∙ April 15, 2010

MuscleNerd announced a few minutes ago on Twitter that the Dev Team is releasing the first public jailbreak for iPhone OS 4.0 beta 1. This beta release comes roughly a week after the Dev Team jailbroke iPhone OS 4.

Although new, this jailbreak uses same pwnage2 DFU exploit that's been out for a few years so nothing major has been revealed to Apple.

This beta release of RedSn0w is not for the general public but is targeted at iPhone developers of jailbreak apps to allow them to fix their software before the official release of iPhone OS 4.

In short, if you're an average iPhone user, you should stay clear from this jailbreak.

RedSn0w 0.9.5 beta currently supports the iPhone 3G only and only works on Mac OSX, since jailbreak apps are developed on this platform.

For more information as well as directions on how to use the beta RedSn0w 0.9.5 to jailbreak the iPhone 4.0 beta 1, check out the Dev Team wiki.

Note that this jailbreak is for iPhone OS 4 beta 1 only. It will not jailbreak or unlock any other firmware.

Dev Team Jailbreaks iPhone OS 4 In Just 19 Hours

Sébastien Page ∙ April 9, 2010

That has to be one of the fastest jailbreak ever! Just about 19 hours after Apple gave us a sneak peek at the future of iPhone OS and made the beta available to developers, the Dev Team managed to jailbreak iPhone OS 4.

MuscleNerd just tweeted the following along with a video of a jailbroken iPhone running OS 4 and Veency, a VNC app for jailbroken iPhones.

Something you'll only find on JB 4.0: VNC :) http://is.gd/blzeg (BTW don't bother with betas, they're *very* buggy!)

There is no realease date and I don't think this jailbreak will even be made available until the official release of iPhone OS 4. Still, I'm getting all excited just thinking about it.

You're excited too, aren't you?

Behind The Exploits: The Dev Team

Cody Lee ∙ Updated July 24, 2016

Wow, where do you start with these guys? They are probably the reason most of you have iPhones, and they are definitely the reason Sebastien and I are writing to you guys all the time. You certainly couldn't "liberate your iPhone" without these guy's transcendent work.

Known to each other by their IRC names like "musclenerd" and "pytey", and known to everyone else as simply, The Dev Team. They are a group of dedicated programmers and hackers, each with their own set of unique but advanced skill set, that come together to bring us jailbreak programs like RedSn0w and PwnageTool and unlocks like UltraSn0w.

From all around the world, these guys meet on IRC and work during their free time. With so many members in different time zones, The Dev Team's work on the iPhone is almost constant, especially after Apple releases a new update.

But don't think these guys are one trick ponies. Several of them are doing work with the upcoming Android platform, and these guys have actually entered hacking contests. Chaos Communication Congress Capture The Flag Competition in Berlin to be exact. Live and in person, The Dev Team actually won the competition by a a hefty margin. They have come a long way, enduring many accomplishments and evolution.

Although there have been several changes within The Dev Team, both in personnel and policy, one thing remains the same, they continue to lead the fight against Apple's tight user restriction policies. Without their software, users like us would not be able to customize our backgrounds, our icons, hell our phones!

One thing I continue to respect about these guys is that they're not looking to make money. Whether it's for legal or moral reasons, these guys maintain an ad free blog site that "Pytey" of The Dev Team told Mobile Crunch receives in the neighborhood of 3.5million hits around a jailbreak/unlock release date. They also continue to turn down cash offers to those sleazy overnight jailbreak startup websites that charge you for "their" software.

In fact they publicly have despised these websites in an effort to warn users of their sketchy practices. This might also have something to do with their dispute with a Jody Sanders, of West Midlands, UK. Seems this gentleman was using a large amount of The Dev Team's work in his software and was making quite a profit. I don't know that I would wanna piss off guys with these kinds of skills, they sound like they've already uncovered a lot of information about him and posted publicly on their blog asking for more help tracking him down.

With publicly followed drama of almost celebrity status (well among popular iPhone and gadget blogs) The Dev Team's former member George "GeoHot" Hotz and his former colleagues didn't see eye to eye on a lot of things. It seems a lot of the problems began when Hotz went public with his completely unlocked iPhone, having worked with The Dev Team just months before. They actually referred to him as the "self appointed media front man" that led a "media circus" in 2007.

For those of you that don't recall, Hotz was given a new Nissan 350z and other things in return for his jailbroken iPhone. A year later their dispute resurfaced as GeoHot obtained a copy of the exploit used to jailbreak iphone 2.0 firmware for 1st gens and 3G, from a Dev Team member and threatened the Dev Team with releasing his own jailbreak software, using that exploit if they didn't release PwnageTool at a sooner date.

So why do they continue to put up with the pressure of hitting release dates, scammers that steal their work, and others that throw stones at them when they don't conform. It's a hobby. Some people relax by fishing or reading, these guys really get down on soldering and disassembling things, especially iPhones.

Since their initial software releases in 2007, the Dev Team has continued with this game of cat and mouse with Apple. They find an exploit, use it, Apple covers it up in an update, and then they start all over again. Until recently, Apple has been relatively quiet about jailbreaking and the hackers behind the software.

Their license agreement of their latest developer kit (suite of software and info released to app developers as often as software is updated) actually adds a clause forbidding developers to work on jailbroken equipment. But as developers continue to find reasons or are forced to leave Apple's App Store, the jailbroken platform gains more and more momentum. Especially as Apple has yet to see any success on fighting the users right to do what they want with a product they purchased.

Regardless it appears things are going to get interesting and The Dev Team isn't going anywhere. Their latest blog notes that this recent firmware update 3.1.3 was released just to flush out exploits before the release of a major update, probably iPhone 4.0. Obviously, being the tricky tricksters they are, The Dev Team aren't biting. Their current release of Pwnage Tool uses old, ported exploits and they aren't releasing anything new until they see Apple's next move. Man this stuff could be in movies.

P.S. @Dev-Team : you guys gonna make my iPad cooler?

What Is Unlocking?

Cody Lee ∙ February 23, 2010

Unlocking is an extremely easy concept to explain, sort of . Unless stated otherwise, cell phones purchased from carrier retail stores are "locked" to that specific carrier. For instance, a Blackberry storm from Verizon won't work on an AT&T calling plan. The Sprint Palm Pre won't work on T-mobile. Even your iPhone from AT&T is "locked" to that infamous blue-mapped carrier.

So what do you do if you want to purchase a phone you like but use it with a different carrier, perhaps one that costs less or gets better reception in your area? For most folks I'd say " eh fa-gettaboutit ! " (in a pretty sweet Brooklyn/Italian accent might I add). But for those of you lucky enough to have apples on the back of your phones, there are ways to relieve your beloved iPhone from AT&T's struggling network.

Hardware Unlock Vs. Software Unlock

Technically, there are 2 ways to go about unlocking your iPhone. There is a hardware unlock, which is invasive (you have to open the phone), that I don't recommend that anyone tries unless they've got a pretty extensive background in some kind of electrical engineering.

The 2nd, much easier way, the software unlock, could be done on your lunch break by your 6th grader. Just like jailbreaking, this can be as easy as hooking your iPhone up to the computer and clicking 'start'. However the requirements for unlocking and the rules you must follow are very different.

Things to Consider Before Unlocking

There are guidelines to follow when thinking about unlocking your iPhone.

First off you need to make sure that the carrier you are wishing to go to supports the iPhones technology. I'll save everyone here stateside some time and just let the cat out of the bag. If you unlock, really your best option is T-Mobile, the other major wireless GSM carrier. Other, smaller CDMA carriers (any centennial wireless users out here??) have had users confirm the unlock to work, but chances are if your reading an article on unlocking, they are referring to T-Mobile (at least here in the states).

Secondly, you need to know your firmware version and modem firmware version (or baseband as its often referred to). This is easily discovered by popping into your iPhone settings and opening the 'about' window. Now if you can't seem to find it, I'm scared for you, but I'm here for you, I've provided some pictures below to help you out.

These 2 things are important to know, as they determine whether you can unlock your iPhone or not. If you are even thinking of jailbreaking or unlocking, best practice is to stay away from updating your iTunes or iPhone software, as the war between the Dev Team and Apple rages on, each new update could disable or prevent future unlocks.

I always check http://blog.iphone-dev.org/ to see the latest unlock available. As you can see right now, they have one working for firmware version 3.1.3 and baseband 05.11, but if you have updated your iPhone recently and have the 05.12 baseband, you're out of luck for the time being. An unlock is in the works but the ETA field is empty so, don't hold your breath.

Finally if you meet the above requirements and are ready to unlock, you must first jailbreak. Now as you can see from all the hyperlinks in this article, I wrote an article on jailbreaking, and I know Sebastien's got great tutorials in the blog's 'tutorials' section, so if you haven't done that, check that stuff out, meet me back here in 5.

Who Comes Up With Unlocks?

The last part of our segment today on unlocking is software, pioneered by the great Dev Team and the prodigy kid from New Jersey GeoHot. GeoHot, who recently announced hacking the PS3, actually received media attention for his iPhone unlock and was given a new Nissan 350z by the co founder of Certicell, not bad eh.

But the backbone of the jailbreak/unlock community, the Dev Team, have been the steady frontrunners ever since. Their software QuickPwn, RedSn0w, and PwnageTool have been staples in the iPhone hacking community for years.

Generally when you're using these programs to jailbreak they ask you if you'd like to unlock in one of the steps it takes you through. Here lately though, 1 task programs like UltraSnow have been relevant, also done by the Dev Team, also available in our downloads section.

Conclusion

Well that's unlocking in 10 minutes or less, the key really is what version your firmware/modem firmware you're running, and understanding there's no unlock for 3.1.3 firmware if you have 05.12 modem firmware (baseband).

The model of your iPhone matters as well, whether it is the iPhone 3G , 3GS, or original version. Model compatibility for any unlock software is generally noted in the description of the download. And if I haven't completely crushed your dreams yet, there's no way to downgrade your baseband (let us know if you get Fuzzyband to work, we hear the bootloader's to high). What am I talking about bootloaders, basebands, you guys should probably get out of here before things get really crazy.

Make sure to hit us up with any questions or comments.

Jailbreak iPhone 3.1.3 with PwnageTool

Sébastien Page ∙ February 7, 2010

The Dev Team released PwnageTool 3.1.5 just a few hours ago. In this guide and tutorial, I will show you how to use PwnageTool to jailbreak iPhone 3.1.3.

Before we get into the details, please make sure you read this article by the Dev Team. It will explain to you what you can and cannot do. It is a very important piece of information that you should not overlook.

If at any point in time you updated your iPhone to firmware 3.1.3, then you also updated your baseband to 05.12.01. If that's the case, you will be able to jailbreak by downgrading to 3.1.2 first, but you will not be able to unlock.

PwnageTool will jailbreak the following 3.1.3 devices:

iPhone 2G iPhone 3G iPhone 3GS (old bootrom) iPod Touch 1G iPod Touch 2G (old bootrom)

If you don't care about unlocking, RedSn0w is still an easier and quicker way to jailbreak.

Note that this tutorial to jailbreak iPhone 3.1.3 with PwnageTool is for Mac and Mac only. There is no Windows version of PwnageTool and they will most likely never be. If you don't have a Mac, ask around and see if a friend of yours can help you out and create a custom firmware for.

Again, please make sure you read the information given by the Dev Team. It will answer most questions you may have.

How to Jailbreak iPhone 3.1.3 with PwnageTool

Step 1: Make sure you have the latest version of iTunes installed on your computer. If not, download and install it, then reboot your computer. Now make sure you backup your iPhone by syncing with iTunes, just in case something goes wrong.

Step 2: Download PwnageTool 3.1.5 and your iPhone firmware from our downloads page. Save these 2 files to your desktop.

Step 3: Launch PwnageTool. It should give you a warning message. Click OK.

Step 4: Select “Expert Mode”.

Step 5: Select your device then click the blue arrow to continue.

Step 6: If PwnageTool doesn’t automatically find the correct IPSW file, click “Browse for IPSW” and locate it (it should be on your desktop).

Step 7: You will now have several options. Choose “General” and click the blue arrow to continue.

Step 8: Under “General Settings”, you have the option to activate the phone or not. This is a very important step so please read carefully.

If you have a contract with an official carrier (such as AT&T in the US, or Orange in France, etc…), do not activate.

If you do not have a contract with an official carrier (ie. you want to unlock for another carrier), you have to activate. Then you will have to install UltraSn0w or BlackSn0w from Cydia in order to fully unlock the phone.

You will know you didn’t choose the right option if you don’t have signal after jailbreaking.

You don’t have to, but I suggest increasing the root partition size to somewhere around 700MB, just to be on the safe side. When you’re done, click the blue arrow to continue.

Step 9: You are now taken to the “Bootneuter settings”. All of them should be greyed out. Click the blue arrow to continue.

Step 10: You are now taken to the “Cydia settings”. From here, you may download packages so you don’t have to manually do it later. For example, you may download WinterBoard, which would be installed during the pwnage process. Let’s keep things simple and skip this step which is not necessary. Click the blue arrow to continue.

Step 10: You are now taken to the “Custom packages settings”. Make sure "Cydia" is selected.

Step 11: You are now taken to the”Custom logos settings”. You can choose to add the default logos (see below) or you can add your own logos. If you choose to add your own, make sure the images are not larger than 320 x 480.

Step 12: We’re almost done! You now have to build the custom IPSW. Click “Build” and click the blue arrow to continue.

Step 13: Save your custom IPSW to your desktop.

Step 14: PwnageTool will now start building your custom IPSW. Be patient… It can take up to 15 minutes.

Step 15: PwnageTool will ask you if your iPhone has been pwned before. If you’re not sure, just click NO.

Step 16: If your iPhone was previously jailbroken, you can skip to step 19. If your iPhone wasn’t already jailbroken, follow the following directions. If your iPhone isn’t plugged to your computer yet, plug it. Don’t open iTunes. If iTunes launches automatically, close it. PwnageTool will now deliver the payload.

Step 17: After successfully delivering the payload, PwnageTool will put your iPhone in recovery mode. Click OK.

Step 18: iTunes should pop up saying it has detected an iPhone in recovery mode and that you must restore. Click OK.

Step 19: We are going to restore your iPhone using the custom IPSW you built. In iTunes, hold the “Alt/Option” key and click “Restore” at the same time. DO NOT click “Restore” without holding the “Alt/Option” key! A dialog box will pop up and you’ll be able to choose the custom IPSW file you created that was saved to your desktop.

Step 20: Navigate to the “jailbreak” folder and select the custom IPSW we created.

Step 21: iTunes will now restore your iPhone using the custom firmware which could take a while, so relax. When done, your iPhone will reboot and you will now have a jailbroken iPhone.

That's it! Your iPhone 3.1.3 should be fully jailbroken, thanks to the good work of the Dev Team and PwnageTool.

In the future, make sure you do not update your iPhone firmware when there is a new one coming out. It will avoid many issues. Besides, these updates are very minor and useless. For what it's worth, I'm still on iPhone OS 3.0, and happy to be.

If you have any question or comment, please leave a comment.

RedSn0w 0.9.3 Jailbreak Enables Tethering of iPhone 3.1.2

Sébastien Page ∙ Updated May 11, 2018

RedSn0w has been very hot for the last few days. After releasing the beta version and testing it out for a while, the Dev Team officially released RedSn0w 0.9, which didn't contain the IPCC tethering hack that would allow tethering on iPhone OS 3.1.2.

It has now been fixed as the Dev Team updated RedSn0w to 0.9.3, which now includes the IPCC tethering hack. For those of you who have no idea what "IPCC tethering hack" means, here is more information:

It allows you to install cellphone Carrier Bundles that aren't officially signed by Apple. This lets you, for instance, install a Carrier Bundle that allows you to use your iPhone as a way to connect your PC to the internet (through your 3G cell connection). This hack is always installed on 3G and 3GS phones by redsn0w 0.9.3 (no selection is required). It isn't included at all in 0.9.2 (it's still in a trial phase). Note that carriers may not like you tethering behind their back so you do so at your own risk.

So by jailbreaking your iPhone using RedSn0w 0.9.3, you will automatically get the base for iPhone tethering, but you will still have to download the right MobileConfigs file from http://www.benm.at/help/help.php and install it, directly from your iPhone.

Note that this website has saved my butt many many times when traveling overseas. As a matter of fact, http://www.benm.at/help/help.php saved my butt just hours ago. I am currently in Thailand and the mobile carrier I am using doesn't allow tethering. I quickly visited BenM.at and downloaded the right MobileConfigs file, which allows me to write this article you are currently reading by tethering my iPhone (aka using my iPhone as a modem).

To get the tethering hack, you will have to jailbreak your iPhone using RedSn0w 0.9.3. It is available for download from here and here is my RedSn0w tutorial. For the latest information about RedSn0w, please check out this page.

RedSn0w 0.9: iPhone 3.1.2 Jailbreak Available

Sébastien Page ∙ January 31, 2010

RedSn0w 0.9 is officially out of beta and is now available to everyone who wants to jailbreak iPhone 3.1.2. RedSn0w had been in beta testing for a couple of weeks now and the Dev Team worked on fixing the bugs. Apparently, this release is now completely bulletproof.

This release of RedSn0w supports all iPhone and iPod Touch models (still a tethered-only JB for late-model devices though) and runs fine on Windows and Mac OSX.

At first, this version of RedSn0w was supposed to include the IPCC tethering hack but it seems it was causing issues so it was removed at the last minute.

I was a little confused about the baseband situation so I asked MuscleNerd directly. Here is what he has to say:

redsn0w itself doesn't update the firmware, or the baseband. It just works with whatever firmware is there and ignores the baseband. redsn0w happens to know about both 3.0 and 3.1.2 firmwares, so it can jailbreak (or add logos, etc) to either.

ultrasn0w right now is only for baseband 04.26. If you have baseband 04.26 on 3.0 (which you normally would at that FW version), then that works fine for ultrasn0w. If you have baseband 04.26 on 3.1.2 (you got there through a custom IPSW), then that works fine for ultrasn0w too. And in both cases, redsn0w can be used to jailbreak, get Cydia, and install ultrasn0w.

However if you somehow have baseband 05.11 on firmware 3.0 (you went up to 3.1.2 then tried to come back down), ultrasn0w won't do the unlock, even though redsn0w will work fine. And if you have baseband 05.11 on firmware 3.1.2 (you did a stock apple restore/update), then ultrasn0w won't work there either.

I recently wrote a tutorial on how to use RedSn0w to jailbreak iPhone 3.1.2. Check it out if you want to jailbreak your iPhone using RedSn0w, which you can get from our iPhone downloads page.

RedSn0w 0.9 iPhone Jailbreak Released

Sébastien Page ∙ Updated January 9, 2012

Just a few hours ago, MuscleNerd tweeted about the release of the long-awaited RedSn0w jailbreak for iPhone 3.1.2. This version of RedSn0w is actually a beta version (redsn0w 0.9beta3) but it seems very stable from what I hear.

RedSn0w is a safer alternative to BlackRa1n to jailbreak and unlock your iPhone running OS 3.1.2.

Since it's still a beta version, it hasn't been posted on the Dev Team blog yet but more info about RedSn0w 0.9 beta 3 can be found here. If you're too lazy to read the full article, here is a rundown of the most important points:

RedSn0w 0.9 will jailbreak all iPhones and iPod Touch (except iPod Touch 3G) It will jailbreak iPhone OS 3.1.2 It will only unlock the iPhone 2G (install UltraSn0w from Cydia for iPhone 3G and 3GS) RedSn0w will modify your current filesystem, so your existing baseband, data and applications should remain intact If you have a late-model iPhone 3GS or an iPod touch 2G whose serial number begins with “MC”, you can use redsn0w to jailbreak but you are currently restricted to “tethered” rebooting

For full details about RedSn0w 0.9 beta 3, please read the Dev Team's article about it.

I just wrote a tutorial on how to use RedSn0w to jailbreak iPhone OS 3.1.2. Make sure to check it out if you're not sure how to use RedSn0w. In the meanwhile, you may download RedSn0w 0.9 beta 3 for Windows and Mac from our download page.

Dev Team to Release RedSn0w 0.9 to Jailbreak iPhone OS 3.1.2 on Windows

Sébastien Page ∙ January 8, 2010

I knew they were up to something... Some great news coming from the head of the Dev Team, MuscleNerd announced that they are working on releasing an update to the famous RedSn0w, the fast jailbreak method for Windows users.

RedSn0w might be the solution for frustrated BlackRa1n users who are having troubles with their jailbreak. While RedSn0w 0.9 might not be as fast as BlackRa1n, it's most likely going to be much more reliable.

As soon as RedSn0w is available, I will write a tutorial on how to jailbreak your iPhone with it, so stay tuned :)

What Is The iPhone Dev Team Up To?

Sébastien Page ∙ Updated January 29, 2016

I don't know if you've noticed but the Dev Team has been very quiet lately. I mean, the last time we heard from them was through a blog post about an UltraSn0w update.

MuscleNerd and I a buddies on Twitter and he always reply to me when I have a question or comment so last week, I asked him on Twitter what was the Team up to these days. He never replied!

I don't think he simply ignored me. I think the Dev Team is on to something but they don't want any info to be leaked and screw up everything, just like it did when the 24kpwn exploit was "leaked", which led Apple to fix it in a minute.

So what could they be up to? An untethered jailbreak and unlock for the 3GS is the most probable project they'd be working on and I believe they are waiting for Apple to release an update to the iPhone OS before making this jailbreak available.

Doesn't that make sense? Why do you think the Dev Team has been so silent lately?