How To Jailbreak iPhone 3GS On iOS 4.3 Using PwnageTool

After successful releases of the PwnageTool bundles for the iPhone 4, iPad and the iPod touch 4G/3G, a new bundle has been released now for the iPhone 3GS which will be able to jailbreak the device on the newly released iOS 4.3. Like all the other previous releases, this one too is meant only for a tethered boot only.

The jailbreaking instructions for this device are entirely similar to the ones seen in iPad, iPhone 4 and iPod Touch 4G. The instructions mentioned here are for both new and old bootrom iPhone 3GS. Just follow them exactly to successfully jailbreak your device.

Things that you will require first :

Points to be noted :

  • Cydia works hassle free on the iOS 4.3 GM.
  • The jailbreak is semi-tethered.
  • Your baseband is not going to be upgraded during the restore process.

Step 1 :

  • Download the PwnageTool bundle for your version of the iOS device over here and extract the .zip file.
  • On extracting you will find a .bundle file.
  • Move this file to your desktop.

Step 2 :

  • Download the PwnageTool 4.2 and copy it to the /Applications directory.
  • Next, right-click and click on “Show Package Contents“.

Step 3 :

  • Now navigate to Contents/Resources/FirmwareBundles/ and paste the .bundle file that you downloaded earlier in this location.

Step 4 :

Step 5 :

  • Download the iOS 4.3 GM firmware and move it to your desktop.

Step 6 :

  • Start the PwnageTool by selecting the Expert mode followed by selecting your device.

Step 7 :

  • Now select the iOS 4.3 GM firmware for your device by browsing for the location.

Step 8 :

  • Click on Build to start creating the custom 4.3 firmware file.

Step 9 :

  • The PwnageTool now creates the custom .ipsw file for the iPhone that will be jailbroken.

Step 10 :

Please follow these steps now to enter into DFU mode :

  • Hold the Power and Home buttons for 10 seconds.
  • Release the Power button but continue holding the Home button for another 10 seconds.
  • Now your device should be in DFU mode.

Step 11 :

  • Now start iTunes by clicking on you iOS device icon from the sidebar in iTunes.
  • Press and hold the left alt (option) button on MAC or the left shift button if you are using the windows based keyboard.
  • Click on Restore and then release the alt button.
  • iTunes now comes up with a prompt to select the location of the custom firmware4.3 file.
  • Select the required .ipsw file created earlier and click on open.

That’s it, the rest of the procedure will be carried out now by iTunes involving a number of automated steps so please be patient while iTunes installs the new firmware 4.3 on your device. Once this is done, your device will be then jailbroken on the iOS 4.3.

Steps to boot in tethered mode :

As of now, no untethered jailbreak solution has arrived yet for the iOS 4.3, you will have to boot in a tethered jailbroken state.

For this, you will be requiring a file named tetheredboot for the MAC OS X which is available here in .zip format.

Follow these steps for the booting procedure :

Step 1 :

  • We will require 2 files from the custom iOS 4.3 GM firmware which are kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu.
  • In order to get these files, first make a copy of the custom iOS 4.3 firmware that you created earlier and change its extension from .ipsw to .zip
  • Now begin extracting this .zip file.
  • Copy the kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu files which are located under /Firmware/dfu/
  • Now move these files and the tetheredboot application to a new folder named “tetheredboot” on the desktop.

Step 2 :

  • Turn off your device and start the terminal from the MAC OS X followed by running the following command :

sudo -s

  • Next, enter your administrator password and after that type in :

/Users/Downloads/tetheredboot/tetheredboot

/Users/Downloads/tetheredboot/iBSS.n90ap.RELEASE.dfu

/Users/Downloads/tetheredboot/kernelcache.release.n90

  • Now Press enter.
  • You will be seeing some code running in the terminal window as well as it will be asking you to enter into DFU mode.

Please follow these steps to enter into DFU mode :

  • Hold the Power and Home buttons for 10 seconds.
  • Release the Power button but continue holding the Home button for another 10 seconds.
  • Now your device should be in DFU mode.

Wait for the device to boot now. In the meantime, the terminal will be showing the message “Exiting libpoisOn“.

Your iPhone, iPad or iPod will now boot into a jailbroken tethered mode after a couple of minutes.