Dev-Team Blog
To find yourself, think for yourself © Socrates 469 BC
Tic tac toe… 

… three in a row!  Apple released iOS 4.3.3 on Wednesday, and once again the untethered jailbreak exploit that @i0n1c created for 4.3.1 still works.  That makes it an unprecedented three firmwares where the same userland exploit works.  We’re not exactly sure why Apple hasn’t fixed the hole yet, but we’re not complaining!

Today’s PwnageTool and redsn0w incorporate @i0n1c’s port to 4.3.3 (it’s ironic that such a long-lasting untether doesn’t even have an official name!).  It also of course uses geohot’s limera1n bootrom exploit to inject the jailbreak. The 4.3.3 untether works on all devices that actually support 4.3.3 except for the iPad2:

  • iPhone3GS
  • iPhone4 (GSM)  
  • iPhone4 (CDMA) (4.2.8 - See update #3)
  • iPod touch 3G
  • iPod touch 4G
  • iPad1
  • AppleTV2G (v4.3 8F202…see update #2 below for the v4.3 8F305 bundle)

Some things to note:

  1. ultrasn0w unlockers must stay away from redsn0w!  Use only a custom IPSW to update to 4.3.3, to avoid updating your baseband.  There are plenty of tutorials for both redsn0w and PwnageTool at sites like iClarified.com.  Or feel free to ask away in our comments section below.
  2. ultrasn0w has been updated to v1.2.3 to be compatible with iOS 4.3.3 and earlier (the ultrasn0w update does not include any new baseband support!).  Please reboot your iPhone using the normal “slide to power off” swipe after installing ultrasn0w 1.2.3.
  3. By popular demand, redsn0w now allows you to enable multitasking gestures (although most will find it useful only on iPads).
  4. iPad2 update:  The iPad2 jailbreak remains under development.  As you may know, the original exploit @comex developed in the first week of the iPad2 release was mysteriously fixed by Apple within days of its development.  Partly because of this, don’t expect much public discussion of the iPad2 jailbreak until it’s actually finished and ready for release (and please avoid asking about it).  In all liklihood, it will be a userland exploit like the first (unreleased) one, not dependent on bootrom dumps.  The first one can’t be released even for those with the original 4.3 firmware due to legal (distribution) reasons.

As always, please feel free to ask for help or advice in our comment section, with our friendly moderators Confucious, sherif_hashim, dhlizard, Frank55, and subarurider (and many other very knowledgable commenters too!)


Update #1: PwnageTool and redsn0w have been updated to include a fix for the iPhone3GS/i4 side switch vibration issue (only for 4.3.3!).  Thanks to @i0n1c for tracking this down (even though he doesn’t even have an iPhone!).

If you’re already jailbroken at 4.3.3 (by either redsn0w rc15 or custom IPSW), you can install this fix simply by running redsn0w rc16 over your existing 4.3.3 jailbreak.  Just uncheck the “Install Cydia” option and check any other options you want.  The fix will be installed no matter what you’ve selected.  This is safe for even ultrasn0w unlockers to do (because redsn0w itself won’t update your baseband…only an iTunes stock IPSW update/restore will do that).

redsn0w rc16 has a few more improvements:  Windows 7 and Vista users should no longer need to set their CPU affinity…just run redsn0w as Administrator in XP compatiblity mode.  Also, the “verbose boot” option for old-bootrom iPhone 3GS has been fixed for 4.3.3 (remember: old-bootrom 3GS users can even have custom bootlogos that show right at power-up).  Enjoy!


Update #2:  Apple released a minor update to iOS 4.3 for AppleTV2G (the IPSW name still says 4.3, but the build version changed from 8F202 to 8F305).  @i0n1c was once again able to quickly port his original 4.3.1 untether (the exploit that wouldn’t die!) to this version.  

If you do feel like updating to the “new” 4.3, you’ll need to drop this bundle into the correct folder in PwnageTool.app.  If you don’t know how to do that, there are lots of tutorials on the web, and we’d be glad to help in the comments below.  

Thanks once again, @i0n1c!


Update #3: We’ve updated redsn0w (0.9.6rc18) to also include the Verizon iPhone4-CDMA iOS version 4.2.8 untether (which uses the HFS exploit).


Update #4: redsn0w has been updated to 0.9.6rc19 to include changes in the way custom bundles are handled.  Now when you use a custom bundle, most of the normal jailbreak steps (like stashing and untethering) are skipped.  This makes it easier for custom bundles like the Verizon i4 jailbreakme fix.


redsn0w 0.9.6rc19:


PwnageTool Official BitTorrent Release

SHA1 Sum = 2c8b17c28ae10295b72dabde30bb4b39b0e85821

Unofficial Mirrors

The following links are unofficial download mirrors, you download these archives at your own risk, we accept no responsibility if your computer explodes or if it becomes part of a NASA attacking botnet or even worse if your hands fall off mid-way during the use of these files. We do not check these links and we accept no responsibility with regard to the validity of the files, the other content that these links may provide or with the content that is on the third-party linked site.

Always check the files that you have downloaded against our published SHA1 hash.

We would prefer that you downloaded the official bittorrent release that is linked above, but you are welcome to try these if you really must.

Mirror owners should email mirrors to blog@iphone-dev.org - please ensure that they are direct dmg download links only  (no rapidshare type sites please) and that your web-server can serve DMG MIME types properly. — please don’t place mirrors in the comments as they will be deleted.