+ Reply
Results 1 to 7 of 7

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: frustrating pwned DFU problem

is a discussion within the

General

forums, a part of the

Jailbreak / Downgrading / Upgrading

section;
hi there, i've spent about 10 net hours googling and trying and watching and following tutorials in order to get an iphone 3gs from 5.1.1 to 5.0.1. i've got the
...
  1. #1
    What's Jailbreak?
    Join Date
    May 2012
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default frustrating pwned DFU problem
    hi there, i've spent about 10 net hours googling and trying and watching and following tutorials in order to get an iphone 3gs from 5.1.1 to 5.0.1.

    i've got the shsh blobs, i've got the stitched 5.0.1 custom firmware, but there's one huge problem: i just can't get into pwned dfu mode in order to restore with itunes.

    i've tried with redsnow and pwnagetool on mac as well as redsnow and ireb on windows xp via vmware fusion. results:

    - redsnow/pwnagetool on mac: both tell me it worked, but itunes gives me error 1600
    - redsnow/ireb on windows xp: both tell me it worked, but the iphone boots instead

    does anyone have an idea how to solve this?

    worth mentioning i guess: i'm not sure whether this 3GS has an old or new bootrom (it's produced during the weeks where redsnow says "results may vary").. i don't know whether that makes a difference.

    i'd sooo appreciate your help this is getting more and more frustrating.

  2. #2
    Super Penguin Mod i.Annie's Avatar
    Join Date
    Jun 2009
    Location
    SW Ohio
    Posts
    16,906
    Thanks
    137
    Thanked 2,202 Times in 1,924 Posts

    Have you tried this:

    Get the phone out of DFU mode (hold home and power for 10 seconds, release, power on as normal).
    Turn the phone off.
    Hold power for 3 seconds, without releasing it then hold home button until screen goes black. Release the power button and hold home.
    Then open Redsn0w, go to extras, go to dfu mode.

    It should auto-detect the device in DFU and proceed to pwn dfu it. If you have TinyUmbrella, be sure to go into Advanced Options and uncheck the box to point to Cydia on exit. Exit TU, try the restore again.

    I tried pwned dfu without setting it into DFU myself prior to using Redsn0w and that failed. So I did the DFU first myself, not with Redsn0w's timer, and allowed it to auto-detect it in dfu to pwn it.

  3. #3
    What's Jailbreak?
    Join Date
    May 2012
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    yeah i've tried that as well. i think the problem is that the limera1n exploit doesn't work properly, and i get the feeling it might have something to do with the bootrom, but i have no clue whatsoever as far as the technical stuff goes.

    it seems that on mac, redsnow/pwnagetool merely state that it's in pwned dfu when really it's not (getting itunes error 1600 after all), seems like it's rather simply in regular dfu.

    on windows xp it's more obvious it doesn't work, since it boots when the screen is supposed to be black.

  4. #4
    What's Jailbreak?
    Join Date
    May 2012
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    anyone? is the problem of booting instead of staying black known? i couldn't find any suggestions as to how to solve this anywhere.

  5. #5
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,670
    Thanks
    40
    Thanked 569 Times in 520 Posts

    Quote Originally Posted by ffs9 View Post
    anyone? is the problem of booting instead of staying black known? i couldn't find any suggestions as to how to solve this anywhere.
    It's quite unusual, at least in my experience. There are only two ways out of true DFU mode: manually rebooting your device, or sending an iBSS file over USB and bootstrapping the device.

    I'd stick purely with the native OS on your machine: in this case it sounds like that's OS X. Virtual machines have trouble correctly grabbing onto the USB devices.

    I have three more questions:

    1) Can we determine exactly what bootrom revision you have? Enter normal DFU mode on your phone, open System Profiler, and look under USB -> Apple DFU Device. If you see "iBoot 359.3" then you've got an old-bootrom phone; if it's 359.3.2 instead, then you've got a new-bootrom phone instead.

    2) Have you verified your SHSH blobs? Use redsn0w: Extras->SHSH->Verify. You'll need 19 blobs present and a valid APTicket for a flawless restore.

  6. #6
    What's Jailbreak?
    Join Date
    May 2012
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Ah thanks, didn't know I could check for it that way.

    But there are all 19 SHSH blobs and a vald APTicket. The bootrom is 359.3, old bootrom then.

    Does that explain any of the issues? Just to make sure I don't misunderstand: pwned DFU should eliminate error 1600 in iTunes, correct? The thing is with OS X (if sticking to the native OS is recommended) and redsnow, this weird "reboot instead of pwned DFU" doesn't occur (screen stays black)... but iTunes keeps giving me a 1600 error.

  7. #7
    Super Galactic Moderator Orby's Avatar
    Join Date
    Aug 2010
    Location
    Omicron Persei Eight
    Posts
    5,670
    Thanks
    40
    Thanked 569 Times in 520 Posts

    Quote Originally Posted by ffs9 View Post
    Ah thanks, didn't know I could check for it that way.

    But there are all 19 SHSH blobs and a vald APTicket. The bootrom is 359.3, old bootrom then.

    Does that explain any of the issues? Just to make sure I don't misunderstand: pwned DFU should eliminate error 1600 in iTunes, correct? The thing is with OS X (if sticking to the native OS is recommended) and redsnow, this weird "reboot instead of pwned DFU" doesn't occur (screen stays black)... but iTunes keeps giving me a 1600 error.
    There's some very unusual behavior with iOS 5.0(.1) and old-bootrom restores if I'm remembering correctly. What I'd like you to try is downgrading to stock iOS 4.1 (Apple still signs these blobs for the 3GS last I checked), and then going on to the pwned DFU -> custom firmware restore route. DO NOT ATTEMPT THIS IF YOU RELY ON ULTRASN0W FOR YOUR UNLOCK.

    A custom firmware of 4.1 might work if you need to preserve the baseband. Honestly, I don't know as I haven't tried it and I can only remember something like this happening once before.

LinkBacks (?)


Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts