How to Jailbreak iOS 4.3.1 with PwnageTool on iPhone 4, iPod touch 3G/4G & iPad!

By on March 26, 2011

You can now jailbreak iOS 4.3.1 with PwnageTool on iPhone 4 , iPod touch 3G/4G & iPad 1G. This is a tethered jailbreak which means that after rebooting it you have to boot it again into a jailbroken state.

Update: You can now also jailbreak iOS 4.3.1 with PwnageTool on iPhone 3GS (Old & New Bootroom). The tutorial given below is updated.

Jailbreak iOS 4.3.1

Follow our tutorial posted below to jailbreak iOS 4.3.1 with PwnageTool 4.2, Universal Ramdisk Fixer & the Tethered Boot tool.

Alert Please:

  • Yet no unlock is available for the new baseband on iOS 4.3.1. If you rely on carrier unlock, stay away to update your iPhone to current iOS 4.3.1.
  • If you have an iPad 2, please stay away from recent iOS 4.3.1 until further confirmation.
  • No doubt, Cydia entirely works on iOS 4.3.1
  • According to us, it is a semi tethered jailbreak. In this jailbreak tutorial your baseband will not be upgraded during restore process & hacktivation is fairly supported.

Step-1:

Download iTunes 10.2.1.

Step-2:

Download PwnageTool Bundle for your device;

Extract the above downloaded .zip file and you will get a .bundle file for your device along with the Universal Ramdisk Fixer for iOS 4.3.1.

Step-3:

Place the .bundle file to your Desktop.

Step-4:

Download PwnageTool 4.2 and move it to /Applications directory. Right click it and then choose “Show Package Contents”.

PwnageTool-Jailbreak-iOS-4.3.1

Step-5:

Go to to Contents/Resources/FirmwareBundles/ and paste the .bundle file here from your desktop (Step-3).

Step-6:

Now install the Universal Ramdisk Fixer which will be in the downloaded PwnageTool Bundle .zip file for your device (Step-2).

PwnageTool-Jailbreak-iOS-4.3.1

Step-7:

Now download the iOS 4.3.1 .IPSW file for your device and place it on your desktop.

Step-8:

Launch PwnageTool 4.2 and run it in “Expert Mode”. Then select your device.

Step-9:

Browse for iOS 4.3.1 .IPSW file for your device (Step-7).

Step-10:

Choose “Build” to set up custom iOS 4.3.1 .IPSW firmware file.

PwnageTool-Jailbreak-iOS-4.3.1

Step-11:

Thus PwnageTool creates the custom .IPSW file for your device to which is going to jailbreak right now.

Pwnage-Tool-Jailbreak-iOS-4.3b3

Step-12:

You have to march further for entering your device in DFU mode; follow the instructions given bellow;

  • Hold Power and Home buttons for 10 seconds
  • Release the Power button but continue holding the Home button for 10 additional seconds
  • Your device enters in DFU mode

Pwnage-Tool-Jailbreak-iOS-4.3.1

Step-13:

Go for doing the following set of instructions please;

  • Start iTunes; click the icon from the sidebar in iTunes.
  • Press and hold left “Alt” button on Mac OS X and then click on “Restore”.
  • Don`t click “Update” or “Check for Update”  button in iTunes and release the button gently.
  • iTunes prompts for selection of the location for custom iOS 4.3.1 firmware file.
  • Select the custom iOS 4.3.1 .IPSW file and click “Open”.

Pwnage-Tool-Jailbreak-iOS-4.3b3-6

Step-14:

You have almost done the job at your side. Now just relax, iTunes will do the rest for you. Don`t make any ridiculous move at this stage; just watch the process going on. iTunes will install the new iOS 4.3.1 firmware on your  device, a progress bar indicates the installation progress.

Note: Your device will restart robotically just after the completion of installation process.

Congratulations! You have now successfully done the job to jailbreak your device on iOS 4.3.1.

Booting your device in a Tethered Jailbroken State:

As iOS 4.3.1 jailbreak is tethered, you will have to follow the instructions given below to boot your device in a tethered jailbroken state;

Step-15:

Download tetheredboot.zip tool for Mac OS X and then extract this .zip file.

Step-16:

Create a copy of the custom iOS 4.3.1 .IPSW firmware file for your device.

Step-17:

Change its extension from .ipsw to .zip and then extract this .zip file.

Step-18:

For iPhone 4 Users Only;

Go to /Firmware/dfu/ and then copy kernelcache.release.n90 and iBSS.n90ap.RELEASE.dfu files.

For iPod touch 3G/4G Users Only;

Go to /Firmware/dfu/ and then copy kernelcache.release.n81 and iBSS.n81ap.RELEASE.dfu files.

For iPad Users Only;

Go to /Firmware/dfu/ and then copy kernelcache.release.k48 and iBSS.k48ap.RELEASE.dfu files.

Step-19:

Paste the two copied files along with the tetheredboot tool you downloaded in Step-15 to a new folder on your desktop named “tetheredboot”.

Step-20:

Turn off your device and open Terminal on Mac OS X.

Terminal

Step-21:

For iPhone 4 Users Only;

Run following command in the terminal;

sudo -s

 

Enter your administrator password and then run these commands:

/Users/Hitechanalogy/Downloads/tetheredboot/tetheredboot
/Users/Hitechanalogy/Downloads/tetheredboot/iBSS.n90ap.RELEASE.dfu
/Users/Hitechanalogy/Downloads/tetheredboot/kernelcache.release.n90

You will have to replace “Hitechanalogy” with the name of the user on your Mac. Press enter.

For iPod touch 3G/4G Users Only;

Run following command in the terminal;

sudo -s

 

Enter your administrator password, then run these commands:

/Users/Hitechanalogy/Downloads/tetheredboot/tetheredboot
/Users/Hitechanalogy/Downloads/tetheredboot/iBSS.n81ap.RELEASE.dfu
/Users/Hitechanalogy/Downloads/kernelcache.release.n81

You will have to replace “Hitechanalogy” with the name of the directory on your Mac. Press enter.

For iPad Users Only;

Run following command in the terminal;

sudo -s

 

Enter your administrator password, then run these commands:

/Users/Hitechanalogy/Downloads/tetheredboot/tetheredboot
/Users/Hitechanalogy/Downloads/tetheredboot/iBSS.k48ap.RELEASE.dfu
/Users/Hitechanalogy/Downloads/tetheredboot/kernelcache.release.k48

You will have to replace “Hitechanalogy” with the name of the directory on your Mac. Press enter.

Step-22:

When it asks to enter your device in DFU mode, follow these instructions.

  • Hold Power and Home buttons for 10 seconds
  • Now release the Power button but continue holding the Home button for 10 more seconds
  • You device should now be in DFU mode

Step-23:

Within a few minutes “Exiting libpois0n” will be prompt in the terminal windows indicating that your iPhone 4, iPod touch 3G/4G or iPad 1G will be booted just in a few seconds.

To Get Yourself Updated with the Latest & Hottest Tech News, Join Us On Facebook or Follow Us On Twitter or Check Out Our Google+ Account