Complete iOS Jailbreak Guide

Discussion in 'iPhone, iPod & iPad' started by Dialexio, Aug 3, 2010.

Aug 3, 2010

Complete iOS Jailbreak Guide by Dialexio at 5:06 PM (129,612 Views / 9 Likes) 1,304 replies

  1. Dialexio
    OP

    Member Dialexio GBAtemp Advanced Maniac

    Joined:
    Mar 14, 2009
    Messages:
    1,546
    Country:
    United States
    iOS Jailbreak Guide
    "The beat goes on" "New Jailbreaks Still Feature Chinese Piracy :<" Edition
    This guide was last significantly updated on August 11, 2014 at 9:34 PM EST. It has not been updated for newer jailbreaks that have been released between then and now.

    [​IMG]

    This guide is maintained by Dialexio, with help from iFish. It was based on the guide written by Danny600kill, iFish, and alidsl, but has since been (nearly) rewritten.​

    Glossary
    Here are a few terms you might come across while jailbreaking.
    • DFU Mode: Device Firmware Upgrade Mode. This mode is embedded into every iOS device, and is often exploited for jailbreaking.
    • IPSW: Originally standing for "iPod Software", an IPSW contains the firmware for a device. (It's actually a renamed .ZIP file.) Each device has its own firmware— you can't use an iPod touch 5G firmware on an iPad or iPod touch 4G.
    • Jailbreaking: The process of allowing iOS to run programs that Apple didn't approve. They can extend the capabilities of your device in many ways, breaking Apple's boundaries in the process (try finding custom themes in the App Store!). You'll have all of the features that Apple typically provides with iOS, and everything else Apple won't provide!
    • Semi-tethered jailbreak: It's like an untethered jailbreak in that it can boot without a cable and can run most Apple-approved apps. Some things may not work properly though, like Safari.
    • SHSH: A signature that is used within Apple's firmware. In recent devices, the firmware is customized with a device-unique string, requiring iTunes to get new SHSHs from Apple.
    • Tethered jailbreak: A jailbreak that requires you to connect your device to your computer every time you reboot.
    • Untethered jailbreak: A jailbreak that does not require a computer to reboot.

    Can your device be jailbroken?
    Since this guide was last updated, the newest version of iOS is 10.0.2 and does not have a jailbreak. Although jailbreaks for newer versions of iOS are available, the latest covered by this guide is iOS 7.0.6. This guide does not cover newer jailbreaks for ethical reasons. (#NO PLS #PIRCAY)

    The following do not have a jailbreak release:
    • Apple TV 2G (6.0.2 Build 11B651)
    • Apple TV 3G (all firmwares, all models)

    What device do I have?
    Warning: Spoilers inside!

    Important Notes About This Guide
    iFish and I have done all that we can to ensure every step is correct, and to ensure you will not have a brick. However, things can go awry at any time. We are not responsible for such incidents, though we recommend attempting a restore in DFU Mode; it solves most problems.

    We run this guide as a favor, and have a simple request: please redirect all drivel related to piracy somewhere else. (Preferably /dev/null.) We realize the irony of this site, but we want to make it clear that jailbreaking is not piracy. See no evil, hear no evil, speak no evil. Thanks for understanding.

    SHSH Tutorials (Please read, even if you decide not to jailbreak!)
    What's the big deal about SHSHs?
    Since the iPhone 3GS was released, Apple uses something known as an "SHSH blob" to prevent downgrades. When you update/restore your device, iTunes sends a device-unique string (called an ECID) to Apple's server, and receives the SHSH blob in return. iTunes then applies the ECID and SHSH strings from the blob to the firmware.

    Via this method, Apple can prevent downgrades, which could come in handy to people, particularly jailbreakers. But why should you worry about SHSHs, even if you don't want to jailbreak? A new update pushed out by Apple may contain an annoying bug, and downgrading may be your only option for getting rid of it, since we don't know when Apple will push an update.

    Click on your device to see what firmwares Apple is signing:
    Warning: Spoilers inside!

    Backing Up/Using SHSHs with TinyUmbrella [​IMG] [​IMG]
    Open for details.

    Keeping your A5(X) Device on iOS 5.1.1 [​IMG] [​IMG]
    Open for details.

    Dumping/Using SHSHs with iFaith [​IMG]
    Warning: Spoilers inside!

    Useful Tutorials
    How to Enter DFU Mode [​IMG]

    DFU Mode, short for "Device Firmware Upgrade," is basically a more lenient and more thorough version of Recovery Mode. Recovery Mode is what Apple tells you to do if your firmware is messed up, but the dudes at the Genius Bar use DFU Mode. Need I say more on which I think you should use? :P

    DFU Mode is also handy if you need to eliminate as many tracks of your jailbreak as possible. (You know, in case your device's future owner doesn't want hacks or Apple declares your warranty void.)

    Apple TV instructions
    Connect your Apple TV to your computer. (Everything else should be unplugged.)

    Hold the Menu and Down buttons for six seconds to reboot the Apple TV. Immediately afterwards, hold Menu and Play.
    [​IMG] [​IMG]

    Instructions for everything else
    Connect your device to your computer and then turn it off.
    [​IMG][​IMG]

    Press and hold the Sleep and Home buttons for 10 seconds. After 10 seconds, let go of the Sleep button ONLY.
    NOTE: If (and only if) your device does not have a physical Home button, use the Volume down button instead.
    [​IMG][​IMG]

    The screen should now be completely off, while your computer will identify the device as "Apple Mobile Device (DFU Mode)."
    [​IMG]

    If you see an iTunes logo on your screen instead, you are in Recovery Mode. Try following these steps again from the beginning.
    [​IMG]

    Open up iTunes, and it will say that it has detected a device in recovery mode.
    [​IMG]

    Now, we're gonna restore the device. If you just want the latest firmware and don't want to jailbreak, click "Restore."

    If you care about what firmware gets installed, hold down Option (Mac OS X) or Shift (Windows) and click the "Restore" button. Then browse to the IPSW you wish to use.


    Jailbreaking Tutorials
    Remember: In this guide, if the device/firmware combination is magenta-colored and underlined, the jailbreak is tethered (unless you have an "old bootrom" device). Otherwise, the jailbreak is untethered.
    Guide maintained by Dialexio and iFish.
    What jailbreak tool should I use?
    If you're jailbreaking…
    • An Apple TV 2G, go with Seas0nPass.
    • iOS 5.1.1, look into Absinthe, PwnageTool, redsn0w, or sn0wbreeze.
    • iOS 6.1.3 through 6.1.6, look into p0sixspwn.
    • iOS 7.0 through 7.0.6, look into evasi0n7.

    Jailbreaking with Absinthe [​IMG] [​IMG] [​IMG]
    Absinthe supports iOS 5.0.1 and 5.1.1! (And iOS 5.0 on the iPhone 4S.)
    Warning: Spoilers inside!

    Jailbreaking with evasi0n7 [​IMG] [​IMG]
    evasi0n7 supports iOS 7.0 through 7.0.6.
    Warning: Spoilers inside!

    Jailbreaking with p0sixspwn [​IMG] [​IMG]
    p0sixspwn supports iOS 6.1.3 through 6.1.5.
    Warning: Spoilers inside!

    Jailbreaking with PwnageTool [​IMG]
    Warning: Spoilers inside!

    Jailbreaking with redsn0w 0.9.4 [​IMG] [​IMG]
    redsn0w 0.9.4 was designed for jailbreaking iOS 3.1.3 only. You might be looking for redsn0w 0.9.15b3 instead.
    Warning: Spoilers inside!

    Jailbreaking with redsn0w 0.9.15b3 [​IMG] [​IMG]
    redsn0w 0.9.15b3 supports iOS 3.2.2, and 4.1 through 6.0! iOS 4.2.7*, 4.2.9, 4.2.10, 4.3.4, 4.3.5, 5.0, 5.1, and 6.0 are tethered.
    Warning: Spoilers inside!

    Jailbreaking with Seas0nPass [​IMG] [​IMG]
    Warning: Spoilers inside!
    Guide maintained by Dialexio and iFish.
    Jailbreaking with Saffron (a.k.a. JailbreakMe 3.0) [​IMG]
    Warning: Spoilers inside!

    Jailbreaking with sn0wbreeze [​IMG]
    Warning: Spoilers inside!
    Guide maintained by Dialexio and iFish.

    Noteworthy Post-Jailbreak Info
    Booting your Tethered Apple TV with Seas0nPass [​IMG] [​IMG]
    Downloads
    Seas0nPass for Mac OS X Snow Leopard, or Seas0nPass for Windows XP/later

    Guide
    1. Download and run Seas0nPass. This time, select "Boot Tethered."
      [​IMG]
    2. Connect your Apple TV to both a power source and via USB.
    3. Follow the instructions to enter DFU Mode.
    4. Seas0nPass will notify you when the boot finishes. Remove the USB cable (not the power cable!) and connect the HDMI cable.

    FAQ (if they weren't frequently asked, they will be)
    1. I followed your guide, and now my device is stuck on the Apple logo!
      - Your jailbreak is probably tethered. The program that you used to jailbreak your device most likely has a mode to boot a tethered jailbreak.
      These lines are here to improve readability.
    2. Can I downgrade without SHSH——
      - NO, NO, NO! The only cases where you can are with really old devices and really old firmwares.
      If there were a way, why is backing them up still advocated?
    3. I have an iPod touch 1G. Could you help me get iOS 3.1.3?
      - Upon purchasing it for $4.95 USD, iTunes will download iOS 3.1.3. (On Mac OS X, the IPSW can be found in "~/Library/iTunes/iPod Software Updates". On Windows, the IPSW can be found in "%AppData%\Apple Computer\iTunes\iPod Software Updates".)
      Super-Vague Hint That I Won't Explain To You: Set "touchUpdate" to true, and you can download the IPSW (from Apple) in your web browser.
    4. What the hell are those tables on The iPhone Wiki's firmware page? It's just as cluttered as this page, so just link to the simpler Felix--
      - That Felix link contains warez. Certain versions of iOS are paid firmwares for the iPod touch 1G and 2G, and that website provides MegaUpload links to said firmwares.
      If you don't believe me, just look at the source code.
    5. Can you help me download App Store apps for free?
      - No. Get lost.
      It may be more fun to be a pirate than join the navy, but being a ninja beats being a pirate. ;P
    6. Well... Can you help me download Cydia Store apps for free?
      - From a technical standpoint, pirating something from iOS (especially a Cydia program) is downright stupid. Anything you get from Cydia runs under the super user "root," which can do anything to your iOS installation. A malicious crack could share your text messages and pictures with the whole world. Developers may collect a unique ID from your device, which can (that does not mean "will," though) result in being blacklisted from multiple things.

      Now, that mini-rant was probably heavy with FUD, but those are technically possible.
      Before you ask me who that person is, it's chpwn. Not that you're reading this.
    7. Will a jailbreak affect my iTunes or App Store apps?
      - It will not make a difference in most cases. Certain App Store apps might detect your jailbreak and present an "error" message, but an app called "xCon" in Cydia can address that.
      M
    8. Does a jailbreak void my warranty?
      - Yes. However, all traces of a jailbreak can be erased so Apple would never know. (Note that they may detect funny baseband issues like having 06.15.00 installed.)
      A
    9. I want to wipe out my jailbreak! How do I do this?
      - In most cases, a restore in iTunes should do the trick. If you really want to be sure, a DFU restore covers pretty much every trace (except for basebands).
      R
    10. I jailbroke my device! What should I do now?
      - We can't answer this directly; jailbreaking gives you the freedom to do basically anything you want. Most people who have a fresh jailbreak have a search through Cydia and see what apps interest them. There are some great apps out there just waiting for you to download. A few popular ones include "Five Icon Dock," "SBSettings," and "Winterboard."

      alidsl also wrote up a guide detailing many post-jailbreak things of interest.
      B
    11. What's the difference between (Device X) and (Device X Rev A)?
      - There are slight internal differences that force Apple to use different firmwares. For instance, there are two variants of the iPad 2 Wi-Fi model: one is the original, and a revised model uses a more power-efficient A5 chip.
      L
    12. THEREZ NO JALEPRAKE 4 MAI IFON! Y NOT? DEV TEAM SUKCZ AND U TOO
      - It's being worked on. (You know what's not going to fix it? Your shouting! ;P)
      E
    13. Can I save my SHSHs for device X/firmware Y?
      - Yes, provided Apple is still signing it. The list of device/firmware combinations that Apple is still signing can be found above, in the "Backing Up/Using SHSHs with TinyUmbrella" section.
      C
    14. I have SHSHs backed up for firmware X, but my friend doesn't. Can they use mine?
      - No. They are unique to every device.
      A
    15. I have SHSHs backed up for firmware X. Can I use them to restore to firmware Y?
      - No.
      K
    16. I don't have baseband 01.59.00 on my iPhone 4 GSM model. Can I use the iPad baseband (06.15.00)?
      - No. The first generation iPad does not use the same baseband chip as the iPhone 4.
      E
    17. I have a baseband that doesn't work with ultrasn0w. I CAN HAS UNLOCK?
      - Yes, but be prepared to shell out money (and possibly risk privacy). Some sites can unlock your iPhone if you provide your iPhone's IMEI number (be alert for scams, though).

      There are also some SIM card hacks (two legal ones being the "Gevey Ultra" and the "Rebel SIM") that promises to unlock current basebands, and provide updates for future basebands.
      ))
    18. Why do you not use Simple Mode for PwnageTool?
      - I'm a bit of a control freak, so I'd rather know what's going into the IPSW. If you want to use Simple Mode, by all means go for it.
    Credits
    Current Writers: Dialexio, iFish
    Original Writers: alidsl, Danny600kill, iFish
    Select images (DFU Mode images, pwnapple, anything else I forgot): iPhone Dev Team
    Developing jailbreak tools: Chronic Dev, evad3rs, geohot, iH8sn0w, and the iPhone Dev Team
    Developer of SAM: sbingner
    iPhone 4 baseband preservation process: semaphore
    TSS API: iNeal

    Questions? Comments? Suggestions? Errors? Don't hesitate to drop a message! :)
    Please keep in mind that "iPhone 3Gs" means "more than one iPhone 3G," "iPhone 4s" means "more than one iPhone 4," and "iTouch" is a DS flashcard.
     
    Last edited by Dialexio, Oct 16, 2016 - Reason: Remove evasi0n for iOS 6.0-6.1.2, in favor of p0sixspwn.
    Minnow, Anakir, Squirps and 6 others like this.


  2. luke_c

    Member luke_c Big Boss

    Joined:
    Jun 16, 2008
    Messages:
    3,587
    Location:
    Land of England
    Country:
    United Kingdom
    Should note about jailbreaking with JailbreakMe and that iPhone 3G and iPod Touch 2G users also need to backup their SHSH blobs now as since 4.0 Apple have been 'soft-signing' the signatures for them devices.

    Don't mean to bump this but been as this is now taking over from the other thread more people should be looking at this thread, this thread should also be stickied.
     
  3. Danny600kill

    Member Danny600kill xD

    Joined:
    Aug 3, 2009
    Messages:
    1,664
    Location:
    Manchester
    Country:
    United Kingdom
    Thank you for taking this on, I appreciate it so much, good luck and great guide
     
  4. metamaster

    Member metamaster GBAtemp Advanced Fan

    Joined:
    Mar 7, 2010
    Messages:
    876
    Country:
    Canada
    You should remove blackra1n from the list since other options, such as Spirit, have taken taken it's place. That an the fact that blackra1n is tethered. So it's pretty much rendered obsolete.
     
  5. Dialexio
    OP

    Member Dialexio GBAtemp Advanced Maniac

    Joined:
    Mar 14, 2009
    Messages:
    1,546
    Country:
    United States
    Thanks for the feedback, guys!
    Done.
     
    1 person likes this.
  6. iFish

    Member iFish Slower than a 90s modem

    Joined:
    Jul 11, 2009
    Messages:
    4,222
    Location:
    Montreal, QC
    Country:
    Canada
    Ah... thanks!

    Great Job [​IMG]\


    Just to note something. Cydia now saves your SHSH blobs on all devices [​IMG]
     
  7. Dialexio
    OP

    Member Dialexio GBAtemp Advanced Maniac

    Joined:
    Mar 14, 2009
    Messages:
    1,546
    Country:
    United States
    Thanks! [​IMG] I'll probably need your help keeping the sn0wbreeze section up-to-date though, if that's fine with you. [​IMG]
     
  8. iFish

    Member iFish Slower than a 90s modem

    Joined:
    Jul 11, 2009
    Messages:
    4,222
    Location:
    Montreal, QC
    Country:
    Canada
    Sure! No worries. i jailbreak my devices with all tools. used redsn0w on iPhone. Sn0wbreeze on iPod and Jailbreak me for iPhone 4 and iPad [​IMG]

    Just shoot me a pm when you need. or hit me up on msn
     
  9. Madridi

    Member Madridi Card Collector

    Joined:
    May 9, 2008
    Messages:
    2,425
    Location:
    Doha
    Country:
    Qatar
    Great guide [​IMG]
    But now that Star Jailbreak is out, is there any need for any other one?

    Well, other jailbreaks that create custom IPSW which lets you customize some stuff is probably fine, but there isnt really any point for spirit now is there?

    Suggestions:
    - You might want to include a small section for ultrasn0w .. as people might need to unlock as well.
    - Maybe list a couple of programs such as blackra1n that are now obselete so that people would disregard them. The reason is that people might heard about these programs and think that they might need to use it or something, and since this guide doesnt even mention them they might look somewhere else. But if they read that its obselete and old .. they would know that they dont need it..

    Just a few suggestions [​IMG] ..
    Good work, and thanks [​IMG]
     
  10. neokingster

    Newcomer neokingster Advanced Member

    Joined:
    Mar 14, 2009
    Messages:
    81
    Country:
    United Kingdom
    Im slightly confused here, i have an ipod touch 3rd gen 32gb jailbroken with spirit on 3.1.3. But i would like to upgrade to 4.1. is there any way in which i can still keep all my jailbreak data?
    TIA
     
  11. metamaster

    Member metamaster GBAtemp Advanced Fan

    Joined:
    Mar 7, 2010
    Messages:
    876
    Country:
    Canada
    Unfortunately, you can't. Every update erases Cydia and the packages you installed. But your files remain, such as roms, settings. What you can do, is to install rock (rockapp) through Cydia before you update, link your device to an e-mail account and backup your apps. So when you reinstall Rock after updating, you can restore those apps thanks to the same e-mail account.

    @Dialexio: Spirit has been updated to work with iTunes 9.2. You can get it here .
    I also forgot to mention that this is a very good and complete guild. Keep on updating it. [​IMG]
     
  12. neokingster

    Newcomer neokingster Advanced Member

    Joined:
    Mar 14, 2009
    Messages:
    81
    Country:
    United Kingdom
    So do i just update through itunes?

    EDIT: also to update itunes says it needs 9.2 which i heard crashes spirit. is that a problem?
     
  13. Madridi

    Member Madridi Card Collector

    Joined:
    May 9, 2008
    Messages:
    2,425
    Location:
    Doha
    Country:
    Qatar
    Spirit's website doesnt show an update. Is this an unofficial build?
     
  14. metamaster

    Member metamaster GBAtemp Advanced Fan

    Joined:
    Mar 7, 2010
    Messages:
    876
    Country:
    Canada
    It's probably unofficial, but as long as it works, who cares.
     
  15. neokingster

    Newcomer neokingster Advanced Member

    Joined:
    Mar 14, 2009
    Messages:
    81
    Country:
    United Kingdom
    Also how do i update, ive got spirit so updating itunes to 9.2 will crash it, wont it?
     
  16. Madridi

    Member Madridi Card Collector

    Joined:
    May 9, 2008
    Messages:
    2,425
    Location:
    Doha
    Country:
    Qatar
    it was just to clarify things really.. no harm on getting accurate information [​IMG]
     
  17. neokingster

    Newcomer neokingster Advanced Member

    Joined:
    Mar 14, 2009
    Messages:
    81
    Country:
    United Kingdom
    how do i make my existingly jailbroken ipod work with itunes 9.2 then? I have 32gb 3rd gen done with spirit.
     
  18. Dialexio
    OP

    Member Dialexio GBAtemp Advanced Maniac

    Joined:
    Mar 14, 2009
    Messages:
    1,546
    Country:
    United States
    If it's already jailbroken, you can go ahead and update iTunes. If you have to restore to 3.1.3, Spirit won't work, but you could always use Star. [​IMG]
     
  19. Madridi

    Member Madridi Card Collector

    Joined:
    May 9, 2008
    Messages:
    2,425
    Location:
    Doha
    Country:
    Qatar
    Ah yes, good point. [​IMG]
     
  20. alidsl

    Member alidsl I am now a lurker

    Joined:
    May 27, 2009
    Messages:
    2,823
    Location:
    Kanto - Pallet Town
    Country:
    United Kingdom
    I think comex should change the name to st4r [​IMG]

    Anyhowz, jailbreakme.com just uses the PDF reader on ios to plant a 'virus' into the idevice which installs cydia, pretty neat [​IMG]

    And I agree that star makes all other jailbreaks nearly obsolete but some people do prefer using a computer than going to the site, and the fatter the guide the better it looks
     

Share This Page