DevTeam

Dev Team Demos iPhone 3GS UltraSn0w Jailbreak

Sébastien Page ∙ July 3, 2009

Shortly after GeoHot released his PurpleRa1n jailbreak, the Dev Team posted a video showing a jailbroken iPhone 3GS running the UltraSn0w unlock.

Our ultrasn0w program uses the at+xlog crash as an injection vector of our unlocking payload — and it does so on the 3GS in exactly the same way as on the 3G! But this injection vector will be lost if you update to 3.1 using the official Apple IPSW, which updates the baseband. So stay away from official 3.1 IPSWs until we release the tools that let you update the firmware without updating the baseband.

The Dev Team is still waiting on the OS 3.1 update to release its jailbreak.

Prepare Your iPhone 3GS For Jailbreak

Sébastien Page ∙ Updated January 23, 2016

The Dev Team posted a message yesterday suggesting that iPhone 3GS owners should prepare their device for jailbreak.

Remember we warned you to stay away from any updates to 3.1 if you want to be able to jailbreak or unlock your 3GS.

Well this is an additional message to all you 3GS owners that would like to jailbreak your device sometime soon, but this advice comes with a warning! A warning that if you accidentally upgrade to 3.1, you will not be able to use Ultransn0w, so please re-read and double check this warning at the bottom of this post before proceeding.

During the restore process iTunes nicely keeps these oh-so-top-secret-files in a lovely accessible place for us to copy out and backup, that place? /tmp on Mac OS X or %TEMP% on Windows. Thanks Apple — handy!

The downside to this approach is that you actually need to go through the restore process to get these signed files, which has risks if you are anywhere near 3.1 or 3.1 beta :-)

Jump the break for instructions on how to get the iBEC and iBSS of your iPhone 3GS.

Dev Team Delays the Release of the iPhone 3GS Jailbreak

Sébastien Page ∙ June 28, 2009

As I predicted in a post I wrote earlier today about the future iPhone 3GS jailbreak, the Dev Team officially announced that it will hold on on the release of the iPhone 3GS jailbreak.

The reason is simple. Apple is most likely coming up with 3.0.1 firmware very soon. Releasing the jailbreak would basically allow Apple to figure out what exploit the Dev Team used to jailbreak the 3GS and fix it.

Once the jailbreak is out, Apple will fix the iBoot-family bug we use to accomplish it. They will simply stop signing the old iBoots and only sign the fixed ones. If you bought your phone after Apple has done this, there’s nothing you can do…the jailbreak isn’t going to work for you.

It is possible that Apple will find the bug we use without our handing it to them on a silver platter (via a public jailbreak). In that case, we will have delayed our jailbreak for “nothing”. But we’d rather be safe than sorry!

Apple is surely coming out with a 3.0.1 firmware release shortly. They need to fix ultrasn0w. They need to fix some UI issues. 3.0 is buggy and 3.0.1 is coming. We’re going to wait and see what 3.0.1 brings before figuring out the release date for our version of the jailbreak.

Hopefully, Apple will release 3.0.1 soon and won't find the bug used to jailbreak the iPhone 3GS. Cross your fingers!

iPhone 3GS Jailbreak & Unlock Confirmed

Sébastien Page ∙ Updated February 5, 2016

Less than a week after the launch of the iPhone 3GS, the Dev Team confirmed it will soon be possible to jailbreak the 24Kpwn exploit that the hybrid team used on the iPod Touch 2G. This 24Kpwn exploit applies for the bootrom of the iPhone 3GS. In other words, you will soon be able to use RedSn0w to jailbreak your iPhone 3GS.

The other news is that once jailbroken, you will be able to use the current version of UltraSn0w to unlock the iPhone 3GS.

This is great news, but how did it happen? Why didn’t Apple fix this in their normal cat&mouse fashion? Well it seems this bootrom was cut in about the August 2008 timeframe, so the unintended early reveal of 24Kpwn earlier this year didn’t affect the iPhone 3GS.

Important: Apple has not given up on the cat&mouse game, and in fact there are challenging aspects of the 3GS jailbreak that aren’t in the other devices. It’ll take some time to safely work these into our tools, but the fundamental weaknesses are there: The bootrom is exploitable via 24Kpwn, and the baseband is exploitable via ultrasn0w. (And just like with the 3G, ultrasn0w for 3GS requires that you not update your baseband when Apple comes out with new firmware.)

If you're really into iPhone hacking, the Dev Team released the technical notes about the 24Kpwn exploit in the iPhone 3GS. These notes can be found here.

There is no information so far on the expected release date of the iPhone 3GS jailbreak but I am confident the Dev Team will have it ready within the next 2 weeks. The sooner, the better. I don't know about you guys, but I'm going nuts with my unjailbroken iPhone.

iPhone 3.0 Jailbreak & Unlock Roundup

Sébastien Page ∙ June 23, 2009

The new iPhone 3.0 came out about a week ago and the Dev Team already managed to jailbreak and unlock it. All the info available about jailbreaking and unlocking might be a little confusing so I wanted to write some sort of summary in order for you to figure out what's the best solution for you.

iPod Touch & iPod Touch 2G

If you're an iPod Touch user and want to jailbreak it, then you will have to use RedSn0w. I wrote a tutorial on how to use RedSn0w for the iPhone but the steps are pretty much the same for the iPod Touch. Refer to this tutorial to learn how to jailbreak your iPod Touch or iPod Touch 2G.

iPhone 2G

You have 2 options to jailbreak your iPhone 2G. If you're on a Mac, the best way to do this is to use PwnageTool. You can read my PwnageTool jailbreak tutorial here. If you're on a PC, you may want to use RedSn0w, for which I also wrote a guide here.

The tools to unlock the iPhone 2G are the same as the tools to jailbreak it. If you're using a Mac, read my PwnageTool unlock tutorial here. If you're on a PC, read my RedSn0w unlock guide here.

Note that RedSn0w works on both PC and Mac, so if you're on a Mac, you can still use RedSn0w, which I recommend as it is a little more straightforward than PwnageTool.

iPhone 3G

Once again, you have 2 options to jailbreak your iPhone 3G. First option is to use PwnageTool for Mac (see tutorial here). The second option is to use RedSn0w, which works on both PC and Mac (see tutorial here).

Now if you want to unlock your iPhone 3G, you will first have to jailbreak it using one of the methods mentioned above, and then you will have to run UltraSn0w (see tutorial here).

iPhone 3G S

Unfortunately, there is no jailbreak or unlock method for the iPhone 3G S yet. The Dev Team just released the iPhone 3G unlock UltraSn0w and I believe they will now focus on finding a jailbreak and unlock for the 3G S.

Stay tuned for more information coming as these new tools are released.

Unlock Your iPhone 3G With UltraSn0w

Sébastien Page ∙ Updated August 1, 2009

UltraSn0w, the soft unlock for the iphone 3G 3.0 firmware is now available thanks to the good work of the Dev Team. Don't wait any minute to install UltraSn0w and unlock your iPhone 3G.

Note that this tutorial was originally written for the 3.0 unlock but the steps are exactly the same to unlock iPhone OS 3.0.1. I simply updated this guide with the latest info.

Before installing UltraSn0w, your iPhone 3G has to be jailbroken and running the latest 3.0 3.0.1 firmware. You can either jailbreak your iPhone 3G using RedSn0w (see tutorial here) or by using PwnageTool (see tutorial here).

After jailbreaking your iPhone 3G, follow these simple steps:

Launch Cydia. Add the following source to Cydia repo666.ultrasn0w.com (note there is a "0" in sn0w, not an "o"). After installing this source in Cydia, search for "ultraSn0w". Install UltraSn0w and reboot your iPhone. Voila!

Note that T-Mobile users should disable 3G before using UltraSn0w.

Unfortunately, the new iPhone 3G S still can't be unlocked because there is no jailbreak for it yet.

Dev Team Releases RedSn0w Jailbreak

Sébastien Page ∙ Updated January 23, 2016

After the release of PwnageTool for Mac yesterday, the Dev Team just announced the release of of RedSn0w, a jailbreak method that will work for iPod Touch, iPod Touch 2G, iPhone, and iPhone 3G. RedSn0w can also unlock the iPhone 2G.

RedSn0w, which works on both Mac and PC, provides similar functionality to QuickPwn, which makes me wonder whether or not the Dev Team will update QuickPwn, or simply replace it with RedSn0w.

According to the Dev Team:

GOLDEN RULE: If you are using a 3G iPhone with yellowsn0w and rely on yellowsn0w to obtain cellular service, then you should NOT use redsn0w right now. Ultrasn0w (the 3G carrier unlock) is not included with this release and therefore your baseband will be locked and unable to use an operator other than the official one it was bought for. UltraSn0w will be released via APT (cydia and icy) soon. If you have an original iPhone (1st generation) then 3.0 carrier unlock works with this redsn0w release. Yellowsn0w in its current form will NOT work with the baseband version that is present in the 3.0 update, you will need Ultrasn0w, which will be released sometime soon, Ultrasn0w will work with all iPhone 3G models (but not 3GS), even ones that were previously unlockable, Ultrasn0w (when available) will be released via APT (this means you will be able to get it via Cydia or Icy). Please read all parts of this post before downloading and using these tools. Read items 1, 2 and 3 again and again. At the bottom of this post are the bittorrent files for the latest version of redsn0w. This app is suitable for the recent 3.0 release redsn0w will NOT work for the iPhone 3GS. redsn0w WILL work for Original iPhone (1st Generation), Original iPod touch, iPod touch 2G and the iPhone 3G (not the iPhone 3GS).

The Dev Team also suggests to use PwnageTool on Mac (see tutorial and guide) to build custom firmware files with more flexibility.

SHA1 SUMS

SHA1(redsn0w-mac_0.7.zip)= 284639d37fd6675056814b6c8a5b0583ad91c370 SHA1(redsn0w-win_0.7.1.zip)= e264e44954aa417a3eb12ed29770790a30f85a66

Official Bittorrent Releases -

Mac OS X torrent Windows torrent

Note that UltraSn0w, the iPhone 3G jailbreak, hasn't been released yet. Also note that there is currently no way to jailbreak or unlock the new iPhone 3G S.

Dev Team Releases PwnageTool 3.0 For Mac

Sébastien Page ∙ Updated April 18, 2016

The Dev Team just released a new version of PwnageTool that will jailbreak the iPhone 1st gen., iPhone 3G, and the iPod Touch 1s gen. The new iPhone 3G S is not supported yet.

According to the Dev Team:

Because of some bugs and unexpected changes this will be a multipart release, starting with the release of PwnageTool for Mac OS X. QuickPwn for Mac OS X and Windows will follow sometime soon, please don’t bug us about it, we are working flat out to get everything finished to release them.

GOLDEN RULE: If you are using a 3G iPhone with yellowsn0w and rely on yellowsn0w to obtain cellular service, then you should NOT use PwnageTool right now. UltraSn0w is not included with this release and therefore your baseband will be locked and unable to use an operator other than the official one it was bought for. UltraSn0w will be release via APT (cydia and icy) soon. If you have an original iPhone (1st generation) then 3.0 unlock works with this PwnageTool release. Yellowsn0w in its current form will NOT work with the baseband version that is present in the 3.0 update, you will need Ultrasn0w, which will be released sometime soon, Ultrasn0w will work with all iPhone 3G models (but not 3GS), even ones that were previously unlockable, Ultrasn0w (when available) will be released via APT (this means you can get it via Cydia or Icy). Please read all parts of this post before downloading and using these tools. Read items 1, 2 and 3 again and again. At the bottom of this post are the bittorrent files for the 3.0 capable version of PwnageTool. This app is suitable for the recent 3.0 release. PwnageTool will NOT work for the iPhone 3GS. PwnageTool WILL work for Original iPhone (1st Generation), Original iPod touch (1st Generation) and the iPhone 3G.

This will just unlock the 1st gen iPhone. It will not unlock your iPhone 3G or iPhone 3G S. The Dev Team will release UltraSn0w soon and this is the tool you will need to unlock your iPhone 3G.

Official Bittorrent Releases -

http://torrents.thepiratebay.org/4963802/PwnageTool_3.0.dmg.4963802.TPB.torrent SHA1 = 2e19d39398233f88ae0782fd82462a9223791f7f

iPhone 3G S owners will have to wait for the Dev Team to come up with a jailbreak first. Stay tuned for more info and tutorials on how to do all this...

iPhone 3.0 Jailbreak Update

Sébastien Page ∙ June 18, 2009

The Dev Team posted an update regarding the iPhone 3.0 jailbreak. It seems the jailbreak is harder than they expected, but there's nothing too hard for our favorite team of iPhone hackers.

We have two issues that we’ve been trying to resolve:

There are new 3.0 complications with YouTube.app if you’re on a hacktivated (unofficially activated) device There’s a bug in Apple’s new version of asr that our custom IPSW’s are tickling and causing crashes on, on some devices. (For the nerdy or curious among us, the details of that bug were tweeted by planetbeing a month ago.)

As of Thursday morning we now have a workaround for #2. For #1, we’ll try our best to get it fixed but we may end up releasing a preliminary jailbreak in which YouTube doesn’t work for hacktivated devices, and then follow that up with a more complete jailbreak when we can.

As a reminder, this jailbreak is necessary to inject UltraSn0w, the payload that will allow you to unlock your iPhone.

Dev Team Demos UltraSn0w – iPhone 3G Unlock

Sébastien Page ∙ June 16, 2009

As announced yesterday, Dev Team member MuscleNerd did a demo of UltraSn0w, the new software unlock for the iPhone 3G (skip to 2.20 min on the video below). Unlike its predecessor YellowSn0w, UltraSn0w will unlock your iPhone 3G no matter what firmware, bootloader or baseband you have, as long as you have the new 3.0 firmware installed.

The actual program that UltraSn0w injects into the baseband to accomplish the unlock is the exact same one the Dev Team developed for YellowSn0w. What changed is that the Dev Team found a new "hole" to inject the unlocking payload.

During his demo, MuscleNerd successfully jailbroke his iPhone 3G and proved it by inserting a T-Mobile SIM card.

UltraSn0w won't be available until Friday and like YellowSn0w, it will be downloadable through Cydia. Your iPhone will obviously have to be jailbroken and the Dev Team will release the necessary tools for that (QuickPwn and PwnageTool) soon.

Again, just to make this clear, there is no baseband downgrade needed. You can just upgrade to 3.0 tomorrow and wait for the Dev Team to push its unlocking tools and UltraSn0w on Friday.

Note that this unlock is only valid for the iPhone 3G. According to the Dev Team, this hack may be applicable to the new iPhone 3G S if it can be jailbroken, which should happen sometimes soon. Go Dev Team!

iPhone 3.0 Unlock YellowSn0w Demo

Sébastien Page ∙ June 15, 2009

Dev Team member MuscleNerd sent a tweet a few minutes ago about an upcoming live demo of the YellowSn0w unlock for iPhone 3.0. The live demo will happen Tuesday night, most likely on Qik and should answer a lot of questions.

This demo should show how YellowSn0w can unlock firmware 3.0. I assume this unlock will only work for iPhones that currently support YellowSn0w.

Dev Team Says: Beware of the Fakes

Sébastien Page ∙ June 7, 2009

The Dev Team just posted some type of warning on their blog to alert you of phony websites pretending to help you jailbreak or unlock your iPhone. Besides messing up your iPhone, you might also be at risk of infecting your computer with viruses.

One very recent example is a certain yellowsn0w221 page on wordpress.com. Do not download anything from that page if you’re on a PC, else you’ll be infected with a virus. The page talks and talks about a supposed Firmware 2.2.1 yellowsn0w exploit, but it’s all a ruse to get you to download and infect your PC.

We’re used to (though still aren’t happy about) less predatory websites, like quickpwn.com. That site (1) is not us. We don’t consult with them in any way (2) makes money from their Google hits (they’re usually near the top) (3) sometimes gives very very bad advice (like tweeting yellowsn0w users to use QuickPwn on 3.0 betas. Bad suggestion). (4) also owns yellowsn0w.net, another money making website.

One way of avoiding any problem is to look out for sites and blogs that give "Dev Team-related" news that you don't see on their blog or on iPhone Download Blog first. If you have any interest in this matter, I suggest you read the full post over at the Dev Team blog.