pwnage3.1The iPhone Dev Team are back, with a jailbreak tool for iPhones and iPod Touches on firmware 3.1. Pwnage tool 3.1 was released today, to the delight of many folks still on 3.0.1, and folks who upgraded to 3.1 by mistake. The current release only supports iPhone 2g, iPhone 3G, and the 1st gen iPod Touch. There is no ETA for iPhone 3GS, and the 2nd and 3rd gen iPod Touch, but the iPhone Dev Team are most likely working on it, as you read this.

What is the Pwnage Tool? The Pwnage Tool builds a cutom firmware that you use to update your device, instead of the “official” firmware that iTunes downloads from the Apple servers. This allows you to use 3rd party apps, that are not offered by the iTunes App Store.

Let’s get ready to jailbreak, shall we? I’ll be showing you a jailbreak of the iPhone 3G. You need to have iTunes 9 installed, a copy of your IPSW (iPhone1,2_3.1_7C144_Restore.ipsw) and, of course, Pwnage Tool 3.1 (Mac only). You can download that, via bitorrent, here.

Open Pwnage Tool 3.1. Select “Expert Mode” on the top, and then select “iPhone 3G”. You will notice that a pink pop up will say “iPhone 3G (S)”, but there is no support for the 3GS, yet. Click the blue arrow to proceed.


Next, Pwnage Tool will search your Mac for your IPSW. If it doesn’t find it automatically, click “Browse for IPSW”, and navigate to where you saved it. If you downloaded it with iTunes, it will be here: Users > “your user name” > Library > iTunes > iPhone Software Updates > iPhone1,2_3.1_7C144_Restore.ipsw. Click the blue arrow to proceed.


Next, we need to choose the options for building the custom IPSW. Click “General”, and then click the blue arrow to proceed.


This next step is important, and if not done correctly, could result in the Phone not working. You need to know if you are with a legitimate iPhone carrier, or not. (AT&T in the the US, or Rogers/Fido in Canada). If you are not with a legitimate iPhone carrier, and you need to unlock your iPhone, you need to select “Activate iPhone”. If you ARE with with a legitimate iPhone carrier, do not select “Activate iPhone”, as it could result in getting “No Signal”. In my case, I am with Rogers in Canada, so I’m going to NOT select “Activate the Phone”.


If you do need to unlock, and select “Activate the phone”, be sure that you do not select “Enable baseband update”. If you update the baseband, you will not be able to unlock with ultrasn0w, later. The Pwnage Tool is designed to preserve your current baseband, so that you can keep your iPhone unlocked. Once you’ve figured out what you need to do, click the blue arrow to proceed.


Leave the Bootneuter settings as is. In my case, they were greyed out. Click the blue arrow to proceed.


Next, you can select packages that you would like automatically installed when you restore with your custom IPSW. Click the “Download Packages” tab, click “Refresh”, select a package you want and click “Add to queue”. Go back to “Select Packages” and check the ones you want added to your IPSW.



You can do the same for Sources. Click the “Manage Sources” tab, and add your favourite sources. These will also be added automatically to your IPSW. Click the blue arrow to proceed.


Next, you can choose to have the custom boot logos, or leave the stock Apple logos. If you’re savy with Photoshop, you can create your own. They must be a PNG image, 320X480, and in RGB or greyscale Alpha channel. If you’ve created your own, click the “Browse”, and navigate to the proper files. I decided to keep the stock logos. When your done, click the blue arrow to proceed.


Now that you’ve got all the options figured out, it’s time to build the IPSW. Select “Build”, and click the blue arrow to proceed. You’ll see a popup; select where you want to save your custom IPSW. I chose my desktop, so it’s easier to find it later. Click “Save”.



Pwnage Tool will begin building the IPSW. This will take few minutes, so be patient. You will be asked to “Allow Pwnage Tool to Make Changes”. Type in your administrator password and click “Okay”.



Your custom firmware has been created and you’re ready to restore in iTunes. You will get this pop up asking if your iPhone has been “Pwned” before. If you’re familiar with jailbreaking, click yes, put your iPhone in recovery mode, and restore with your new custom firmware, in iTunes.


If you’re new to jailbreaking, click no, and follow the instructions on how to put your iPhone in DFU mode. If you’ve never done this before, it can be a little tricky, and you may not get it the first try. Pwnage Tool will let you know if you were not successful or not, and give you the option to try again.



Once your iPhone is in DFU mode, you’re ready to restore. iTunes will open automatically and let you know that your iPhone is in recovery mode, and needs to be restored. Click okay, then Option-click Restore. Navigate to your custom IPSW and click Okay.

That’s it. iTunes will do the rest. It will take a few minutes to complete the restore. When it’s finished, your iPhone will reboot and you’ll be prompted to either restore from a back up, or set up as a new iPhone. Most people will select the restore from back up option.

You’re done! Welcome to OS 3.1!