Jailbreak iPhone 3GS on iOS 4 GM

This took me a few hours and quite a few firmware builds and restores to make it work, but I got it working. There is a specific set of circumstances that have to be in place for this to work for you. If you are not experienced in jailbreaking, turn back now! Your iPhone 3GS must be on OS 3.1.2, and already jailbroken with your ECID/SHSH on file on Saurik’s server. If you are on OS 3.1.3, you can downgrade to 3.1.2, as long as your ECID/SHSH is on file.

I should warn you that this is not an official release from the creators of Pwnage Tool, The iPhone Dev Team. We have to modify the Pwnage Tool, to make this work with iOS 4. This all has to be done on a Mac, and you’ll need Pwnage Tool 3.1.5, the iOS 4 GM firmware for Iphone 3GS (iPhone2,1_4.0_8A293_Restore.ipsw), and iTunes 9.2 (beta). The firmware and iTunes 9.2 aren’t widely available to the public, but I have a feeling you know where to get them.

Another thing you should know is, there isn’t much in Cydia that works with iOS 4, yet. You’re better off waiting for an official release. Upgrading to iOS 4 will upgrade your baseband, so if you need to unlock your iPhone to use it, stop right here. Pwnage Tool does preserve your baseband, but if something screws up, you may be forced to restore, upgrading your baseband, and losing your unlock.

Okay, if I haven’t scared you away yet, let’s get started. Download these files:

Pwnage Tool 3.1.5

iPhone2,1_4.0_8A293_bundle.zip (this was built by msft.guy, and will be inserted into Pwnage Tool, for compatibility with iOS4 on 3GS)

data.tar (this will be inserted into the Cydia bundle, in the Pwange Tool)

Now, unpack Pwnage Tool and the bundle; leave “data.tar” the way it is. Get it all to your desktop. Right click on Pwnage Tool and select Show Package Contents. Navigate to Contents>Resources>FirmwareBundles. Drop in the bundle you just downloaded, into this folder.

While still in Pwnage Tool file system, navigate to Contents>Resources>CustomPackages>CydiaInstaller.bundle>. Right click on CydiaInstaller.bundle and select Show Package Contents. Select the “files” folder, drop in the data.tar file.

Now, open Terminal, and type the following commands:

cd desktop

cd PwnageTool.app/Contents/Resources/CustomPackages/CydiaInstaller.bundle/files

tar xpvf data.tar

This installs the data.tar file in the Cydia bundle properly.

Once that’s all done you can close all windows and open up your modified Pwnage Tool. Select iPhone 3G(s) from the device choices, and click the blue arrow. The iOS 4 firmware should pop up on the list. If not, just browse for it. Select it and continue as you normally would to build your custom firmware with Pwnage Tool.

When Pwnage Tool is finished, you can restore your iPhone 3GS using iTunes 9.2 and the custom firmware you just built. This method worked for me, but you try this at your own risk. We here at iPhoneinCanada cannot be held responsible for anything you do to your iPhone.

If you’re successful, you will notice that Cydia runs really fast in iOS 4. I had played with it a bit on an iPhone 3G, but on the 3GS, it is incredibly faster. Like I said earlier, not much is working, but things like OpenSSH and iFile are working, so you are able to get in there and change SMS tones, and UI elements. Just make sure you back up your files, before you start changing things around in there.

Please post below if you have success or failure with this method. Good luck!

You can follow me on Twitter, if you have questions: @rorypiper. I’m usually pretty quick to answer.

You can also check out more jailbreak and iPhone news over at www.iEvolution.ca