Dev-Team Blog
To find yourself, think for yourself © Socrates 469 BC
redsn0w+limera1n fun 

It looks like geohot’s recent limera1n exploit for iPhone3GS/iPhone4/iPad/ipt3g/ipt4g/atv2g will be very beneficial to jailbreakers and unlockers for the next few months (at least).  geohot’s limera1n program and the alternative greenpois1on program both use his same exploit (although greenpois0n refuses to tell you that, FWIW), and hopefully SHAtter can be saved for some later device.

In the meantime, we’ve also incorporated the limera1n exploit into redsn0w.  But we’ve added a few extras:

  • custom bootlogos for iPhone3G/iPhone3GS/iPod2G users (with qualifying bootroms)
  • an option that implements the “DFU” button in PwnageTool.  This button (which you can use from Windows) lets you prepare your device for a custom DFU.  Even if you’re purely a Windows user, you can get a trusted friend to run PwnageTool over your IPSW to create a custom IPSW.  You can now install that custom IPSW on your own Windows box, after you run this redsn0w version.

This latest redsn0w is available at:

For Windows users who have run redsn0w and chosen “Just enter pwned DFU mode right now”, your device is now completely vulnerable.  Running iTunes and selecting a custom IPSW from PwnageTool (choose it by pressing Shift+Restore)….you’ve now convinced your device and iTunes to restore to a custom firmware.  Congratulations!

If you are timid about software and running these programs…please just wait!  Don’t jeopardize your carrier unlock for a firmware upgrade.  Wait for even easier methods than this latest redsn0w release. 

Update #1:  Today Apple released to developers the GM seed for 4.2.  Tinkerers will find that yesterday’s redsn0w jailbreaks today’s 4.2 GM seed, simply by pointing redsn0w at the 4.1 IPSW (rather than the 4.2 one).   Right now it mostly only makes sense for JB app developers to do that because many apps (including Cydia itself) need to be updated for 4.2.  However, if all you want to do is enable afc2 (to use iFunBox or other file browsers), or to tweak settings like Battery % and Homescreen wallpapers, then go for it (if you have valid paid access to the GM seed).  Be sure to uncheck the Cydia box, though!  Ultrasn0w unlockers should stay very far away from this!!

Update #2:  By all accounts, we’re within a few days of Apple’s official public release of Firmware 4.2.  Here’s what you need to know:

  • Thanks to geohot’s limera1n exploit, and our original pwnage2 exploit, and @pod2g’s ipod2g-MC exploit, absolutely all devices at all iOS firmware versions are capable of being jailbroken.
  • The untethered jailbreak of those very latest FWs and latest devices depends on @comex hacks.  His hacks so far extend only to 4.1 and 4.2beta3.  He’s working on a way to extend it to 4.2 and beyond.  Just wait for him to work out his method.
  • iPhone 3G and 3GS unlockers will be covered by our upcoming unlock.  Stay away from any updates to Apple FW until our official release and you’ll be okay.  Just stay away from all Apple IPSWs :)
  • iPhone4 unlockers are not left out in the cold.  @sherif_hashim has found some very promising avenues to pursue.  Those will be explored as soon as possible after all the 4.2 madness.

What does this mean to you?

  • If you’re an unlocker, just stay where you are.  Please, just stay where you are.  Any mistakes you make now may be permanent. 
  • If you only care about the jailbreak and you’re absolutely sure you have your personalized 4.1 SHSH hashes, feel free to experiment but keep in mind that any mistakes you make may result in your losing pictures or notes or bookmarks that you’d rather keep.  Honestly unless you love living on the bleeding edge, it’s better to just wait for official updates from Cydia/redsn0w/PwnageTool.
  • Don’t buy or donate to any unlock or jailbreak scammers.  Every legitimate solution you will find for unlocks or jailbreaks will be offered without an extended hand.  That’s how the iPhone jailbreak/unlock community has succeeded.  It’s about freedom to do what you want with your $300 device –  not about donations, egos, tweets, or “interviews.”

Update #3:   (Warning: if you use the ultrasn0w unlock, please read no further…this doesn’t apply to you yet!) We’ve made some updates to redsn0w to make it easier for jailbreak developers (and tinkerers) to get their programs ready for 4.2.1.  As noted above, the public version of Cydia (and MobileSubstrate too!) is not 4.2.1-compatible.  redsn0w will now let you install your own custom bundles independent of Cydia (the bundle can actually be Cydia if you’ve compiled it on your own).  These bundles can be up to 15MB in size, and should be in the form of a gzip-compressed tar file.  

The new redsn0w 0.9.6b3 is available at:

It’s very important that you get the file permissions and ownerships right in your custom redsn0w bundles.  To give you a practical example of such a bundle, here’s one that includes OpenSSH, OpenSSL, and the basic apt installer programs:

  • SSH bundle v2 (update: v2 has fixed permissions..you can just drop this one right in even if you installed the first version)

redsn0w has also been updated to recognize the 4.2.1GM IPSWs.  *However*, as noted above, the 4.2.x jailbreak is not yet untethered for most devices!  That means until someone like @comex comes up with a way to untether it, you must use redsn0w (or a similar utility) to boot your device into a jailbroken 4.2.1 state.   (The only exceptions to this are the iPhone3G, non-MC iPod touch 2G, and old-bootrom iPhone3GS.  redsn0w will jailbreak those untethered!)

With the above redsn0w and SSH bundle, jailbreak developers and tinkerers can jailbreak and SSH into their 4.2.1 devices, provided they’ve done a tethered boot (using redsn0w’s “Just boot tethered right now” option).

Note:  The Cydia that’s included in 0.9.6b3 is the same one as in 0.9.6b2, and so it will *not* work on 4.2.1.  Don’t try installing it on 4.2.1!  Instead, use the SSH bundle, or compile Cydia on your own.  If you’re familiar with the apt utilities, you can use “apt-get” to install many programs from the command line.  Be sure to do “apt-get update” first to refresh your sources!

PLEASE CONSIDER THIS AN ADVANCED TOPIC!!  It’s not meant for the masses because it involves rather nerdy things like command lines and tar files.  But for those who know how to use this new redsn0w feature, have fun!