1. bellyfrog's Avatar
    I could use some help here, I followed the procedure exactly and everything went well up until the itunes restore part. I keep getting an error 21 in recovery mode, and error 1600 in dfu mode. Anyone ran into this issue after performing these steps?
    Sounds like you are doing something wrong. I don't understand what you mean by getting an error in recovery/DFU mode. You need to have the phone in recovery mode when you start the procedure, then put it into DFU for the Greenpois0n jailbreak. After that you leave the phone as it is. It will put itself into either recovery mode or white screen mode after you do the "go jump" step in iRecovery.
    2010-10-27 07:13 AM
  2. Alvin James's Avatar
    Sounds like you are doing something wrong. I don't understand what you mean by getting an error in recovery/DFU mode. You need to have the phone in recovery mode when you start the procedure, then put it into DFU for the Greenpois0n jailbreak. After that you leave the phone as it is. It will put itself into either recovery mode or white screen mode after you do the "go jump" step in iRecovery.
    After performing all the steps the phone goes back into recovery mode, which gives me the 21 error. Thats when i manually put it in dfu to see if it would fix anything, which gives me the 1600 error. I think I may have found the problem but I dont know how to fix it.

    I watched carefully and noticed that the phone puts itself into recovery mode at this step:
    3. go image decrypt 0x41000000

    So I can only perform this step after it has already gone back into recovery mode:
    4. go jump 0x41000040

    Any idea on why it would be doing that? Phone is a 3gs new bootrom on 3.1.3.

    EDIT: Got it working, i was accidentally typing "irecovery -f iBSS" instead of "irecovery -f iBSS.n88ap.RELEASE.dfu"

    Thanks bellyfrog

    PS: I also had to use greepoison rc3 to get it to successfully jailbreak on windows 7 x64
    Last edited by Alvin James; 2010-10-27 at 07:45 AM.
    2010-10-27 07:24 AM
  3. bellyfrog's Avatar
    Good news And yes it seems rc3 works for Windows 7 64 users, nice find by the guys who tried this method from these forums
    2010-10-27 08:52 AM
  4. Dashar's Avatar
    Even for me seems risky, why do those convoluted steps when this will work for most of you
    PwnageTool Tweaks [iPhone Dev Team]

    also I have heard that pwnage tool can work via vmware even with this new dfu exploit thing on the pwnage tools 4.1-4.1.2+ as long as your vmware supports auto connect usb or something. I am currently trying both with the pwnagetool tweak files. so regardless it will work in windows and I also have put in a custom ultrasn0w package, if its a success I will let everyone know.

    My school is lame and has Imacs but the desktop is locked down so I couldnt use it and my desktop is giving me hardware virtualization errors so I am indeed using my netbook to do this so it could take hrs just to make ipsw, =( im usually on ************* forums anyways wanted to share what I know about this issue with everyone.
    2010-10-27 11:26 AM
  5. bellyfrog's Avatar
    Even for me seems risky, why do those convoluted steps when this will work for most of you
    PwnageTool Tweaks [iPhone Dev Team]

    also I have heard that pwnage tool can work via vmware even with this new dfu exploit thing on the pwnage tools 4.1-4.1.2+ as long as your vmware supports auto connect usb or something. I am currently trying both with the pwnagetool tweak files. so regardless it will work in windows and I also have put in a custom ultrasn0w package, if its a success I will let everyone know.

    My school is lame and has Imacs but the desktop is locked down so I couldnt use it and my desktop is giving me hardware virtualization errors so I am indeed using my netbook to do this so it could take hrs just to make ipsw, =( im usually on ************* forums anyways wanted to share what I know about this issue with everyone.
    Erm. That technique only works on iPhone 3GS old bootrom which is on 3.1.3 or lower, so it's only a handful of users where that will work and it's pretty much as complicated as this method. This method works for ALL iPhone 3GS and other devices too.

    Also Musclenerd warns if you do his tweak on a device that doesn't match the description your baseband may be upgraded.

    And no, VMWare does NOT work on any unpwned devices. You can get VMware to work on a previously pwned phone (because the DFU exploit is not required) but any other devices cannot be jailbroken in VMware. The best you can do with VMware is build your ipsw, then use this method. I have USB auto-connect and VMWare does not work, fullstop.

    There's no need to build your own ipsw by the way, check the "google" link in the other post

    Lastly this method is not risky whatsoever, you can't brick your phone, even if you do it all wrong.
    2010-10-27 12:06 PM
  6. Dashar's Avatar
    i rather just use a custom cf of someone doing the pwnage tool tweak I have mine on 3.1.2 redsn0wed old bootrom, I'm waiting to here for the less technically adapt people what dev team will come up with for windows users.
    2010-10-27 12:43 PM
  7. bellyfrog's Avatar
    i rather just use a custom cf of someone doing the pwnage tool tweak I have mine on 3.1.2 redsn0wed old bootrom, I'm waiting to here for the less technically adapt people what dev team will come up with for windows users.
    This method was created by a member of the dev team in conjunction with others. They probably won't come up with anything.

    If you're on old bootrom you don't even need to use PwnageTool just use sn0wbreeze.

    Also sbingner just created an automated irecovery which will save you from doing all the complicated command prompt stuff.

    http://www.bingner.com/pwnstrap.html
    Last edited by bellyfrog; 2010-10-27 at 11:48 PM.
    2010-10-27 11:43 PM
  8. Dashar's Avatar
    This method was created by a member of the dev team in conjunction with others. They probably won't come up with anything.

    If you're on old bootrom you don't even need to use PwnageTool just use sn0wbreeze.

    Also sbingner just created an automated irecovery which will save you from doing all the complicated command prompt stuff.

    PwnStrap
    Sn0wbreeze I used and the custom firmware it makes, lots of errors, for this does it need to be a custom fw from 4.1 or could it also be from 4.1.2? and I thought greenpo1son updates the baseband. I'm a tmobile user so I have to have the unlock.
    if it doesn't update the baseband im going to try this way =D
    Thanks for the help
    2010-10-28 04:21 AM
  9. bellyfrog's Avatar
    You need a Custom ipsw from PwnageTool 4.1.x (preferably 4.1.2 because they disabled the baseband update OPTION which some people might have mistakenly ticked when they created their ipsw).

    However the download links provided do not have the baseband update.

    GreenPois0n doesn't update anything. The point is under normal circumstances you would already have to be on iOS 4.1 to use GreenPois0n (hence your baseband would already have been upgraded).

    All you need to do is a get a custom ipsw, run the iRecovery download (irecovery.exe -p xxxx\xxx\customfirmware4.1.ipsw, replacing that path with the path to your custom ipsw) and it will do the steps automatically, it will tell you when to launch GreenPois0n and run the jailbreak, and it will tell you when you're ready to shift+restore in iTunes.

    Voila, you're on 4.1 with unlockable baseband.
    2010-10-28 04:30 AM
  10. Dashar's Avatar
    I'm doing it that way then thanks =D

    so far so good, I had to use rc3 for it to work for me and im running 32bit win7

    Wow, works like a charm, will repost to other forums I use thanks guys!
    Last edited by Dashar; 2010-10-28 at 09:25 AM. Reason: Automerged Doublepost
    2010-10-28 09:25 AM
  11. zeljkot's Avatar
    Can someone try this on apple tv?
    2010-10-29 01:07 PM
  12. bellyfrog's Avatar
    I know the developer of the technique had success with their apple tv.
    2010-10-31 05:32 AM
  13. eyeRobot's Avatar
    Redsnow can now put your device in pwn'd dfu so you can use pwnagetool cooked firmwares on windows

    PM me if anyone needs a pwnagetool firmware :-)
    2010-11-01 02:19 PM
33 12
LINK TO POST COPIED TO CLIPBOARD