Update : iBooty has been updated to v1.6 ! Added a video tutorial.

iH8sn0w has posted a process quite complex to jailbreak iOS 4 for iPhone 3GS with new iBoot.
This jailbreak based on the creation of a custom firmware using Sn0wbreeze, that you will install thanks to a new tool iBooty from iH8sn0w.

It is a TETHERED JAILBREAK = whenever you turn off your phone, you will need to re-connect it to a computer to be able to turn it back on





iPhone 3GS, find the version of your iBoot.
For old iBoot, follow this guide.
For iPhone 3GS with new iBoot, this tutorial concerns you !
Required :

First condition : Have your file shsh 3.1.2 signed with Saurik server.

  • Modify your file Host. Read this guide.
  • You can have locally your ECID/ShSh on your PC grabbed with Umbrella.
  • If you do NOT have your ECID/ShSh signed for firmware 3.1.2, it is NOT possible to do it, actually only Firmware 4.0 is signed !

Grab the fileIBSS from Firmware 3.1.2

  • Put your iPhone in DFU mode (black screen)
  • Use the software IBSS Grabber
  • Click on Save. Save the folder or the file IBSS on your desktop of your computer.
  • Then click on "Start Watching".
  • When it is finished, start iTunes and restore the Firmware 3.1.2
  • When the restore is finished, go to the folder thath you put on your desktop thanks to IBSS Grabber.
  • In this folder, go to Firmware and then in the folder DFU.
  • You will find the file IBSS extracted from the Firmware 3.1.2.

Creation of a Custom Firmware iOS 4

    After executing this tool, you are in the ideal mode to leave Recovery mode and then reboot your iPhone.

    Free your IBSS and iBoot

    • Execute the tool Payload Pwner
    • Follow the steps.
    • This will create some files that you must copy in the same folder as iBooty.

    Prepare iBooty

    • Extract with 7-zip your Custom Firmware created before with Sn0wbreeze.
    • Put the files or folder Kernelcache and Firmware/DFU/iBEC.n88ap.RELEASE.dfu in the same folder as iBoot
    Rename the 3 following files :
    • iBSS 3.1.2 signed to « ibss312.dfu »
    • Kernel 4.0-Custom to « kernel.40″
    • iBEC 4.0-Custom to « ibec40.dfu »

    So, in the folder iBooty, you should have the following files :

    * iboot.payload – created with Payload Pwner.
    * exploitibss312 – created with Payload Pwner.
    * ibec40.dfu – extracted from Custom Firmware created with Sn0wbreeze.
    * irecovery.exe – included with iBooty.
    * readline5.dll – included with iBooty.
    * iBooty.exe – included with iBooty.
    * ibss312.dfu – your IBSS file during the restore of FW 3.1.2
    * kernel.40 – extracted from Custom Firmware created with Sn0wbreeze.
    * sn0w.img3 – included with iBooty.

    Restore Firmware iOS 4 Custom.

    • You are with Firmware 3.1.2 restored just before.
    • Start iBooty.exe and select "Prepare Device for Custom Firmware". The process starts and you will obtain snow, you can continue..
    • Start iTunes, then press SHIFT + Restore to install Custom iOS 4
    • At the end of the restore, the screen is black, this is normal !

    Activate your Custom iOS 4

    • Start iBooty.exe
    • Click on « Boot It »

    You should then have a jailbroken iOS 4 on your iPhone 3GS New iBoot.

    Notes :
    • You can find all other tutorials to jailbreak iOS 4 on other models here
    • You can unlock your iPhone here
    • Mac Version of this guide here

    If you like this post, share it ! | Post views: