Jailbreakme + spirit2pwn + snowbreeze 2.0 = 3GS upgrade to 4.1?

[Kumputer]

I understand that there are many people here that used spirit2pwn and got bricked, but I actually used it, and it worked perfectly. Here's the tutorial I followed:

[Tutorial] Pwn your Old Bootrom 3GS on 4.0 | LEi Mobile

To clarify, I did this on a 3GS with old bootrom, with a completely fresh restore of the stock 4.0 firmware, then went straight to jailbreakme.com, then followed the tutorial. After the script ran and reported success, I was able to reboot just fine, and then I could successfully use pwnage tool to to a fresh restore of a pwned 4.0 or 3.1.2 (tried both). I haven't yet tried Sn0wbreeze.

However, just because it worked for me, I definitely would not recommend this if you do not have SHSH blobs saved for 4.0 or lower. Also, mind you there are some minor typos in the tutorial concerning some of the file names, eg rc3 rather than r3, but they're easy enough to get around.

[iYeow]

I understand that there are many people here that used spirit2pwn and got bricked, but I actually used it, and it worked perfectly. Here's the tutorial I followed:

[Tutorial] Pwn your Old Bootrom 3GS on 4.0 | LEi Mobile

To clarify, I did this on a 3GS with old bootrom, with a completely fresh restore of the stock 4.0 firmware, then went straight to jailbreakme.com, then followed the tutorial. After the script ran and reported success, I was able to reboot just fine, and then I could successfully use pwnage tool to to a fresh restore of a pwned 4.0 or 3.1.2 (tried both). I haven't yet tried Sn0wbreeze.

However, just because it worked for me, I definitely would not recommend this if you do not have SHSH blobs saved for 4.0 or lower. Also, mind you there are some minor typos in the tutorial concerning some of the file names, eg rc3 rather than r3, but they're easy enough to get around.

Yes, certainly you have taken the right path, doing ssh , tranfering files and executing commands is the safest way to do.
Those guys used the Spirit2pwn from Cydia and get screwed.

[apollo_1444]

if you are brave enough to try it, let us know your progress.

just try it jbme2pwn works!!! It won't brick iphone on 4.0.1!! Just tried!! same repo as spirit2pwn! woowiz repo!

I understand that there are many people here that used spirit2pwn and got bricked, but I actually used it, and it worked perfectly. Here's the tutorial I followed:

[Tutorial] Pwn your Old Bootrom 3GS on 4.0 | LEi Mobile

To clarify, I did this on a 3GS with old bootrom, with a completely fresh restore of the stock 4.0 firmware, then went straight to jailbreakme.com, then followed the tutorial. After the script ran and reported success, I was able to reboot just fine, and then I could successfully use pwnage tool to to a fresh restore of a pwned 4.0 or 3.1.2 (tried both). I haven't yet tried Sn0wbreeze.

However, just because it worked for me, I definitely would not recommend this if you do not have SHSH blobs saved for 4.0 or lower. Also, mind you there are some minor typos in the tutorial concerning some of the file names, eg rc3 rather than r3, but they're easy enough to get around.

...LOL fortunately tho' JBME2pwn does work now! its on the same repo as spirit2pwn and it will work in 4,0.1 just tested it!

[Poseidon79]

Is it just me or do I see more and more people coming on this forum saying I did *#+#*#} on Redmond Pie and now I'm having issues or I bricked my phone. How about people follow advice and instructions from reputable forums and sources


Sent from my iPhone using ModMyi

[apollo_1444]

Is it just me or do I see more and more people coming on this forum saying I did *#+#*#} on Redmond Pie and now I'm having issues or I bricked my phone. How about people follow advice and instructions from reputable forums and sources


Sent from my iPhone using ModMyi

how bout you sstop failing? ih8sn0w send that tutorial to different people like, dino7 and tyisiphonehelp and idedicate they all published that tutorial i think they are pretty reliable.. tutorial clearly stated "you can jailbreak on any firmware 3gs old boot and use jailbreakme just install spirit2pwn and you'll be good to go!" (not exact words but thats what it said!

however some small amount of users didn't have shsh for 3.x and since tutorial said it supported jailbreakme (4.x) people applyied a patch that made their iphones go mental and require a restore (called spirit2pwn) if you applied this patch in 4.0.1 the iphone goes nuts and requires a restore... if you do this in 3.x it will be ok since its meant to happen before upgrading... however in this scenario (4.x only) some had no luck and had to open iphone and disconnect battery, others just required a restore and downgrade to 4.0.1

ih8sn0w realized this plus there were people bugging him on IRC lol so he contacted repo hoster and they created jbme2pwn something that works just as spiri2pwn without actually needing to be in 3.x (some of us didn't have shsh for that)

he has been spreading this news on twitter and IRC for those few out there that didn't have shsh for 3.x or where to lazy to downgrade to that

so now we can enjoy custom 4.1 so before acting like a smartass try understading the whole situation...and what can i say about the redmondpie comment? well it might be true but in this case tutorial came from top sources

[Poseidon79]

Well seeing as iH8sn0w had to release 3 versions of sn0wbreeze 2.0 in the first 3 days to fix his shotty code I wouldn't trust anything he writes.


Sent from my iPhone using ModMyi

[apollo_1444]

Well seeing as iH8sn0w had to release 3 versions of sn0wbreeze 2.0 in the first 3 days to fix his shotty code I wouldn't trust anything he writes.


Sent from my iPhone using ModMyi

can you come up with something betteR?

[Poseidon79]

Of course not but you'd expect adequate testing before a public release like the Dev Team does with all their software.


Sent from my iPhone using ModMyi

[apollo_1444]

Of course not but you'd expect adequate testing before a public release like the Dev Team does with all their software.


Sent from my iPhone using ModMyi

the dev team has buggy software as well and they acknowledge this its called redsn0w

[Kumputer]

I just tried Sn0wbreeze 2.0 to install 4.1 on my old bootrom 3gs that had FW 4.0 pwned installed. It failed to take. Progress bar halted in iTunes restoring iPhone software at about 40%. Tried again, and still stuck at the same place. Satisfied that this wouldn't work, I tried reinstalling the pwnage 4.0 firmware (no activation because I have the native SIM), and it apparently failed somewhere in there, used tinyUnbrella to kick it out of recovery, and it was stuck at the emergency call screen, and iTunes could not see it anymore. I've just reinstalled the stock 4.0 FW because I have its SHSH luckily.

[apollo_1444]

I just tried Sn0wbreeze 2.0 to install 4.1 on my old bootrom 3gs that had FW 4.0 pwned installed. It failed to take. Progress bar halted in iTunes restoring iPhone software at about 40%. Tried again, and still stuck at the same place. Satisfied that this wouldn't work, I tried reinstalling the pwnage 4.0 firmware (no activation because I have the native SIM), and it apparently failed somewhere in there, used tinyUnbrella to kick it out of recovery, and it was stuck at the emergency call screen, and iTunes could not see it anymore. I've just reinstalled the stock 4.0 FW because I have its SHSH luckily.

did u use spirit2pwn? if so then...DON'T use JBME2PWN its on the woowiz repo same as spirit2pwn instal it first then create custm fw

(spirit2pwn only works if you're on 3.x fim) use jbme2pwn if you are jailbroken with jailbreakme on 4.0 or 4.0.1

[Kumputer]

I used spirit2pwn a while back successfully to convert jailbreakme to pwn, then I was able to install pwnage firmwares without any issues at all. Sn0wbreeze is a different story, though. I'm satisfied it won't work for me, and I won't risk using it on my other 3gs that does not have SHSH saved for anything, unfortunately. I'll wait for Greenp0ison. Hopefully it will be untethered and reliable.

[iYeow]

Wednesday, June 23, 2010
OLD BOOTROM + Spirit => 4.0 JB

Updated for FW 4.0/4.0.1 + 'Star' jailbreak. You'll need NOR files from a custom 4.0 ipsw made with PwnageTool 4.0.1.
You still obviously need to have an old bootrom 3GS, however you don't currently need any SHSH while Apple still signs 4.0.1
The fact that Star jailbreak uses Safari, however, means it will be patched in weeks, so back up those hashes while you can..
Now that 4.0 is jailbroken, potential uses of this method include installing 4.1 betas, rolling back to 3.x and similar fun activities.

STOP if you have a new bootrom (week 40+, tethered only 3.1.2 JB etc). Here's how to check bootrom ver
- your hardware is iPhone 3GS with OLD BOOTROM
- you HAVE 3.1.3 SHSH (**)
- you DON'T have 3.1.2 SHSH (otherwise, just use blackra1n/redsn0w).
- you WANT iOS4/JB

Update: thanks to movie for those awesome step by step instructions!
Update2: someone made a Cydia package. Looking at type of questions people ask in the comments, that might be the only option for 80% of them. Apple's license terms, of course, don't allow to redistribute their binaries, so I just link to it. Their description also says it works with 3.1.2/Spirit - I very much doubt that.

This tool can be used to flash pwned nor files (containing LLB exploit) on the phone running Spirit JB (script has hardcoded offsets for 3.1.3 3GS).

*Now flasher checks that all files exist before flashing them.
spirit2pwn_r2.zip - iphone-img3-flasher - Package rev 2 - Project Hosting on Google Code

Unpack pwned(!) 3.1.3 firmware, copy all the files from iPhone2,1_3.1.3_7E18_Custom_Restore\Firmware\all_f lash\all_flash.n88ap.production folder to /tmp directory your phone. You can use CyberDuck or WinSCP to do that. Copy those files directly to the /tmp, not to a subfolder: LLB should be at /tmp/LLB.n88ap.RELEASE.img3, etc.!
Extract the contents of the spirit2pwn_r2.zip archive to /tmp directory on the phone.
Run the following commands on the iPhone: (Use ssh or PuTTY).
cd /tmp

chmod 755 pwn_old_boot_r2.sh
./pwn_old_boot_r2.sh

Now reboot and your iboot and llb should be pwned, and you can restore to a custom FW now.
Thanks Gojohnnyboi for code, ZeRoLiMiT for testing

(**) Technically, you can still do that if you don't have 3.1.3 SHSH, but then if you don't really have old bootrom or if you use wrong ipsw files, your only option will be to upgrade to 4.0 and stay without jailbreak or unlock until a new exploit is made public.

[Poseidon79]

All this trouble for a /worthless/ upgrade! The only people who benefit from 4.1 are iPhone 4 owners to get the prox sensor fix (which has mixed reports) and the HDR camera upgrade. The 3G speed fix is a bunch of crap too bc the second you jailbreak and load a couple mobile substrate apps your phone is unusable again.


Sent from my iPhone using ModMyi