Wednesday, 30 November 2011

Apple's Jailbreak Of [IOS5] Using RedSnow


TUTORIAL 


At the present time, the IOS5 jailbreak is tethered on all devices except the old bootrom iPhone 3GS, so make sure you understand what this means, and pay attention to Step 8 of the tutorial which is VERY IMPORTANT 


IOS5 Jailbreak Preparation.

In order to use the tethered redsn0w jailbreak for IOS5, you need to make sure you are starting with an iPhone which is already upgraded to IOS5.



WARNING: - Anyone who relies on a software or hardware unlock solution must be VERY CAREFUL. The baseband of IOS5 cannot currently be unlocked so if you are going to install IOS5 you need to make sure you are taking steps to preserve your baseband by using a custom firmware. This tutorial does NOT cover these options.
If you need a full copy of the IOS5 firmware file to install on your iPhone, download it from

Official Apple IOS Firmware Download Links for iPhone

As a Jailbreaker or hacker you may, from time to time, need a version of IOS which is no longer the current firmware for your device. 
Below are links direct to the Apple download service for all available versions of IOS for the various iPhone models right back to the original! 
Use these links whenever you want to be assured of getting a legitimate official stock firmware.

iPhone4S
5.0.1 http://appldnld.apple.com/iPhone4/04...5_Restore.ipsw
5.0 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw

iPhone4 GSM
5.0.1 http://appldnld.apple.com/iPhone4/04...5_Restore.ipsw
5.0 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw
4.3.5 http://appldnld.apple.com/iPhone4/04...1_Restore.ipsw
4.3.4 http://appldnld.apple.com/iPhone4/04...2_Restore.ipsw
4.3.3 http://appldnld.apple.com/iPhone4/04...2_Restore.ipsw
4.3.2 http://appldnld.apple.com/iPhone4/04...7_Restore.ipsw
4.3.1 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw
4.3 http://appldnld.apple.com/iPhone4/04...0_Restore.ipsw
4.2.1 http://appldnld.apple.com/iPhone4/06...8_Restore.ipsw
4.1 http://appldnld.apple.com/iPhone4/06...7_Restore.ipsw
4.0.2 http://appldnld.apple.com/iPhone4/06...0_Restore.ipsw
4.0.1 http://appldnld.apple.com/iPhone4/06...6_Restore.ipsw
4.0 http://appldnld.apple.com.edgesuite....3_Restore.ipsw

iPhone4 CDMA
5.0.1 http://appldnld.apple.com/iPhone4/04...5_Restore.ipsw
5.0 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw
4.2.10 http://appldnld.apple.com/iPhone4/04...0_Restore.ipsw
4.2.9 http://appldnld.apple.com/iPhone4/04...1_Restore.ipsw
4.2.8 http://appldnld.apple.com/iPhone4/04...1_Restore.ipsw
4.2.7 http://appldnld.apple.com/iPhone4/04...3_Restore.ipsw
4.2.6 http://appldnld.apple.com/iPhone4/04...0_Restore.ipsw

iPhone3GS
5.0.1 http://appldnld.apple.com/iPhone4/04...5_Restore.ipsw
5.0 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw
4.3.5 http://appldnld.apple.com/iPhone4/04...1_Restore.ipsw
4.3.4 http://appldnld.apple.com/iPhone4/04...2_Restore.ipsw
4.3.3 http://appldnld.apple.com/iPhone4/04...2_Restore.ipsw
4.3.2 http://appldnld.apple.com/iPhone4/04...7_Restore.ipsw
4.3.1 http://appldnld.apple.com/iPhone4/04...4_Restore.ipsw
4.3 http://appldnld.apple.com/iPhone4/04...0_Restore.ipsw
4.2.1 http://appldnld.apple.com/iPhone4/06...a_Restore.ipsw
4.1 http://appldnld.apple.com/iPhone4/06...7_Restore.ipsw
4.0.2 http://appldnld.apple.com/iPhone4/06...0_Restore.ipsw
4.0.1 http://appldnld.apple.com/iPhone4/06...6_Restore.ipsw
4.0 http://appldnld.apple.com.edgesuite....3_Restore.ipsw
3.1.3 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
3.1.2 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
3.1 http://appldnld.apple.com.edgesuite....4_Restore.ipsw
3.0.1 http://appldnld.apple.com.edgesuite....0_Restore.ipsw
3.0 http://appldnld.apple.com.edgesuite....1_Restore.ipsw

iPhone3G
4.2.1 http://appldnld.apple.com/iPhone4/06...8_Restore.ipsw
4.1 http://appldnld.apple.com/iPhone4/06...7_Restore.ipsw
4.0.2 http://appldnld.apple.com/iPhone4/06...0_Restore.ipsw
4.0.1 http://appldnld.apple.com/iPhone4/06...6_Restore.ipsw
4.0 http://appldnld.apple.com.edgesuite....3_Restore.ipsw
3.1.3 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
3.1.2 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
3.1 http://appldnld.apple.com.edgesuite....4_Restore.ipsw
3.0.1 http://appldnld.apple.com.edgesuite....0_Restore.ipsw
3.0 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.2.1 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.2 http://appldnld.apple.com.edgesuite....7_Restore.ipsw
2.1 http://appldnld.apple.com.edgesuite....6_Restore.ipsw
2.0.2 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.0.1 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
2.0 http://appldnld.apple.com.edgesuite....7_Restore.ipsw

iPhone (Original)
3.1.3 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
3.1.2 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
3.1 http://appldnld.apple.com.edgesuite....4_Restore.ipsw
3.0.1 http://appldnld.apple.com.edgesuite....0_Restore.ipsw
3.0 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.2.1 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.2 http://appldnld.apple.com.edgesuite....7_Restore.ipsw
2.1 http://appldnld.apple.com.edgesuite....6_Restore.ipsw
2.0.2 http://appldnld.apple.com.edgesuite....1_Restore.ipsw
2.0.1 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
2.0 http://appldnld.apple.com.edgesuite....7_Restore.ipsw
1.1.4 http://appldnld.apple.com.edgesuite....2_Restore.ipsw
1.1.3 http://appldnld.apple.com.edgesuite....3_Restore.ipsw
1.1.2 http://appldnld.apple.com.edgesuite....b_Restore.ipsw
1.1.1 http://appldnld.apple.com.edgesuite....a_Restore.ipsw
1.0.2 http://appldnld.apple.com.edgesuite....8_Restore.ipsw
1.0.1 http://appldnld.apple.com.edgesuite....5_Restore.ipsw
1.0.0 http://appldnld.apple.com.edgesuite....a_Restore.ipsw


NOTE: - If you are jailbreaking 5.0.1 at the time of writing you have to supply redsn0w with a copy of the 5.0 firmware to complete the jailbreak. If you get a message saying redsn0w does not recognise the 5.0.1 firmware file, just download the 5.0 firmware file and use the Extras > Select IPSW option to provide it to redsn0w.
Finally, you will need to download the latest beta version of redsn0w from this link – 
For Windows
For Mac
Always source redsn0w from this site to ensure its authenticity! 

Lets Jailbreak IOS5!
Once your preparation is complete, we can get started on the jailbreak process...

Step 1:
Launch the redsn0w application and you will be presented with a screen as follows:





 Step 2:

With the new versions of redsn0w, almost everything is done automagically for you. Great News! 

Press the "Jailbreak" button and you are good to go...

Step 3:
redsn0w is now ready to analyse your device and apply the jailbreak. You are about to put your device into DFU mode so that redsn0w can gain access to the device via the limera1n bootloader exploit and begin the process. Prepare your device by switching it OFF making sure it is first connected to your PC with the sync cable. You should also shut down iTunes if it is running. Get your iPhone close at hand. You are about to have to perform some key acrobatics to enter DFU mode.
Once you are set, press the "Next >" button and get ready to follow the instructions exactly as they appear...



Step 4:

Three countdowns will now be provided on screen in quick succession. The first one is just for preparation to power on the iPhone and is not important to nail exactly. The other two however are critical and you must follow them perfectly with accurate timing and sequence. Then and only then will your device be in DFU mode (which is a black screen, so there is no way to tell by looking at the device). Ignore what is happening on the iPhone screen, and keep your concentration on your fingers and the instructions from redsn0w. The static screenshots below don't convey the countdown and the fact that each section is greyed out when not active, which is a real help to novices and experts alike.





Practice makes perfect in terms of getting a device into DFU mode. Eventually, you will be able to do it in your sleep, but it can be tricky the first few times. Don't worry, if you screw up, just try again. You can press the "< Back" button at any time to go back to the start of the key sequence. It is easiest for most users to start with the iPhone off, but it is not essential, so don't panic about having to get the iPhone booted and shut down before you try again. Just pretend it is starting from the OFF position if you miss it first time. If you fail several times, shut the iPhone off and take a 5 minute break. Deep breaths, and try again!

One thing to note is that it WILL take time to install device drivers for DFU mode the first time you try it. DONT pull the plug or stop it working. This may result in redsn0w not picking up the device first time, but let your PC finish its thing. On slower Windows machines I have seen it take 45 seconds+ to install DFU mode drivers the first time it tries so redsn0w timings cannot be met on the first run. Windows will have to install drivers every time you try a new USB port, so bear that in mind. Don't get impatient, and don't interrupt the process! Interruption of the device driver installation is the number one reason people complain about their PC not recognising their device!

Step 5:
As soon as redsn0w has identified your iPhone model and the fact that it has IOS5 installed, you should be presented with the jailbreak options as follows…




You much choose "Install Cydia" when you are initially jailbreaking. You can also choose some additional options, such as enabling multitasking gestures. You can add these options at a later date by running redsn0w again, just don't forget to untick "Install Cydia" any subsequent times as you probably don't want to re-jailbreak an already jailbroken device.

Once you have all your options set, press "Next >"

Step 6:
If everything has gone to plan, you can now just sit back, relax, and enjoy, whilst redsn0w does its thing. You should see lots of nice jailbreak related things happing on your iPhone screen after a short while, including an appearance from the famous dev-team pwnapple...




Step 7:
Because you have been applying a TETHERED jailbreak, your iPhone will boot up and you should find the new "Cydia" application icon on your springboard at the end of the list of Apps, BUT IT WILL NOT WORK YET!
The icon is likely to be white, since IOS cannot read the icon of an unsigned app when it has not been properly booted. Remember, this is a tethered jailbreak! If your phone does not boot, or perhaps hangs at the Apple logo, don't panic! Follow on to Step 8. You must boot tethered!




Step 8:
 You now need to perform a "tethered boot", and you will need to REPEAT this step EVERY TIME you reboot the iPhone. I cant' stress that enough. EVERY TIME. 

Go back to the redsn0w main screen and press "Extras". Now you need to press the "Just Boot" button. You will proceed with exactly the same DFU boot process as though you were going to apply the jailbreak again. This is simply redsn0w pwning the boot process.



Now your iPhone should boot and instead of the Apple logo you will see a pineapple!

That's it! You are jailbroken. Congratulations!
Now launch Cydia and start exploring the brave new world!

Don't forget to tethered boot using Step 8 EVERY TIME you reboot your iPhone from now on!

Happy hacking, IOS5 jailbreakers!