How-To: Jailbreak your iOS 4.3 iPhone

While iOS 4.3 is slated to be released next Friday, iOS developers – and savvy Google and torrent search engine users – can already download the final version of the OS. If you’re lucky enough to have access to the iOS 4.3 gold master firmware for your iPhone, and need some help to jailbreak your device after the update, this how-to is for you. As previously mentioned by iOSnoops, the jailbreak method is a little involving, but if you’re willing to give it a shot, the whole process should take less than 15 minutes. Also, if you’re looking for an untethered jailbreak method, you will have to wait until a new version of limera1n or greenpois0n is available, as for now, only tethered jailbreaks work with iOS 4.3. Hardware This method only works with Macs. We used a MacBook Air running Snow Leopard, but any Mac running some recent flavor of OS X should do the trick. You will need an iPhone 3GS or 4 running iOS 4.2.1, as well as the USB connector that came with your phone. Software
  • The correct version of iOS 4.3 GM for your iPhone, build 8F190. Note that at this stage, only iOS developers are allowed to download the firmware, as it is not supposed to hit store shelves until Friday.
  • iTunes 10.2 (available via Software Update)
  • PwnageTool 4.2 (the link to the official torrent seed is available on the Dev-Team’s website).
  • The Universal Ramdisk Maker (you can find it on iPhone Privacy’s website)
  • Additional PwnageTool bundles for iOS 4.3 (same as above, available here)
  • The tethered boot utility (available on Google Sites)
Walk-through Step 1 – Download all the tools to your Mac, preferably your Desktop, and unzip the additional pwnagetool bundle. Step 2 – Open the PwnageTool package, but instead of firing up the app, right-click on it, and select “show contents,” as you will need to add the additional bundles to the app. Navigate to the /contents/resources/firmwarebundles folder, and transfer the 8F190.bundle file from the unzipped pwnagetool bundle to this folder. The PwnageTool app should now be ready. Step 3 – Install the Universal Ramdisk Maker app on your Mac. This step is important, as the PwnageTool app will build an incorrect firmware if the Universal Ramdisk Maker app is not installed first. Step 4 – Fire up the PwnageTool app, click on “Expert mode”, click on the iPhone 3/3GS/4 icon, and point the app to the correct iOS 4.3 firmware for your phone. At this stage, the tool should automatically create a custom firmware for your device. Step 5 – Make sure your iPhone is plugged to your Mac, and fire up iTunes. From there, simply hold down the your Mac’s “option” key, and click on “Restore”. Point iTunes to your custom firmware, and wait until iTunes is done uploading it to your iPhone. Step 6 – The tricky part: To be able to boot your iPhone, you will need to extract 2 files from the custom firmware you created earlier. Rename the custom firmware created by the PwnageTool app from “.ipsw” to “.zip,” and double-click on it to extract it. Navigate to /Firmware/dfu/, and copy both kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu to the folder that contains the tethered boot utility downloaded earlier, ideally your Desktop. Step 7 – Switch off your iPhone. Fire up the Mac’s Terminal app, and authenticate as a super-user, by typing “sudo -s”. You will be asked to enter your admin password. Navigate to the folder that contains the files obtained via step 6, via the “cd” command (for instance, “cd /Users/[mac_username]/Desktop”, if you put all the files on your Desktop). To boot your phone, simply type “./tetheredboot ./iBSS.n90ap.RELEASE.dfu ./kernelcache.release.n90” (do not forget the dots). Step 8 – At some point, the tethered boot tool will ask you to put your device in DFU mode. To do so, simply hold the phone’s power button down for 10 seconds, and without releasing the power button, hold down the home button for an additional 10 seconds. After booting, your device should now give you full access to Cydia. After-thoughts Even though jailbreaking is considered legal, always keep in mind that Apple sees it as a warranty-voiding act, so do it at your own risk. Please do not use jailbreaks to install copyrighted/paid content you haven’t purchased yourself. Also note that we will not provide links to the firmware files (please use your favorite search engine instead). Related Posts