Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
Thread: frustrating pwned DFU problem
05-15-2012, 01:04 PM #1frustrating pwned DFU problem
hi there, i've spent about 10 net hours googling and trying and watching and following tutorials in order to get an iphone 3gs from 5.1.1 to 5.0.1.
i've got the shsh blobs, i've got the stitched 5.0.1 custom firmware, but there's one huge problem: i just can't get into pwned dfu mode in order to restore with itunes.
i've tried with redsnow and pwnagetool on mac as well as redsnow and ireb on windows xp via vmware fusion. results:
- redsnow/pwnagetool on mac: both tell me it worked, but itunes gives me error 1600
- redsnow/ireb on windows xp: both tell me it worked, but the iphone boots instead
does anyone have an idea how to solve this?
worth mentioning i guess: i'm not sure whether this 3GS has an old or new bootrom (it's produced during the weeks where redsnow says "results may vary").. i don't know whether that makes a difference.
i'd sooo appreciate your help this is getting more and more frustrating.
05-15-2012, 10:49 PM #2
Have you tried this:
Get the phone out of DFU mode (hold home and power for 10 seconds, release, power on as normal).
Turn the phone off.
Hold power for 3 seconds, without releasing it then hold home button until screen goes black. Release the power button and hold home.
Then open Redsn0w, go to extras, go to dfu mode.
It should auto-detect the device in DFU and proceed to pwn dfu it. If you have TinyUmbrella, be sure to go into Advanced Options and uncheck the box to point to Cydia on exit. Exit TU, try the restore again.
I tried pwned dfu without setting it into DFU myself prior to using Redsn0w and that failed. So I did the DFU first myself, not with Redsn0w's timer, and allowed it to auto-detect it in dfu to pwn it.
05-16-2012, 01:45 AM #3
yeah i've tried that as well. i think the problem is that the limera1n exploit doesn't work properly, and i get the feeling it might have something to do with the bootrom, but i have no clue whatsoever as far as the technical stuff goes.
it seems that on mac, redsnow/pwnagetool merely state that it's in pwned dfu when really it's not (getting itunes error 1600 after all), seems like it's rather simply in regular dfu.
on windows xp it's more obvious it doesn't work, since it boots when the screen is supposed to be black.
05-16-2012, 03:17 PM #4
anyone? is the problem of booting instead of staying black known? i couldn't find any suggestions as to how to solve this anywhere.
05-16-2012, 05:31 PM #5
I'd stick purely with the native OS on your machine: in this case it sounds like that's OS X. Virtual machines have trouble correctly grabbing onto the USB devices.
I have three more questions:
1) Can we determine exactly what bootrom revision you have? Enter normal DFU mode on your phone, open System Profiler, and look under USB -> Apple DFU Device. If you see "iBoot 359.3" then you've got an old-bootrom phone; if it's 359.3.2 instead, then you've got a new-bootrom phone instead.
2) Have you verified your SHSH blobs? Use redsn0w: Extras->SHSH->Verify. You'll need 19 blobs present and a valid APTicket for a flawless restore.
05-17-2012, 11:53 AM #6
Ah thanks, didn't know I could check for it that way.
But there are all 19 SHSH blobs and a vald APTicket. The bootrom is 359.3, old bootrom then.
Does that explain any of the issues? Just to make sure I don't misunderstand: pwned DFU should eliminate error 1600 in iTunes, correct? The thing is with OS X (if sticking to the native OS is recommended) and redsnow, this weird "reboot instead of pwned DFU" doesn't occur (screen stays black)... but iTunes keeps giving me a 1600 error.
05-17-2012, 11:53 PM #7
A custom firmware of 4.1 might work if you need to preserve the baseband. Honestly, I don't know as I haven't tried it and I can only remember something like this happening once before.